[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps [bandit](https://github.com/mtrudel/bandit) from 1.5.7 to 1.6.7.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md">bandit's
changelog</a>.</em></p>
<blockquote>
<h2>1.6.7 (30 Jan 2025)</h2>
<h3>Changes</h3>
<ul>
<li>Consider timeouts when reading HTTP/1 headers as a connection error
and not an HTTP error</li>
<li>Enhance logging for WebSocket deflation errors</li>
</ul>
<h2>1.6.6 (25 Jan 2025)</h2>
<h3>Fixes</h3>
<ul>
<li>Consider closures during HTTP/1 header reading as a socket error to
silence them by default via <code>log_client_closures</code> config
flag</li>
<li>Send <code>connection: close</code> when closing connection on error
per RFC9112§9.6</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>Add experimental opt-in trace logging to help diagnose hard to
reproduce errors</li>
<li>Move CI to 1.18 & improve tests (<a
href="https://redirect.github.com/mtrudel/bandit/issues/459">#459</a>,
<a
href="https://redirect.github.com/mtrudel/bandit/issues/461">#461</a>,
thanks <a
href="https://github.com/grzuy"><code>@grzuy</code></a>!)</li>
</ul>
<h2>1.6.5 (15 Jan 2025)</h2>
<h3>Fixes</h3>
<ul>
<li>Fix regression introduced in 1.6.1 where we would not send headers
set by the Plug during WebSocket upgrades (<a
href="https://redirect.github.com/mtrudel/bandit/issues/458">#458</a>)</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>Properly normalize Erlang errors before emitting telemetry and
logged crash_reason (<a
href="https://redirect.github.com/mtrudel/bandit/issues/455">#455</a>,
thanks <a
href="https://github.com/grzuy"><code>@grzuy</code></a>!)</li>
</ul>
<h2>1.6.4 (11 Jan 2025)</h2>
<h3>Fixes</h3>
<ul>
<li>Fix error in socket setup error handling introduced in 1.6.2 (thanks
<a
href="https://github.com/danielspofford"><code>@danielspofford</code></a>!)</li>
</ul>
<h2>1.6.3 (8 Jan 2025)</h2>
<h3>Fixes</h3>
<ul>
<li>Always close HTTP/1 connection in any case where an error comes out
of the plug (<a
href="https://redirect.github.com/mtrudel/bandit/issues/452">#452</a>,
thanks <a
href="https://github.com/zookzook"><code>@zookzook</code></a>!)</li>
<li>Fix dialyzer warning introduced by Thousand Island 1.3.9</li>
</ul>
<h2>1.6.2 (4 Jan 2025)</h2>
<h3>Enhancements</h3>
<ul>
<li>Send telemetry events on Plugs that throw or exit (<a
href="https://redirect.github.com/mtrudel/bandit/issues/443">#443</a>)</li>
<li>Improve test robustness & speed (<a
href="https://redirect.github.com/mtrudel/bandit/issues/446">#446</a>)</li>
<li>Read a minimal number of bytes when sniffing for protocol (<a
href="https://redirect.github.com/mtrudel/bandit/issues/449">#449</a>)</li>
<li>Add <code>plug</code> and <code>websock</code> to logging metadata
whenever possible (<a
href="https://redirect.github.com/mtrudel/bandit/issues/448">#448</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5879549e6a"><code>5879549</code></a>
Version bump to 1.6.7</li>
<li><a
href="2f55abc702"><code>2f55abc</code></a>
Include details of websocket deflation error</li>
<li><a
href="8f257f1213"><code>8f257f1</code></a>
Consider HTTP/1 header read timeouts as connection errors</li>
<li><a
href="575c396d0b"><code>575c396</code></a>
Version bump to 1.6.6</li>
<li><a
href="137ff68657"><code>137ff68</code></a>
Fixup dialyzer warning under 1.18</li>
<li><a
href="9e6ba262e1"><code>9e6ba26</code></a>
Don't credo test files</li>
<li><a
href="f62faab84a"><code>f62faab</code></a>
Version bump CI to 1.18/27</li>
<li><a
href="a5fcb83590"><code>a5fcb83</code></a>
Minor typo</li>
<li><a
href="5adc828d8c"><code>5adc828</code></a>
Trace tooling (<a
href="https://redirect.github.com/mtrudel/bandit/issues/453">#453</a>)</li>
<li><a
href="bc0a4fdfed"><code>bc0a4fd</code></a>
Use an apply when inducing runtime crashes in order to fool the
increasingly ...</li>
<li>Additional commits viewable in <a
href="https://github.com/mtrudel/bandit/compare/1.5.7...1.6.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [tailwind](https://github.com/phoenixframework/tailwind) from
0.2.3 to 0.2.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/tailwind/blob/main/CHANGELOG.md">tailwind's
changelog</a>.</em></p>
<blockquote>
<h2>v0.2.4 (2024-10-18)</h2>
<ul>
<li>Add version check flag</li>
<li>Fallback to ipv4/ipv6 for unreachable hosts</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="194ab0f979"><code>194ab0f</code></a>
Release v0.2.4</li>
<li><a
href="bcc196ae31"><code>bcc196a</code></a>
Release v0.2.3</li>
<li><a
href="f13003fba9"><code>f13003f</code></a>
fallback to ipv4/ipv6 in the event of an unreachable host error (<a
href="https://redirect.github.com/phoenixframework/tailwind/issues/101">#101</a>)</li>
<li><a
href="f729dc3258"><code>f729dc3</code></a>
Add version check flag (<a
href="https://redirect.github.com/phoenixframework/tailwind/issues/100">#100</a>)</li>
<li><a
href="a4133dd2d5"><code>a4133dd</code></a>
Bump changelog</li>
<li><a
href="9b5ca917ba"><code>9b5ca91</code></a>
Fixup</li>
<li><a
href="271d19526e"><code>271d195</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/tailwind/issues/98">#98</a>
from Gigitsu/hotfix/version-wiht-path</li>
<li><a
href="2b7417e628"><code>2b7417e</code></a>
Don't check version if path is present</li>
<li><a
href="e2d8d3b4db"><code>e2d8d3b</code></a>
Update main.yml</li>
<li><a
href="b8382fbd95"><code>b8382fb</code></a>
Update ExDoc</li>
<li>Additional commits viewable in <a
href="https://github.com/phoenixframework/tailwind/compare/v0.2.3...v0.2.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [wallaby](https://github.com/elixir-wallaby/wallaby) from 0.30.9
to 0.30.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-wallaby/wallaby/releases">wallaby's
releases</a>.</em></p>
<blockquote>
<h2>v0.30.10</h2>
<h2>What's Changed</h2>
<ul>
<li>Only spawn a browser when using the <code>feature</code> macro, not
normal <code>test</code>s by <a
href="https://github.com/s3cur3"><code>@s3cur3</code></a> in <a
href="https://redirect.github.com/elixir-wallaby/wallaby/pull/795">elixir-wallaby/wallaby#795</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/elixir-wallaby/wallaby/compare/v0.30.9...v0.30.10">https://github.com/elixir-wallaby/wallaby/compare/v0.30.9...v0.30.10</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-wallaby/wallaby/blob/main/CHANGELOG.md">wallaby's
changelog</a>.</em></p>
<blockquote>
<h2>v0.30.10</h2>
<ul>
<li>only automatically start sessions for <code>feature</code> test
macros and not every test in a file by <a
href="https://github.com/s3cur3"><code>@s3cur3</code></a> in <a
href="https://redirect.github.com/elixir-wallaby/wallaby/pull/795">elixir-wallaby/wallaby#795</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="70c9e84357"><code>70c9e84</code></a>
chore: bump v0.30.10</li>
<li><a
href="337485e073"><code>337485e</code></a>
chore: update flake.lock</li>
<li><a
href="90c3ca5369"><code>90c3ca5</code></a>
chore: update tool versions</li>
<li><a
href="368cd84506"><code>368cd84</code></a>
docs: add chromedriver issue tracker to readme</li>
<li><a
href="79481d004a"><code>79481d0</code></a>
chore: add flake</li>
<li><a
href="4e87275400"><code>4e87275</code></a>
Only spawn a browser when using the <code>feature</code> macro, not
normal <code>test</code>s (<a
href="https://redirect.github.com/elixir-wallaby/wallaby/issues/795">#795</a>)</li>
<li>See full diff in <a
href="https://github.com/elixir-wallaby/wallaby/compare/v0.30.9...v0.30.10">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [flowbite](https://github.com/themesberg/flowbite) from 2.5.2 to
3.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/themesberg/flowbite/releases">flowbite's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.1</h2>
<ul>
<li>fixed CSS variables markup in plugin</li>
</ul>
<h2>v3.1.0</h2>
<ul>
<li>use CSS variables instead of hex codes in plugin</li>
<li>remove setting dark mode via class strategy in plugin</li>
</ul>
<h2>v3.0.0</h2>
<ul>
<li>upgrade to Tailwind v4</li>
<li>refactor and adapt the Flowbite plugin and UI components to the new
deprecated changes from Tailwind v4</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4ba07d7173"><code>4ba07d7</code></a>
push fixed 3.1.1</li>
<li><a
href="284eb580e3"><code>284eb58</code></a>
fix(plugin): css variables</li>
<li><a
href="e8d4ec7ba7"><code>e8d4ec7</code></a>
docs(README): update</li>
<li><a
href="19c48c69d6"><code>19c48c6</code></a>
chore(3.1.0): upgrade to 3.1.0 release</li>
<li><a
href="89bba922ca"><code>89bba92</code></a>
docs(v4): fix typo</li>
<li><a
href="bf10fed156"><code>bf10fed</code></a>
docs(optimization): update optimization file</li>
<li><a
href="05b270938a"><code>05b2709</code></a>
docs(config): finish config page docs</li>
<li><a
href="6698d47ee2"><code>6698d47</code></a>
docs(configuration): add custom utilities docs</li>
<li><a
href="1a437a3b9c"><code>1a437a3</code></a>
docs(configuration): update config settings for Tailwind v4</li>
<li><a
href="672a8153fd"><code>672a815</code></a>
refactor(dark mode): set dark mode via CSS</li>
<li>Additional commits viewable in <a
href="https://github.com/themesberg/flowbite/compare/v2.5.2...v3.1.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Add docs related to Google directory sync around why there is a need for
a Google Workspace super admin when setting up directory sync.
---------
Signed-off-by: Brian Manifold <bmanifold@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Bumps [credo](https://github.com/rrrene/credo) from 1.7.7 to 1.7.11.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rrrene/credo/releases">credo's
releases</a>.</em></p>
<blockquote>
<h2>v1.7.11</h2>
<p>Check it out on Hex: <a
href="https://hex.pm/packages/credo/1.7.11">https://hex.pm/packages/credo/1.7.11</a></p>
<ul>
<li>Fix compatibility & compiler warnings with Elixir 1.18</li>
<li>Fix crashing for invalid strings in issue messages</li>
<li>Show required Elixir version for skipped checks</li>
<li>Add options <code>:exit_status</code> and <code>:category</code> to
<code>format_issue/2</code> when using <code>Credo.Check</code></li>
<li><code>Credo.Check.Readability.ModuleDoc</code> fixed false
positive</li>
<li><code>Credo.Check.Warning.UnusedEnumOperation</code> fixed false
positive</li>
<li><code>Credo.Check.Refactor.ABCSize</code> fixed false positive for
tuples and underscored matches (<code>_foo</code>)</li>
</ul>
<h2>v1.7.10</h2>
<p>Check it out on Hex: <a
href="https://hex.pm/packages/credo/1.7.10">https://hex.pm/packages/credo/1.7.10</a></p>
<ul>
<li>Maintenance release</li>
</ul>
<h2>v1.7.9</h2>
<p>Check it out on Hex: <a
href="https://hex.pm/packages/credo/1.7.9">https://hex.pm/packages/credo/1.7.9</a></p>
<ul>
<li><code>Credo.Check.Refactor.ABCSize</code> fixed false positive for
pin operator (<code>^</code>)</li>
<li><code>Credo.Check.Readability.FunctionNames</code> fixed false
positive for pow operator (<code>**</code>)</li>
<li>Fixed a bug in <code>Credo.Code.Parameters</code> when couting
parameters for functions with guards</li>
</ul>
<h2>v1.7.8</h2>
<p>Check it out on Hex: <a
href="https://hex.pm/packages/credo/1.7.8">https://hex.pm/packages/credo/1.7.8</a></p>
<ul>
<li><code>Credo.Check.Refactor.Apply</code> fixed false positive</li>
<li><code>Credo.Check.Warning.IoInspect</code> fixed false positive</li>
<li><code>Credo.Check.Warning.UnsafeToAtom</code> fixed false
positive</li>
<li><code>Credo.Check.Readability.FunctionNames</code> fixed false
positive</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rrrene/credo/blob/master/CHANGELOG.md">credo's
changelog</a>.</em></p>
<blockquote>
<h2>1.7.11</h2>
<ul>
<li>Fix compatibility & compiler warnings with Elixir 1.18</li>
<li>Fix crashing for invalid strings in issue messages</li>
<li>Show required Elixir version for skipped checks</li>
<li>Add options <code>:exit_status</code> and <code>:category</code> to
<code>format_issue/2</code> when using <code>Credo.Check</code></li>
<li><code>Credo.Check.Readability.ModuleDoc</code> fixed false
positive</li>
<li><code>Credo.Check.Warning.UnusedEnumOperation</code> fixed false
positive</li>
<li><code>Credo.Check.Refactor.ABCSize</code> fixed false positive for
tuples and underscored matches (<code>_foo</code>)</li>
</ul>
<h2>1.7.10</h2>
<ul>
<li>Maintenance release</li>
</ul>
<h2>1.7.9</h2>
<ul>
<li><code>Credo.Check.Refactor.ABCSize</code> fixed false positive for
pin operator (<code>^</code>)</li>
<li><code>Credo.Check.Readability.FunctionNames</code> fixed false
positive for pow operator (<code>**</code>)</li>
<li>Fixed a bug in <code>Credo.Code.Parameters</code> when couting
parameters for functions with guards</li>
</ul>
<h2>1.7.8</h2>
<ul>
<li><code>Credo.Check.Refactor.Apply</code> fixed false positive</li>
<li><code>Credo.Check.Warning.IoInspect</code> fixed false positive</li>
<li><code>Credo.Check.Warning.UnsafeToAtom</code> fixed false
positive</li>
<li><code>Credo.Check.Readability.FunctionNames</code> fixed false
positive</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="965a59c0e7"><code>965a59c</code></a>
Bump version to 1.7.11</li>
<li><a
href="92a6814df9"><code>92a6814</code></a>
Update CHANGELOG</li>
<li><a
href="7482d13367"><code>7482d13</code></a>
Update GitHub actions</li>
<li><a
href="b02c29220d"><code>b02c292</code></a>
Update to Elixir 1.18.1</li>
<li><a
href="e69dc29f41"><code>e69dc29</code></a>
Merge pull request <a
href="https://redirect.github.com/rrrene/credo/issues/1166">#1166</a>
from Wigny/wigny/add-unusedvariablenames-checks</li>
<li><a
href="dd666fa331"><code>dd666fa</code></a>
Update GitHub actions</li>
<li><a
href="b8cdedc797"><code>b8cdedc</code></a>
Upgrade Elixir to 1.18 on CI etc.</li>
<li><a
href="1f5ae9e2dd"><code>1f5ae9e</code></a>
Merge pull request <a
href="https://redirect.github.com/rrrene/credo/issues/1165">#1165</a>
from rNoz/rnoz/check-format-issue-category</li>
<li><a
href="91350ade08"><code>91350ad</code></a>
Update deps for Elixir 1.18</li>
<li><a
href="327413252b"><code>3274132</code></a>
Check for invalid bytes in issue message</li>
<li>Additional commits viewable in <a
href="https://github.com/rrrene/credo/compare/v1.7.7...v1.7.11">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [observer_cli](https://github.com/zhongwencool/observer_cli) from
1.7.5 to 1.8.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/zhongwencool/observer_cli/releases">observer_cli's
releases</a>.</em></p>
<blockquote>
<h2>1.8.1</h2>
<h2>What's Changed</h2>
<ul>
<li>chore: move xref from rebar.config to code attribute by <a
href="https://github.com/zhongwencool"><code>@zhongwencool</code></a>
in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/106">zhongwencool/observer_cli#106</a></li>
<li>feat: show node name in system pane by <a
href="https://github.com/zhongwencool"><code>@zhongwencool</code></a>
in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/107">zhongwencool/observer_cli#107</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/zhongwencool/observer_cli/compare/1.8.0...1.8.1">https://github.com/zhongwencool/observer_cli/compare/1.8.0...1.8.1</a></p>
<h2>Show process's label and node's dist_stats</h2>
<h2>New Feature:</h2>
<ul>
<li><strong>Process Label Display</strong>: Now shows the process's
label when set using proc_lib:set_label(Label).</li>
<li><strong>System View Update</strong>: Displays the number of bytes in
the output distribution queue, which sits between Erlang code and the
port driver, using the undocumented function
erlang:dist_get_stat/1.</li>
<li>Added support for <!-- raw HTML omitted --> to jump to a specific
process PID.</li>
</ul>
<h2>Bug Fix</h2>
<ul>
<li>Resolved an issue where the Doc View would not display when the OTP
version is 27.</li>
</ul>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0d33bc31ed"><code>0d33bc3</code></a>
feat: show node name in system pane</li>
<li><a
href="a5a35823f5"><code>a5a3582</code></a>
chore: move xref from rebar.config to code attribute</li>
<li><a
href="19b2011397"><code>19b2011</code></a>
bump to 1.8.0 (<a
href="https://redirect.github.com/zhongwencool/observer_cli/issues/105">#105</a>)</li>
<li><a
href="505b3acbaa"><code>505b3ac</code></a>
feat: display process label when otp 27 (<a
href="https://redirect.github.com/zhongwencool/observer_cli/issues/104">#104</a>)</li>
<li>See full diff in <a
href="https://github.com/zhongwencool/observer_cli/compare/1.7.5...1.8.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ex_cldr](https://github.com/elixir-cldr/cldr) from 2.40.1 to
2.40.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-cldr/cldr/releases">ex_cldr's
releases</a>.</em></p>
<blockquote>
<h2>Cldr version 2.40.2</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Support (and automatically configure) Elixir 1.18's JSON module as a
<code>:json_library</code> in the global configuration. Thanks to <a
href="https://github.com/Neophen"><code>@Neophen</code></a> for the
report. Closes <a
href="https://redirect.github.com/elixir-cldr/cldr/issues/247">#247</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-cldr/cldr/blob/main/CHANGELOG.md">ex_cldr's
changelog</a>.</em></p>
<blockquote>
<h2>Cldr v2.40.2</h2>
<p>This is the changelog for Cldr v2.40.2 released on December 23rd,
2024. For older changelogs please consult the release tag on <a
href="https://github.com/elixir-cldr/cldr/tags">GitHub</a></p>
<h3>Bug Fixes</h3>
<ul>
<li>Support (and automatically configure) Elixir 1.18's JSON module as a
<code>:json_library</code> in the global configuration. Thanks to <a
href="https://github.com/Neophen"><code>@Neophen</code></a> for the
report. Closes <a
href="https://redirect.github.com/elixir-cldr/cldr/issues/247">#247</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a4699ef478"><code>a4699ef</code></a>
Support JSON.decode!/1 on Elixir 1.18. Closes <a
href="https://redirect.github.com/elixir-cldr/cldr/issues/147">#147</a></li>
<li><a
href="436c242d69"><code>436c242</code></a>
Merge pull request <a
href="https://redirect.github.com/elixir-cldr/cldr/issues/239">#239</a>
from WurmPeter/fix_cldr_version</li>
<li><a
href="2353141d22"><code>2353141</code></a>
Merge pull request <a
href="https://redirect.github.com/elixir-cldr/cldr/issues/240">#240</a>
from paynegreen/patch-1</li>
<li><a
href="9f0e9792bb"><code>9f0e979</code></a>
Fix changelog typo, add dev_helpers.ex</li>
<li><a
href="fabc4e24df"><code>fabc4e2</code></a>
Minor corrections in the README docs.</li>
<li><a
href="08cca8ed45"><code>08cca8e</code></a>
Bump version of cldr to 45 in README.md</li>
<li><a
href="29ba1d01ba"><code>29ba1d0</code></a>
Fix one more gettext dev backend config</li>
<li><a
href="976164893e"><code>9761648</code></a>
Use Gettext 0.26 and adjust test backends accordingly</li>
<li>See full diff in <a
href="https://github.com/elixir-cldr/cldr/compare/v2.40.1...v2.40.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Updates the Resource's pagination cursor such that the default cursor
(with no HTTP params applied) uses `{:resources, :asc, :name}` as the
default, which correctly updates all Resources live tables to sort by
`name`.
The reason this is updated at the Query layer is because I wanted to
achieve this without populating URL params by default, and still
allowing the sort icon to properly reflect the default sort order upon
page load, which it does.
My initial attempt went down the path of updating `assign_live_table/3`
to take a `default_order_by` option. That didn't work because upon page
load we `handle_params` which resets the ordering immediately based on
the URL params.
Rather than update the UI code to track even more state in order to use
`default_order_by` when the `order_by` param is not specified, I opted
to updated the Query module instead which the UI uses.
Fixes#7842
We've gotten feedback recently that the expiration field causes
confusion among auditors who assume it has actual security relevance.
In reality, this is simply the maximum amount of time a connection
between Client and Gateway will stay alive for, and it has no relation
to "sessions" from a security perspective. As such, it's removed, and
the table renamed "Recent connections" to better name what these are.
The `expiration` column is also removed because this is not actionable
by the admin or end-user. In nearly all cases, the connection will have
been "expired" by some other means naturally, such as toggling Firezone
on/off or a policy or resource change. In other words, we do not rely on
this `expiration` field to enforce any security-related timeout.
Fixes#7712
Bumps [phoenix_ecto](https://github.com/phoenixframework/phoenix_ecto)
from 4.6.2 to 4.6.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/phoenix_ecto/blob/main/CHANGELOG.md">phoenix_ecto's
changelog</a>.</em></p>
<blockquote>
<h2>v4.6.3</h2>
<ul>
<li>
<p>Enhancements</p>
<ul>
<li>Add prefix option to check repo status plug</li>
</ul>
</li>
<li>
<p>Bug fix</p>
<ul>
<li>Fix map.field notation warning on Elixir 1.17</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="edbf0d36da"><code>edbf0d3</code></a>
Release v4.6.3</li>
<li><a
href="fe00d3d095"><code>fe00d3d</code></a>
Add prefix option to check repo status plug (<a
href="https://redirect.github.com/phoenixframework/phoenix_ecto/issues/181">#181</a>)</li>
<li><a
href="b44088aed2"><code>b44088a</code></a>
Fix map.field notation warning on Elixir 1.17 (<a
href="https://redirect.github.com/phoenixframework/phoenix_ecto/issues/180">#180</a>)</li>
<li><a
href="b6f618d333"><code>b6f618d</code></a>
Fix language (<a
href="https://redirect.github.com/phoenixframework/phoenix_ecto/issues/179">#179</a>)</li>
<li><a
href="945de21681"><code>945de21</code></a>
fix matrix key</li>
<li><a
href="32a4270f98"><code>32a4270</code></a>
fix branch name in CI</li>
<li><a
href="3e325d3e52"><code>3e325d3</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/phoenix_ecto/issues/178">#178</a>
from kianmeng/ci-housekeeping</li>
<li><a
href="6be9c3dc77"><code>6be9c3d</code></a>
CI housekeeping</li>
<li>See full diff in <a
href="https://github.com/phoenixframework/phoenix_ecto/compare/v4.6.2...v4.6.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Dependabot is having issues figuring out the opentelemetry bumps due to
a [package pull](https://github.com/firezone/firezone/pull/7788), so
this PR aims to alleviate that as a one-off fix.
This bumps a few deps' major versions. Nothing jumped out at first
glance when I reviewed the changelogs, but I figured we'll have a better
idea when this goes out to staging since OTLP is basically disabled in
dev/test.
Why:
* The fallback controller in the API was not catching `{:error,
:seat_limit_reached}` being returned and was then generating a 500
response when this happened. This commit adds the condition in the
fallback controller and adds a new template for a more specific error
message in the returned JSON.
Bumps [phoenix_html](https://github.com/phoenixframework/phoenix_html)
from 4.1.1 to 4.2.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/phoenix_html/blob/main/CHANGELOG.md">phoenix_html's
changelog</a>.</em></p>
<blockquote>
<h2>4.2.0 (2024-12-28)</h2>
<ul>
<li>
<p>Enhancements</p>
<ul>
<li>Add <code>Phoenix.HTML.css_escape/1</code> to escape strings for use
inside CSS selectors</li>
<li>Add the ability to pass <code>:hr</code> to
<code>options_for_select/2</code> to render a horizontal rule</li>
</ul>
</li>
<li>
<p>Bug fixes</p>
<ul>
<li>Pass form action through in FormData implementation</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b7fd6b7ba7"><code>b7fd6b7</code></a>
Release v4.2.0</li>
<li><a
href="687cca874b"><code>687cca8</code></a>
Fix warnings on Elixir v1.19</li>
<li><a
href="b6d63e7908"><code>b6d63e7</code></a>
Document and pass through option accordingly</li>
<li><a
href="a8262adb45"><code>a8262ad</code></a>
update changelog</li>
<li><a
href="c1ad602073"><code>c1ad602</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/phoenix_html/issues/452">#452</a>
from phoenixframework/sd-css-escape</li>
<li><a
href="6b67a083f1"><code>6b67a08</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/phoenix_html/issues/451">#451</a>
from gilbertbw/gbw-hr</li>
<li><a
href="465c303eb9"><code>465c303</code></a>
Update lib/phoenix_html/form.ex</li>
<li><a
href="cdbc402aa4"><code>cdbc402</code></a>
add Phoenix.HTML.css_escape/1</li>
<li><a
href="2cea68e982"><code>2cea68e</code></a>
Fix formatting</li>
<li><a
href="d30c20b659"><code>d30c20b</code></a>
Add <hr/> to options_for_select</li>
<li>Additional commits viewable in <a
href="https://github.com/phoenixframework/phoenix_html/compare/v4.1.1...v4.2.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [dialyxir](https://github.com/jeremyjh/dialyxir) from 1.4.3 to
1.4.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jeremyjh/dialyxir/releases">dialyxir's
releases</a>.</em></p>
<blockquote>
<h2>1.4.5</h2>
<h3>Fixed</h3>
<ul>
<li>Crash when default ignore file missing and custom file
specified</li>
<li>Revert format option ignore_file_string to ignore_file_strict</li>
</ul>
<h2>1.4.4</h2>
<h3>Fixed</h3>
<ul>
<li>Invalid contract formatting failed on OTP 26 & later.</li>
<li>Empty ignore files are ignored.</li>
<li>Several improvements and corrections to documentation.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Updated Erlex minimum version to 0.27, bringing in several fixes and
improvements.</li>
</ul>
<h3>Added</h3>
<ul>
<li>Multiple formatters can be used in the same invocation.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jeremyjh/dialyxir/blob/master/CHANGELOG.md">dialyxir's
changelog</a>.</em></p>
<blockquote>
<h2>Unreleased changes post [1.4.5]</h2>
<h2>[1.4.5] - 2024-11-17</h2>
<h3>Fixed</h3>
<ul>
<li>Crash when default ignore file missing and custom file
specified</li>
<li>Revert format option ignore_file_string to ignore_file_strict</li>
</ul>
<h2>[1.4.4] - 2024-09-28</h2>
<h3>Fixed</h3>
<ul>
<li>Invalid contract formatting failed on OTP 26 & later.</li>
<li>Empty ignore files are ignored.</li>
<li>Several improvements and corrections to documentation.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Updated Erlex minimum version to 0.27, bringing in several fixes and
improvements.</li>
</ul>
<h3>Added</h3>
<ul>
<li>Multiple formatters can be used in the same invocation.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="501ecd732b"><code>501ecd7</code></a>
Release 1.4.5</li>
<li><a
href="7fadd55027"><code>7fadd55</code></a>
Merge pull request <a
href="https://redirect.github.com/jeremyjh/dialyxir/issues/549">#549</a>
from pdm-jd/pdm-jd/fix/crash-on-custom-ignore-file</li>
<li><a
href="621fc4aded"><code>621fc4a</code></a>
fix: mix dialyzer crashes when a custom ignore file provided that
doesn't mat...</li>
<li><a
href="b960c7d545"><code>b960c7d</code></a>
Merge pull request <a
href="https://redirect.github.com/jeremyjh/dialyxir/issues/547">#547</a>
from neel-desh/bugfix/rename-format-option</li>
<li><a
href="bc8852ed8a"><code>bc8852e</code></a>
Bugfix: Revert format option ignore_file_string to
ignore_file_strict</li>
<li><a
href="3768413c94"><code>3768413</code></a>
Merge pull request <a
href="https://redirect.github.com/jeremyjh/dialyxir/issues/543">#543</a>
from lnenad/master</li>
<li><a
href="c7234e7e63"><code>c7234e7</code></a>
Add a check whether default_ignore file is empty during execution and
ignores...</li>
<li><a
href="b69c5d8954"><code>b69c5d8</code></a>
Fix matching of invalid_contract args. (<a
href="https://redirect.github.com/jeremyjh/dialyxir/issues/541">#541</a>)</li>
<li><a
href="4d76fe921c"><code>4d76fe9</code></a>
Support multiple formatters (<a
href="https://redirect.github.com/jeremyjh/dialyxir/issues/538">#538</a>)</li>
<li><a
href="d8cb107f85"><code>d8cb107</code></a>
Merge pull request <a
href="https://redirect.github.com/jeremyjh/dialyxir/issues/540">#540</a>
from kianmeng/ci-housekeeping</li>
<li>Additional commits viewable in <a
href="https://github.com/jeremyjh/dialyxir/compare/1.4.3...1.4.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Dependabot's workflow is set up in such a way it seems that it can't
find our `sha.exs` file.
This is a cleaner approach that doesn't rely on using external files for
the application version.
Interesting note: `mix compile` will happily use the cached `version`
even though it's computed from an env var, because `mix compile` uses
file hash and mtime to know when to recompile.
See https://github.com/firezone/firezone/network/updates/942719116
Why:
* An IdP sync can fail for different reasons and because of this we
previously put a threshold on when to send the first 'IdP sync failed'
email, which was set at 10 failed sync attempts. One thing that was
accidentally overlooked was that on one specific failure type (i.e. 401
- Unauthorized) the Firezone sync was automatically disabled and not
tried from that point forward. Unfortunately, that meant an email did
not get sent out because the threshold was not met. This PR resolves
that by making sure the 401 error will send out an email immediately,
while keeping the 10 failed sync threshold for all other errors.
Closes: #7725
Bumps
[@fontsource/source-sans-3](https://github.com/fontsource/font-files/tree/HEAD/fonts/google/source-sans-3)
from 5.1.0 to 5.1.1.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/fontsource/font-files/commits/HEAD/fonts/google/source-sans-3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#7522 won't successfully complete on production because of the migration
in this PR. So, instead, we need to modify this migration, and then
manually apply the same operation to staging.
Why:
* Currently, when using the API, a user has no way of easily identifying
what identities they are pulling back as the response only includes the
`provider_identifier` which for most of our AuthProviders is an ID for
the IdP and not an email address. Along with that, when adding users to
an OIDC provider within Firezone, there is no check for whether or not
an identity has already been added with a given email address. By
creating a separate email column on the `auth_identities` table, it will
be very straight forward to know whether an email address exists for a
given identity, return it in an API response and allow the admin of a
Firezone account to track users (Identities) by email rather than IdP
identifier.
Fixes#7392
Why:
* The API endpoint for updating Resources was using
`Resources.fetch_resource_by_id_or_persistent_id`, however that function
was fetching all Resources, which included deleted Resources. In order
to prevent an API user from attempting to update a Resource that is
deleted, a new function was added to fetch active Resources only.
Fixes: #7492
Hi @firezone/engineering , this is the following of
https://github.com/firezone/firezone/pull/6649
I forgot that people can be member of multiple OUs, this PR aims to add
support for this.
Imagine I have this OU architecture in my google workspace:
```mermaid
flowchart TD
A[Employees] --> B[Engineering]
A --> C[HR]
B --> D[Devs]
B --> E[Ops]
D --> F{me}
```
Currently in Firezone, I will only be a member of the Firezone Group
`OU: Devs`.
With this PR: I will be a member of `OU: Devs`, `OU: Engineering` and
`OU: Employees`
Co-authored-by: Antoine <antoinelabarussias@gmail.com>
Why:
* The portal currently shows API clients in the Actors index list. Each
Actor in the list has a link to their own 'show' page. Prior to this
commit, selecting an API client from the list would result an error.
While API clients are technically an Actor, they aren't quite the same
as all other Actors because they are only used to configure the portal
for a given account. Because of this, they don't have the same
information to show as all other Actors. This commit sets the 'show' URL
for API clients to the 'settings' page to show the proper info for the
API client.
Fixes: #7370
Why:
* Recently we had an issue where a customer's payment info was
incorrectly entered, which caused the payment to not go through. When
something like this happens Stripe will send an update event with a
pending_update section (which we do not use currently). When the
customer fixes the payment info, and payment goes through we get another
update event with the correct subscription info, however, the previous
update (with the pending section) then gets expired and a
`pending_update_expired` event is sent to us. We had been inadvertantly
catching the event and updating the specified account with the info in
the event (which happened to be the previous state of the subscription)
Fixes: #7352
This ensure that we run prettier across all supported filetypes to check
for any formatting / style inconsistencies. Previously, it was only run
for files in the website/ directory using a deprecated pre-commit
plugin.
The benefit to keeping this in our pre-commit config is that devs can
optionally run these checks locally with `pre-commit run --config
.github/pre-commit-config.yaml`.
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Why:
* Two of the email templates using an `<a>` tag were not properly
interpolating a view variable. This happened when the templates were
moved from the `web` app using `.heex` files to the `domain` app using
`.eex` files.
Fixes#7294
Why:
* The Firezone website is hosting the component versions at the moment
and due to how Vercel works, occassionally a request will
timeout when being made to the /api/versions endpoint. This had been
throwing an error in the elixir logs and triggering an alert, but
because there is always a default set of component version values in
the elixir app there isn't really a need for an error/alert. With
that in mind the log level will be set to `warning` rather than
`error`.
Closes#7233
In order for the firezone terraform provider to work properly, the
Resources and Policies need to be able to be referenced by their
`persistent_id`, specifically in the portal API.
This PR implements the new idempotent control protocol for the gateway.
We retain backwards-compatibility with old clients to allow admins to
perform a disruption-free update to the latest version.
With this new control protocol, we are moving the responsibility of
exchanging the proxy IPs we assigned to DNS resources to a p2p protocol
between client and gateway. As a result, wildcard DNS resources only get
authorized on the first access. Accessing a new domain within the same
resource will thus no longer require a roundtrip to the portal.
Overall, users will see a greatly decreased connection setup latency. On
top of that, the new protocol will allow us to more easily implement
packet buffering which will be another UX boost for Firezone.
TODOs:
- [x] Switch to sending messages instead of replies
- [ ] Do not hide pre-filtered resources and render them with an error
instead (in case we will want to expose that on a client later)
- [x] Figure out how to generate PSK so that it stays across WS
connections
