Bumps [serde](https://github.com/serde-rs/serde) from 1.0.223 to
1.0.228.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/serde/releases">serde's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.228</h2>
<ul>
<li>Allow building documentation with
<code>RUSTDOCFLAGS='--cfg=docsrs'</code> set for the whole dependency
graph (<a
href="https://redirect.github.com/serde-rs/serde/issues/2995">#2995</a>)</li>
</ul>
<h2>v1.0.227</h2>
<ul>
<li>Documentation improvements (<a
href="https://redirect.github.com/serde-rs/serde/issues/2991">#2991</a>)</li>
</ul>
<h2>v1.0.226</h2>
<ul>
<li>Deduplicate variant matching logic inside generated Deserialize impl
for adjacently tagged enums (<a
href="https://redirect.github.com/serde-rs/serde/issues/2935">#2935</a>,
thanks <a
href="https://github.com/Mingun"><code>@Mingun</code></a>)</li>
</ul>
<h2>v1.0.225</h2>
<ul>
<li>Avoid triggering a deprecation warning in derived Serialize and
Deserialize impls for a data structure that contains its own
deprecations (<a
href="https://redirect.github.com/serde-rs/serde/issues/2879">#2879</a>,
thanks <a
href="https://github.com/rcrisanti"><code>@rcrisanti</code></a>)</li>
</ul>
<h2>v1.0.224</h2>
<ul>
<li>Remove private types being suggested in rustc diagnostics (<a
href="https://redirect.github.com/serde-rs/serde/issues/2979">#2979</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a866b336f1"><code>a866b33</code></a>
Release 1.0.228</li>
<li><a
href="5adc9e816c"><code>5adc9e8</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2995">#2995</a>
from dtolnay/rustdocflags</li>
<li><a
href="ab581789f4"><code>ab58178</code></a>
Workaround for RUSTDOCFLAGS='--cfg=docsrs'</li>
<li><a
href="415d9fc560"><code>415d9fc</code></a>
Release 1.0.227</li>
<li><a
href="7c58427e12"><code>7c58427</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2991">#2991</a>
from dtolnay/inlinecoredoc</li>
<li><a
href="9d3410e3f4"><code>9d3410e</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2992">#2992</a>
from dtolnay/inplaceseed</li>
<li><a
href="2fb6748bf1"><code>2fb6748</code></a>
Remove InPlaceSeed public re-export</li>
<li><a
href="f8137c79a2"><code>f8137c7</code></a>
Inline serde_core into serde in docsrs mode</li>
<li><a
href="b7dbf7e3cb"><code>b7dbf7e</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2990">#2990</a>
from dtolnay/integer128</li>
<li><a
href="7c836915fc"><code>7c83691</code></a>
No longer macro_use integer128 module</li>
<li>Additional commits viewable in <a
href="https://github.com/serde-rs/serde/compare/v1.0.223...v1.0.228">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
In order to make the flow logs emitted by the Gateway more useful and
self-contained, we extend the `authorize_flow` message sent to the
Gateway with some more context around the Client and Actor of that flow.
In particular, we now also send the following to the Gateway:
- `client_version`
- `device_os_version`
- `device_os_name`
- `device_serial`
- `device_uuid`
- `device_identifier_for_vendor`
- `device_firebase_installation_id`
- `identity_id`
- `identity_name`
- `actor_id`
- `actor_email`
We only extend the `authorize_flow` message with these additional
properties. The legacy messages for 1.3.x Clients remain as is. For
those Clients, the above properties will be empty in the flow logs.
Resolves: #10690
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps the netlink group in /rust with 3 updates:
[netlink-packet-core](https://github.com/rust-netlink/netlink-packet-core),
[netlink-packet-route](https://github.com/rust-netlink/netlink-packet-route)
and [rtnetlink](https://github.com/rust-netlink/rtnetlink).
Updates `netlink-packet-core` from 0.7.0 to 0.8.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-core/releases">netlink-packet-core's
releases</a>.</em></p>
<blockquote>
<h2>New release 0.8.1</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Revert back to paste dependency. (4447216)</li>
</ul>
<h2>New release 0.8.0</h2>
<h3>Breaking changes</h3>
<ul>
<li>Changed <code>DecodeError</code> from enum to struct. (f55d7b7,
63da36a)</li>
<li>Merged <code>netlink-packet-utils</code> into
<code>netlink-packet-core</code>. (f55d7b7, 0951455,
ba127bf, a232478, 8027f63, 41fe03d, 260e596, cc6bf08, 63da36a,
410c61d)</li>
<li>Remove dependency of byteorder crate. (16d63fb)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support zero sized done message. (100413a)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-core/blob/main/CHANGELOG">netlink-packet-core's
changelog</a>.</em></p>
<blockquote>
<h2>[0.8.1] - 2025-09-18</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Revert back to paste dependency. (4447216)</li>
</ul>
<h2>[0.8.0] - 2025-08-27</h2>
<h3>Breaking changes</h3>
<ul>
<li>Changed <code>DecodeError</code> from enum to struct. (f55d7b7,
63da36a)</li>
<li>Merged <code>netlink-packet-utils</code> into
<code>netlink-packet-core</code>. (f55d7b7, 0951455,
ba127bf, a232478, 8027f63, 41fe03d, 260e596, cc6bf08, 63da36a,
410c61d)</li>
<li>Remove dependency of byteorder crate. (16d63fb)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support zero sized done message. (100413a)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e34595f54f"><code>e34595f</code></a>
New release 0.8.1</li>
<li><a
href="44472161c5"><code>4447216</code></a>
Revert back to paste dependency</li>
<li><a
href="b40f3d616f"><code>b40f3d6</code></a>
New release 0.8.0</li>
<li><a
href="46a3fee30b"><code>46a3fee</code></a>
Run cargo fmt</li>
<li><a
href="100413a1b7"><code>100413a</code></a>
Support zero sized done message</li>
<li><a
href="81b2d0f406"><code>81b2d0f</code></a>
CI: Fail to test for clippy warnings</li>
<li><a
href="663310a04c"><code>663310a</code></a>
Revert "ci: add code coverage support"</li>
<li><a
href="16d63fb0a8"><code>16d63fb</code></a>
Remove dependency of byteorder crate</li>
<li><a
href="410c61db71"><code>410c61d</code></a>
Changed Parseable to raise DecodeError</li>
<li><a
href="63da36a2fc"><code>63da36a</code></a>
Extend ErrorContext to accept <code>std::fmt::Display</code></li>
<li>Additional commits viewable in <a
href="https://github.com/rust-netlink/netlink-packet-core/compare/v0.7.0...v0.8.1">compare
view</a></li>
</ul>
</details>
<br />
Updates `netlink-packet-route` from 0.24.0 to 0.25.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-route/releases">netlink-packet-route's
releases</a>.</em></p>
<blockquote>
<h2>New release 0.25.1</h2>
<h3>Breaking changes</h3>
<ul>
<li>Set minimum supported rust version to 1.77. (6bd5418)</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix compiling error on rust 1.77. (6bd5418)</li>
</ul>
<h2>New release 0.25.0</h2>
<h3>Breaking changes</h3>
<ul>
<li>Drop the dependency on <code>netlink-packet-utils</code>.
(e09acbd)</li>
<li>Add <code>non_exhaustive</code> to these bond options: (eacf67f)
<ul>
<li><code>BondArpValidate</code></li>
<li><code>BondPrimaryReselect</code></li>
<li><code>BondXmitHashPolicy</code></li>
<li><code>BondArpAllTargets</code></li>
<li><code>BondFailOverMac</code></li>
</ul>
</li>
<li>Changed <code>AfSpecInet6::AddrGenMode</code> to enum.
(7daf895)</li>
<li>Changed <code>LinkAttribute::Mode</code> to enum. (be2796c)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support <code>LWTUNNEL_ENCAP_IP6</code>. (0e49453)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Expose In6AddrGenMode. (faf9d39)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-route/blob/main/CHANGELOG">netlink-packet-route's
changelog</a>.</em></p>
<blockquote>
<h2>[0.25.1] - 2025-08-29</h2>
<h3>Breaking changes</h3>
<ul>
<li>Set minimum supported rust version to 1.77. (6bd5418)</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix compiling error on rust 1.77. (6bd5418)</li>
</ul>
<h2>[0.25.0] - 2025-08-27</h2>
<h3>Breaking changes</h3>
<ul>
<li>Drop the dependency on <code>netlink-packet-utils</code>.
(e09acbd)</li>
<li>Add <code>non_exhaustive</code> to these bond options: (eacf67f)
<ul>
<li><code>BondArpValidate</code></li>
<li><code>BondPrimaryReselect</code></li>
<li><code>BondXmitHashPolicy</code></li>
<li><code>BondArpAllTargets</code></li>
<li><code>BondFailOverMac</code></li>
</ul>
</li>
<li>Changed <code>AfSpecInet6::AddrGenMode</code> to enum.
(7daf895)</li>
<li>Changed <code>LinkAttribute::Mode</code> to enum. (be2796c)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support <code>LWTUNNEL_ENCAP_IP6</code>. (0e49453)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Expose In6AddrGenMode. (faf9d39)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e3dc02da86"><code>e3dc02d</code></a>
New release 0.25.1</li>
<li><a
href="4dfe87d7cb"><code>4dfe87d</code></a>
CI: Change MSRV test not using metric</li>
<li><a
href="6bd5418da9"><code>6bd5418</code></a>
Set minimum supported rust version to 1.77</li>
<li><a
href="a473cca426"><code>a473cca</code></a>
New release 0.25.0</li>
<li><a
href="e09acbd440"><code>e09acbd</code></a>
Use netlink-packet-core 0.8.0</li>
<li><a
href="faf9d390f2"><code>faf9d39</code></a>
Fix private In6AddrGenMode</li>
<li><a
href="eacf67f90f"><code>eacf67f</code></a>
link: Add <code>non_exhaustive</code> to bond classes</li>
<li><a
href="eef9be7e7c"><code>eef9be7</code></a>
Add example code of dumping routes</li>
<li><a
href="0e49453468"><code>0e49453</code></a>
Add support for LWTUNNEL_ENCAP_IP6</li>
<li><a
href="7daf895552"><code>7daf895</code></a>
Change AddrGenMode into enum</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-netlink/netlink-packet-route/compare/v0.24.0...v0.25.1">compare
view</a></li>
</ul>
</details>
<br />
Updates `rtnetlink` from 0.17.0 to 0.18.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/rtnetlink/releases">rtnetlink's
releases</a>.</em></p>
<blockquote>
<h2>New release 0.18.1</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>route: Support defining ECMP weight. (7fcba62)</li>
<li>route: Support defining ECMP flags. (18c4331)</li>
<li>route: allow IPv6 gateway in IPv4 route. (e1784a3)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
<h2>New release 0.18.0</h2>
<h3>Breaking changes</h3>
<ul>
<li>Please check <code>netlink-packet-route</code> 0.25.0 breaking
changes.</li>
<li>Please check <code>netlink-packet-core</code> 0.8.0 breaking
changes.</li>
<li>Please check <code>netlink-proto</code> 0.12.0 breaking
changes.</li>
<li>Removed <code>rtnetlink::packet_utils</code>. (9373d77)</li>
</ul>
<h3>New features</h3>
<ul>
<li>ip: Introduced <code>AddressMessageBuilder</code>. (1fe2569)</li>
<li>macsec: Introduced <code>LinkMacSec</code>. (b9dd9d9)</li>
<li>Allow the user to specify their own socket. (6547f22)</li>
<li>Allow <code>TrafficGetFilterRequest</code> to get ingress or egress
filters. (45f9206)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Replace <code>impl TryStream</code> with <code>impl Stream</code>.
(513e8c3)</li>
<li>Fix android build. (3e270c6)</li>
<li>Should not set <code>NLM_F_EXCL</code> when deleting alt-name.
(7dd58dd)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/rtnetlink/blob/main/CHANGELOG">rtnetlink's
changelog</a>.</em></p>
<blockquote>
<h2>[0.18.1] - 2025-09-09</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>route: Support defining ECMP weight. (7fcba62)</li>
<li>route: Support defining ECMP flags. (18c4331)</li>
<li>route: allow IPv6 gateway in IPv4 route. (e1784a3)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
<h2>[0.18.0] - 2025-08-27</h2>
<h3>Breaking changes</h3>
<ul>
<li>Please check <code>netlink-packet-route</code> 0.25.0 breaking
changes.</li>
<li>Please check <code>netlink-packet-core</code> 0.8.0 breaking
changes.</li>
<li>Please check <code>netlink-proto</code> 0.12.0 breaking
changes.</li>
<li>Removed <code>rtnetlink::packet_utils</code>. (9373d77)</li>
</ul>
<h3>New features</h3>
<ul>
<li>ip: Introduced <code>AddressMessageBuilder</code>. (1fe2569)</li>
<li>macsec: Introduced <code>LinkMacSec</code>. (b9dd9d9)</li>
<li>Allow the user to specify their own socket. (6547f22)</li>
<li>Allow <code>TrafficGetFilterRequest</code> to get ingress or egress
filters. (45f9206)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Replace <code>impl TryStream</code> with <code>impl Stream</code>.
(513e8c3)</li>
<li>Fix android build. (3e270c6)</li>
<li>Should not set <code>NLM_F_EXCL</code> when deleting alt-name.
(7dd58dd)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e28f321f40"><code>e28f321</code></a>
New release 0.18.1</li>
<li><a
href="18c433148d"><code>18c4331</code></a>
rotue: Add <code>RouteNextHopBuilder::flags()</code></li>
<li><a
href="e1784a308b"><code>e1784a3</code></a>
route: allow IPv6 gateway in IPv4 route</li>
<li><a
href="7fcba62c1c"><code>7fcba62</code></a>
route: Support defining ECMP weight</li>
<li><a
href="e1184c005f"><code>e1184c0</code></a>
New release 0.18.0</li>
<li><a
href="9373d773d9"><code>9373d77</code></a>
Use latest rust-netlink crates</li>
<li><a
href="96d381efa8"><code>96d381e</code></a>
Fix cargo fmt and cargo clippy warnings</li>
<li><a
href="1fe25698f4"><code>1fe2569</code></a>
Create AddressMessageBuilder</li>
<li><a
href="6485710c84"><code>6485710</code></a>
Fix document code for Macsec</li>
<li><a
href="c7598bef13"><code>c7598be</code></a>
fix format</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-netlink/rtnetlink/compare/v0.17.0...v0.18.1">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [secrecy](https://github.com/iqlusioninc/crates) from 0.8.0 to
0.10.3.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/iqlusioninc/crates/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Bumps [proptest-state-machine](https://github.com/proptest-rs/proptest)
from 0.4.0 to 0.5.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2885bc2f3d"><code>2885bc2</code></a>
new releases for proptest, proptest-macro, and state-machine</li>
<li><a
href="a85563f3cc"><code>a85563f</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/584">#584</a>
from wojciech-graj/main</li>
<li><a
href="5331517f52"><code>5331517</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/596">#596</a>
from alexanderkjall/fix-arithmetic-overflow</li>
<li><a
href="157f3c083f"><code>157f3c0</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/595">#595</a>
from ebegumisa/main</li>
<li><a
href="02fa1fcc45"><code>02fa1fc</code></a>
changelog: add <a
href="https://redirect.github.com/proptest-rs/proptest/issues/595">#595</a></li>
<li><a
href="27fd76fbbc"><code>27fd76f</code></a>
fix for 32 bit processors</li>
<li><a
href="d1716ca7b4"><code>d1716ca</code></a>
Add <code>ReferenceStateMachine</code> arg to
<code>SystemUnderTest::teardown</code></li>
<li><a
href="ea4ddeb0a8"><code>ea4ddeb</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/594">#594</a>
from proptest-rs/attr-macro-preserve-arg-names</li>
<li><a
href="f80c1e6e8d"><code>f80c1e6</code></a>
fix shorthand struct initialization lint</li>
<li><a
href="b7590fa642"><code>b7590fa</code></a>
add new test for complex patterns</li>
<li>Additional commits viewable in <a
href="https://github.com/proptest-rs/proptest/compare/proptest-state-machine-0.4.0...proptest-state-machine-0.5.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [tokio-tungstenite](https://github.com/snapview/tokio-tungstenite)
from 0.27.0 to 0.28.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/snapview/tokio-tungstenite/blob/master/CHANGELOG.md">tokio-tungstenite's
changelog</a>.</em></p>
<blockquote>
<h1>0.28.0</h1>
<ul>
<li>Update <code>tungstenite</code> to <code>0.18.0</code>. See <a
href="https://github.com/snapview/tungstenite-rs/blob/master/CHANGELOG.md"><code>tungstenite</code>
release</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="35d110c24c"><code>35d110c</code></a>
Implement into_inner to get the underlying stream (<a
href="https://redirect.github.com/snapview/tokio-tungstenite/issues/367">#367</a>)</li>
<li><a
href="f3ae75d1de"><code>f3ae75d</code></a>
Update <code>tungstenite</code> version and fix bugs</li>
<li><a
href="25b544e43f"><code>25b544e</code></a>
Allow getting a reference to the shared inner stream (<a
href="https://redirect.github.com/snapview/tokio-tungstenite/issues/363">#363</a>)</li>
<li>See full diff in <a
href="https://github.com/snapview/tokio-tungstenite/compare/v0.27.0...v0.28.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[getsentry/action-release](https://github.com/getsentry/action-release)
from 3.2.0 to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/action-release/releases">getsentry/action-release's
releases</a>.</em></p>
<blockquote>
<h2>3.3.0</h2>
<h3>Various fixes & improvements</h3>
<ul>
<li>chore: pin cache action (<a
href="https://redirect.github.com/getsentry/action-release/issues/290">#290</a>)
by <a href="https://github.com/saibotk"><code>@saibotk</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/action-release/blob/master/CHANGELOG.md">getsentry/action-release's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>3.3.0</h2>
<h3>Various fixes & improvements</h3>
<ul>
<li>chore: pin cache action (<a
href="https://redirect.github.com/getsentry/action-release/issues/290">#290</a>)
by <a href="https://github.com/saibotk"><code>@saibotk</code></a></li>
<li>chore: Set docker tag for master [skip ci] (ae1d1cd5) by <a
href="https://github.com/getsantry"><code>@getsantry</code></a>[bot]</li>
</ul>
<h2>3.2.0</h2>
<h3>Various fixes & improvements</h3>
<ul>
<li>chore: Set docker tag for master [skip ci] (e8340952) by <a
href="https://github.com/getsantry"><code>@getsantry</code></a>[bot]</li>
<li>feat: Bump to node 20.19.2 (<a
href="https://redirect.github.com/getsentry/action-release/issues/284">#284</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
<li>chore: Set docker tag for master [skip ci] (ec695e24) by <a
href="https://github.com/getsantry"><code>@getsantry</code></a>[bot]</li>
</ul>
<h2>3.1.2</h2>
<ul>
<li>fix: Preserve existing Node version on macOS and Windows runners (<a
href="https://redirect.github.com/getsentry/action-release/issues/280">#280</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<h2>3.1.1</h2>
<ul>
<li>fix: Only pass <code>urlPrefix</code> to sentry-cli if it's not
empty (<a
href="https://redirect.github.com/getsentry/action-release/issues/275">#275</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<h2>3.1.0</h2>
<ul>
<li>feat: Add <code>release</code> and <code>release_prefix</code> in
favor of <code>version</code> and <code>version_prefix</code> (<a
href="https://redirect.github.com/getsentry/action-release/issues/273">#273</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<p>Input parameter <code>version</code> has been deprecated and will be
removed in a future version in favor of a newly introduced
<code>release</code> parameter.</p>
<p>Input parameter <code>version_prefix</code> has been deprecated and
will be removed in a future version in favor of a newly introduced
<code>release_prefix</code> parameter.</p>
<h2>3.0.0</h2>
<p>Version <code>3.0.0</code> contains breaking changes:</p>
<ul>
<li>feat(sourcemaps)!: Enable injecting debug ids by default (<a
href="https://redirect.github.com/getsentry/action-release/issues/272">#272</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<p>The action now automatically injects Debug IDs into your JavaScript
source files and source maps to ensure your stacktraces can be
properly un-minified.</p>
<p>This is a <strong>breaking change as it modifies your source
files</strong>. You can disable this behavior by setting <code>inject:
false</code>:</p>
<pre lang="yaml"><code>- uses: getsentry/action-release@v3
with:
environment: 'production'
sourcemaps: './dist'
inject: false
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4f502acc1d"><code>4f502ac</code></a>
release: 3.3.0</li>
<li><a
href="d0134c84e8"><code>d0134c8</code></a>
chore: pin cache action (<a
href="https://redirect.github.com/getsentry/action-release/issues/290">#290</a>)</li>
<li><a
href="ae1d1cd5d6"><code>ae1d1cd</code></a>
chore: Set docker tag for master [skip ci]</li>
<li><a
href="b81cc2efe1"><code>b81cc2e</code></a>
Merge branch 'release/3.2.0'</li>
<li>See full diff in <a
href="526942b682...4f502acc1d">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Upon moving the version string from PKG_VERSION and Cargo.toml, we lost
the bump version automation. To avoid more bugs here in the future, we
now check for the version marker across all Git-tracked files,
regardless of their extension.
Fixes#10748
---------
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Skip `setConfiguration()` IPC call when not in connected state; this was
observed as the root cause of the utun interface increments which we've
seen
recently.
Note: `utun` increments can still happen during other IPC calls when not
signed in,
notably during log export when signed out of Firezone. This is not a
major issue though,
as other IPC calls happen only as a result of user interaction between
network extension sleeps.
To fully get rid of the problem, we should address #10754.
To ensure we still are able to pass on configuration before sign in, we
are now
passing configuration directly in the startTunnel() options dictionary.
Fixes#10603
Setting `fail-fast: false` unsurprisingly makes our CI fail pretty
slowly. This is especially noticable in the merge queue where a
long-running job could still hold up the entire queue even though a
different job has failed already and the PR is never going to make it in
anyway.
To avoid this scenario, we set `fail-fast: true` whenever we are in the
merge queue.
Bumps [framer-motion](https://github.com/motiondivision/motion) from
12.23.18 to 12.23.22.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/motiondivision/motion/blob/main/CHANGELOG.md">framer-motion's
changelog</a>.</em></p>
<blockquote>
<h2>[12.23.22] 2025-09-25</h2>
<h3>Added</h3>
<ul>
<li>Exporting <code>HTMLElements</code> and <code>useComposedRefs</code>
type for internal use.</li>
</ul>
<h2>[12.23.21] 2025-09-24</h2>
<h3>Fixed</h3>
<ul>
<li>Fixing main-thread <code>scroll</code> with animations that contain
<code>delay</code>.</li>
</ul>
<h2>[12.23.20] 2025-09-24</h2>
<h3>Fixed</h3>
<ul>
<li>Suppress non-animatable value warning for instant animations.</li>
</ul>
<h2>[12.23.19] 2025-09-23</h2>
<h3>Fixed</h3>
<ul>
<li>Remove support for changing <code>ref</code> prop.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="833abbb5a7"><code>833abbb</code></a>
v12.23.22</li>
<li><a
href="41346e2af9"><code>41346e2</code></a>
Exporting HTMLElements</li>
<li><a
href="f469973999"><code>f469973</code></a>
Update README.md with Notion logo</li>
<li><a
href="5232c64895"><code>5232c64</code></a>
Update sponsor links and images in README</li>
<li><a
href="7d5ab4ba4f"><code>7d5ab4b</code></a>
Add Notion logo to Gold section</li>
<li><a
href="aae6399409"><code>aae6399</code></a>
Updating tests</li>
<li><a
href="0ef633e2e3"><code>0ef633e</code></a>
v12.23.21</li>
<li><a
href="28ea5f8d68"><code>28ea5f8</code></a>
Updating changelog</li>
<li><a
href="d941e3aea2"><code>d941e3a</code></a>
Merge pull request <a
href="https://redirect.github.com/motiondivision/motion/issues/3380">#3380</a>
from motiondivision/fix/return-total-duration</li>
<li><a
href="80288e54e2"><code>80288e5</code></a>
Replacing map with for loop</li>
<li>Additional commits viewable in <a
href="https://github.com/motiondivision/motion/compare/v12.23.18...v12.23.22">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.3 to
4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add note on runner versions by <a
href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1642">actions/cache#1642</a></li>
<li>Prepare <code>v4.3.0</code> release by <a
href="https://github.com/Link"><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1655">actions/cache#1655</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1642">actions/cache#1642</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.3.0">https://github.com/actions/cache/compare/v4...v4.3.0</a></p>
<h2>v4.2.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li>
<li>Upgrade <code>@actions/cache</code> to <code>4.0.5</code> and move
<code>@protobuf-ts/plugin</code> to dev depdencies by <a
href="https://github.com/Link"><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1634">actions/cache#1634</a></li>
<li>Prepare release <code>4.2.4</code> by <a
href="https://github.com/Link"><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1636">actions/cache#1636</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.2.4">https://github.com/actions/cache/compare/v4...v4.2.4</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.3.0</h3>
<ul>
<li>Bump <code>@actions/cache</code> to <a
href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li>
</ul>
<h3>4.2.4</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.5</li>
</ul>
<h3>4.2.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in
debug logs for cache entries)</li>
</ul>
<h3>4.2.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.2</li>
</ul>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0057852bfa"><code>0057852</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1655">#1655</a>
from actions/Link-/prepare-4.3.0</li>
<li><a
href="4f5ea67f1c"><code>4f5ea67</code></a>
Update licensed cache</li>
<li><a
href="9fcad95d03"><code>9fcad95</code></a>
Upgrade actions/cache to 4.1.0 and prepare 4.3.0 release</li>
<li><a
href="638ed79f9d"><code>638ed79</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1642">#1642</a>
from actions/GhadimiR-patch-1</li>
<li><a
href="3862dccb17"><code>3862dcc</code></a>
Add note on runner versions</li>
<li><a
href="0400d5f644"><code>0400d5f</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1636">#1636</a>
from actions/Link-/release-4.2.4</li>
<li><a
href="374a27f269"><code>374a27f</code></a>
Prepare release 4.2.4</li>
<li><a
href="358a7306cd"><code>358a730</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1634">#1634</a>
from actions/Link-/optimise-deps</li>
<li><a
href="2ee706ef74"><code>2ee706e</code></a>
Fix with another approach</li>
<li><a
href="94f7b5d913"><code>94f7b5d</code></a>
Fix bundle exec</li>
<li>Additional commits viewable in <a
href="5a3ec84eff...0057852bfa">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to
2.0.17.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/thiserror/releases">thiserror's
releases</a>.</em></p>
<blockquote>
<h2>2.0.17</h2>
<ul>
<li>Use differently named __private module per patch release (<a
href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="72ae716e6d"><code>72ae716</code></a>
Release 2.0.17</li>
<li><a
href="599fdce83a"><code>599fdce</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>
from dtolnay/private</li>
<li><a
href="9ec05f6b38"><code>9ec05f6</code></a>
Use differently named __private module per patch release</li>
<li><a
href="d2c492b549"><code>d2c492b</code></a>
Raise minimum tested compiler to rust 1.76</li>
<li><a
href="fc3ab9501d"><code>fc3ab95</code></a>
Opt in to generate-macro-expansion when building on docs.rs</li>
<li><a
href="819fe29dbb"><code>819fe29</code></a>
Update ui test suite to nightly-2025-09-12</li>
<li><a
href="259f48c549"><code>259f48c</code></a>
Enforce trybuild >= 1.0.108</li>
<li><a
href="470e6a681c"><code>470e6a6</code></a>
Update ui test suite to nightly-2025-08-24</li>
<li><a
href="544e191e6e"><code>544e191</code></a>
Update actions/checkout@v4 -> v5</li>
<li><a
href="cbc1ebad3e"><code>cbc1eba</code></a>
Delete duplicate cap-lints flag from build script</li>
<li>See full diff in <a
href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[github.com/getsentry/sentry-cocoa](https://github.com/getsentry/sentry-cocoa)
from 8.56.0 to 8.56.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-cocoa/releases">github.com/getsentry/sentry-cocoa's
releases</a>.</em></p>
<blockquote>
<h2>8.56.2</h2>
<blockquote>
<p>[!Warning]
Session Replay in this version does not correctly mask views when built
with Xcode 26 and running on iOS 26 with Liquid Glass, which may lead to
PII leaks. Please upgrade to 8.57.0 or later, which automatically
<strong>disables session replay</strong> in such environments.</p>
</blockquote>
<h3>Fixes</h3>
<ul>
<li>Fix crash from null UIApplication in SwiftUI apps (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6264">#6264</a>)</li>
</ul>
<h2>8.56.1</h2>
<blockquote>
<p>[!Warning]
This version can cause runtime crashes because the
<code>UIApplication.sharedApplication</code>/<code>NSApplication.sharedApplication</code>
is not yet available during SDK initialization, due to the changes in
[PR <a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5900">#5900</a>](<a
href="https://redirect.github.com/getsentry/sentry-cocoa/pull/5900">getsentry/sentry-cocoa#5900</a>),
released in <a
href="https://github.com/getsentry/sentry-cocoa/releases/tag/8.56.0">8.56.0</a>.</p>
</blockquote>
<blockquote>
<p>[!Warning]
Session Replay in this version does not correctly mask views when built
with Xcode 26 and running on iOS 26 with Liquid Glass, which may lead to
PII leaks. Please upgrade to 8.57.0 or later, which automatically
<strong>disables session replay</strong> in such environments.</p>
</blockquote>
<h3>Fixes</h3>
<ul>
<li>Fix potential app launch hang caused by the SentrySDK (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6181">#6181</a>)
Fixed by removing the call to <code>_dyld_get_image_header</code> on the
main thread.</li>
<li>Fix dynamic selector crash in SentryReplayRecording (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6211">#6211</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9e193ac0b7"><code>9e193ac</code></a>
release: 8.56.2</li>
<li><a
href="d1c491625f"><code>d1c4916</code></a>
test: Skip flaky user feedback UITests (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6289">#6289</a>)</li>
<li><a
href="9a32d525be"><code>9a32d52</code></a>
fix: Lazily access UIApplication.shared (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6264">#6264</a>)</li>
<li><a
href="2ec27000f0"><code>2ec2700</code></a>
chore(ci): Set iOS version for running Test Server unit tests (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6287">#6287</a>)</li>
<li><a
href="4be5cd8ec9"><code>4be5cd8</code></a>
ci: Extra test plan for test server unit tests (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6177">#6177</a>)</li>
<li><a
href="449d185f00"><code>449d185</code></a>
chore(deps): Update clang-format version (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6276">#6276</a>)</li>
<li><a
href="649265b71b"><code>649265b</code></a>
test: Skip AppHangTracking when debugger attached (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6242">#6242</a>)</li>
<li><a
href="7dabfb9176"><code>7dabfb9</code></a>
docs: Add warning to releases v8.56.0 and v8.56.1 (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6266">#6266</a>)</li>
<li><a
href="d8ceea3a0c"><code>d8ceea3</code></a>
Merge branch 'release/8.56.1'</li>
<li><a
href="a82041aad9"><code>a82041a</code></a>
release: 8.56.1</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-cocoa/compare/8.56.0...8.56.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.4 to
4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add note on runner versions by <a
href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1642">actions/cache#1642</a></li>
<li>Prepare <code>v4.3.0</code> release by <a
href="https://github.com/Link"><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1655">actions/cache#1655</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1642">actions/cache#1642</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.3.0">https://github.com/actions/cache/compare/v4...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.3.0</h3>
<ul>
<li>Bump <code>@actions/cache</code> to <a
href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li>
</ul>
<h3>4.2.4</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.5</li>
</ul>
<h3>4.2.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in
debug logs for cache entries)</li>
</ul>
<h3>4.2.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.2</li>
</ul>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0057852bfa"><code>0057852</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1655">#1655</a>
from actions/Link-/prepare-4.3.0</li>
<li><a
href="4f5ea67f1c"><code>4f5ea67</code></a>
Update licensed cache</li>
<li><a
href="9fcad95d03"><code>9fcad95</code></a>
Upgrade actions/cache to 4.1.0 and prepare 4.3.0 release</li>
<li><a
href="638ed79f9d"><code>638ed79</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1642">#1642</a>
from actions/GhadimiR-patch-1</li>
<li><a
href="3862dccb17"><code>3862dcc</code></a>
Add note on runner versions</li>
<li>See full diff in <a
href="0400d5f644...0057852bfa">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [quote](https://github.com/dtolnay/quote) from 1.0.40 to 1.0.41.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/quote/releases">quote's
releases</a>.</em></p>
<blockquote>
<h2>1.0.41</h2>
<ul>
<li>Improve compile error when repetition contains no interpolated value
that is an iterator (<a
href="https://redirect.github.com/dtolnay/quote/issues/302">#302</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="594c865ce8"><code>594c865</code></a>
Release 1.0.41</li>
<li><a
href="68956e650b"><code>68956e6</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/quote/issues/302">#302</a>
from dtolnay/hasiter</li>
<li><a
href="6a69784268"><code>6a69784</code></a>
Make diagnostic attribute conditional on compiler version</li>
<li><a
href="5f1924bd99"><code>5f1924b</code></a>
Tweak CheckHasIterator error message</li>
<li><a
href="c0adb26f41"><code>c0adb26</code></a>
Add diagnostic::on_unimplemented for no iterator in repetition</li>
<li><a
href="a1ddcab61b"><code>a1ddcab</code></a>
Combine HasIterator and ThereIsNoIteratorInRepetition to one type</li>
<li><a
href="bf48c854da"><code>bf48c85</code></a>
Switch to trait for checking iterator in repetition</li>
<li><a
href="d3b4777367"><code>d3b4777</code></a>
Update ui test suite to nightly-2025-09-27</li>
<li><a
href="3e6b04d98b"><code>3e6b04d</code></a>
Raise minimum tested compiler to rust 1.76</li>
<li><a
href="07deaaf89e"><code>07deaaf</code></a>
Opt in to generate-macro-expansion when building on docs.rs</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/quote/compare/1.0.40...1.0.41">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Currently, we launch the `required_check` right away with all others and
poll the GitHub API to see if all others have completed already. This
eats into our API quota.
An easier way to do the same thing is to declare a dependency of the
`required_check` onto all other jobs. Normally, this wouldn't work
because we skip certain jobs if the related files haven't been modified.
We can opt out of this default behaviour by telling GitHub to `always()`
run our job. That way, it naturally gets scheduled after all others,
even if some of the jobs have been skipped.
By default, Docker creates network interfaces with a txqueuelen of 1000.
This is pretty small and causes unnecessary packet drops when running
perf tests in that setup.
This comment breaks the multi-line command. The debian archive will be available from the APT repository so uploading that to the releases page is not actually necessary. We can still do it later if we want to though. For now, remove the comment to make the workflow work again.
To allow for better analysis of flow logs, we embed the resource name
and its address into the flow flogs. For the Internet Resource, the name
will be displayed as "Internet` and the address is either `0.0.0.0/0` or
`::/0` depending on the IP version of the packet. For CIDR resources,
the address is the subnet and for DNS resources, it is the domain
pattern.
Resolves: #10693
On clients prior to https://github.com/firezone/firezone/pull/10604,
sending `resource_created_or_updated` for a site change would cause a
panic. With the introduction of that PR, the portal can now send this
message without needing to "toggle" the resource first by sending
`resource_deleted`.
Fixes: #10593
This improves the secret handling inside `firezone-cli` by using the
`rpassword` crate to hide the token from stdin and using `secrecy` to
zeroize the memory afterwards. To make it easier to test locally, we add
a dry run mode for local testing, hidden behind the `FZ_DRY_RUN` env
variable.
With the refactoring coming up in #6294 we will be dropping production
support for JumpCloud directory sync.
In practice, this likely won't be an issue due to the better ergonomics
/ JIT provisioning that will be offered in the new system.
Related: #2701
Related: #6294
Related: #3115
Related: #7834
With this PR we add `cargo-deb` to our CI pipeline and build a debian
package for the Gateway. The debian package comes with several
configuration files that make it easy for admins to start and maintain a
Gateway installation:
- The embedded systemd unit file is essentially the same one as what we
currently install with the install script with some minor modifications.
- The token is read from `/etc/firezone/gateway-token` and passed as a
systemd credential. This allows us to set the permissions for this file
to `0400` and have it owned by `root:root`.
- The configuration is read from `/etc/firezone/gateway-env`.
- Both of these changes basically mean the user should never need to
touch the unit file itself.
- The `sysusers` configuration file ensures the `firezone` user and
group are present on the system.
- The `tmpfiles` configuration file ensures the necessary directories
are present.
All of the above is automatically installed and configured using the
post-installation script which is called by `apt` once the package is
installed.
In addition to the Gateway, we also package a first version of the
`firezone-cli`. Right now, `firezone-cli` (installed as `firezone`) has
three subcommands:
- `gateway authenticate`: Asks for the Gateway's token and installs it
at `/etc/firezone/gateway-token`. The user doesn't have to know how we
manage this token and can trust that we are using safe defaults.
- `gateway enable`: Enables and starts the systemd service.
- `gateway disable`: Disables the systemd service.
Right now, the `.deb` file is only uploaded to the preview APT
repository and not attached to the release. It should therefore not yet
be user-visible unless somebody pokes around a lot, meaning we can defer
documentation to a later PR and start testing it from the preview
repository for our own purposes.
Related: #10598Resolves: #8484Resolves: #10681
It is possible that our "roaming" integration test only ever connects
Client and Gateway over IPv6. In that case, the number of unique source
tuples after roaming is only 2 and not 3. To handle this case, we count
the number of IPv4 tuples and change the assertion accordingly.
In the current state, this causes test failures on `main`.
Currently, the default log level for both the Gateway and the headless
Client is actually `error` which basically means no logs at all. To
avoid having to create additional configuration as part of the Debian
packages, we set the default log level to `info`.
Unix tools often write a newline at the end of a file. When using the
file's contents as a token, they need to match byte-for-byte otherwise
we cannot authenticate to the portal. To ensure that, we trim the
content from the file before creating the `SecretString`.
Adding new keys to the `/etc/apt/trusted.gpg.d` keyring is not
recommended because it will make `apt` accept packages from any
repository signed by this key. This could lead to third-party
repositories "overriding" packages from the official ones.
To prevent that, we create a dedicated keyring for the Microsoft key and
specify that it is only to be used for packages from the `azure-cli`
repository.
Similarly to #10537, we upload the `.deb` files attached to the draft
releases to the APT preview repository. This makes it easier to install
these preview releases on test machines.
Related: #10681
Currently, the `sync-apt.sh` script just generates metadata for all
packages found in the `.deb` directory. Unfortunately, this requires the
packages to already be uploaded with a certain naming convention,
otherwise `apt-ftparchive packages` doesn't actually detect them and
creates an empty `Packages` file.
The solution here is to extend the `sync-apt.sh` script to normalize the
filename to what we need it to be. This requires us to upload the new
`.deb` files to the `pool` directory. Instead of messing around with the
existing files in there, we slightly change how the `sync-apt.sh` script
works.
In its new version, it expects packages to be in the `import-stable` and
`import-preview` directories. It will then download these, normalize
their names and move them to a local `pool-stable` and `pool-preview`
directory respectively (potentially overwriting and existing one that is
already there, this allows for updating packages).
As a final step, it will generate the metadata for all packages in
`pool-stable` and `pool-preview`, upload both directories, upload the
metadata and then delete the imported `.deb` files.
Bumps [dns-lookup](https://github.com/keeperofdakeys/dns-lookup) from
2.1.1 to 3.0.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ec8ceceb6b"><code>ec8cece</code></a>
Bump to version 3.0.0</li>
<li><a
href="8b650bd273"><code>8b650bd</code></a>
Bump to version 2.1.0</li>
<li><a
href="0d90628d54"><code>0d90628</code></a>
Update to 2021 edition</li>
<li><a
href="e4f5e19d80"><code>e4f5e19</code></a>
Apply clipply lints</li>
<li><a
href="1d02095eb7"><code>1d02095</code></a>
deps(socket2): update to 0.6 with windwos-sys 0.60</li>
<li><a
href="7745e71a61"><code>7745e71</code></a>
Update example lookup_host with collect in README</li>
<li><a
href="615ee8cc85"><code>615ee8c</code></a>
Downgrade windows-sys back to 0.52</li>
<li><a
href="aa1380981a"><code>aa13809</code></a>
Fix clippy errors</li>
<li><a
href="c5b86b6882"><code>c5b86b6</code></a>
Remove useless clippy feature</li>
<li><a
href="b581ca0c6a"><code>b581ca0</code></a>
Update deps</li>
<li>Additional commits viewable in <a
href="https://github.com/keeperofdakeys/dns-lookup/compare/2.1.1...3.0.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Bumps [winreg](https://github.com/gentoo90/winreg-rs) from 0.52.0 to
0.55.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gentoo90/winreg-rs/releases">winreg's
releases</a>.</em></p>
<blockquote>
<h2>0.55.0 (windows-sys)</h2>
<ul>
<li>Breaking change: Increate MSRV to 1.60</li>
<li>Breaking change: Upgrade <code>windows-sys</code> to version 0.59
(<a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/77">#77</a>)</li>
</ul>
<h2>0.54.0 (windows-sys)</h2>
<ul>
<li>Breaking change: Migrate to the 2021 edition of Rust (MSRV
1.56)</li>
<li>Breaking change: Upgrade <code>windows-sys</code> to version 0.52
(closes <a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/63">#63</a>,
<a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/70">#70</a>)</li>
</ul>
<h2>0.53.0 (windows-sys)</h2>
<ul>
<li>Don't stop deserialization of <code>Any</code> due to
<code>REG_NONE</code> (pullrequest <a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/67">#67</a>,
fixes <a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/66">#66</a>)</li>
<li>Implement (de)serialization of <code>Option</code> (<a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/56">#56</a>)</li>
<li>Add <code>RegKey</code> methods for creating/opening subkeys with
custom options (<a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/65">#65</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/gentoo90/winreg-rs/blob/master/CHANGELOG.md">winreg's
changelog</a>.</em></p>
<blockquote>
<h2>0.55.0</h2>
<ul>
<li>Breaking change: Increate MSRV to 1.60</li>
<li>Breaking change: Upgrade <code>windows-sys</code> to version 0.59
(<a
href="https://redirect.github.com/gentoo90/winreg-rs/pull/77">#77</a>)</li>
</ul>
<h2>0.54.0</h2>
<ul>
<li>Breaking change: Migrate to the 2021 edition of Rust (MSRV
1.56)</li>
<li>Breaking change: Upgrade <code>windows-sys</code> to version 0.52
(closes <a
href="https://redirect.github.com/gentoo90/winreg-rs/pull/63">#63</a>,
<a
href="https://redirect.github.com/gentoo90/winreg-rs/pull/70">#70</a>)</li>
</ul>
<h2>0.15.0, 0.53.0</h2>
<ul>
<li>Don't stop deserialization of <code>Any</code> due to
<code>REG_NONE</code> (pullrequest <a
href="https://redirect.github.com/gentoo90/winreg-rs/pull/67">#67</a>,
fixes <a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/66">#66</a>)</li>
<li>Implement (de)serialization of <code>Option</code> (<a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/56">#56</a>)</li>
<li>Add <code>RegKey</code> methods for creating/opening subkeys with
custom options (<a
href="https://redirect.github.com/gentoo90/winreg-rs/pull/65">#65</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9243b23849"><code>9243b23</code></a>
Bump version to 0.55.0</li>
<li><a
href="f0440749e8"><code>f044074</code></a>
Upgrade <code>windows-sys</code> to version 0.59 (and MSRV to 1.60)</li>
<li><a
href="4574febe77"><code>4574feb</code></a>
Bump version to 0.54.0</li>
<li><a
href="105ca7aee3"><code>105ca7a</code></a>
Upgrade <code>windows-sys</code> to version 0.52</li>
<li><a
href="93aefdf523"><code>93aefdf</code></a>
Migrate to the 2021 edition of Rust</li>
<li><a
href="c9315d07f0"><code>c9315d0</code></a>
Clippy: remove unnecessary typecasts</li>
<li><a
href="e62111ee60"><code>e62111e</code></a>
Merge branch 'winapi'</li>
<li><a
href="049035fe94"><code>049035f</code></a>
Update the transaction example in the docs</li>
<li><a
href="5baac5d5a4"><code>5baac5d</code></a>
CI: upgrade actions to the latest versions</li>
<li><a
href="cbaeb4e00a"><code>cbaeb4e</code></a>
CI: check <code>Cargo.toml</code> formatting</li>
<li>Additional commits viewable in <a
href="https://github.com/gentoo90/winreg-rs/compare/v0.52.0...v0.55.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
dependabot[bot]