Bumps [lru](https://github.com/jeromefroe/lru-rs) from 0.12.5 to 0.16.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jeromefroe/lru-rs/blob/master/CHANGELOG.md">lru's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/jeromefroe/lru-rs/tree/0.16.1">v0.16.1</a> -
2025-09-08</h2>
<ul>
<li>Fix <code>Clone</code> for unbounded cache.</li>
</ul>
<h2><a
href="https://github.com/jeromefroe/lru-rs/tree/0.16.0">v0.16.0</a> -
2025-07-02</h2>
<ul>
<li>Implement <code>Clone</code> for caches with custom hashers.</li>
</ul>
<h2><a
href="https://github.com/jeromefroe/lru-rs/tree/0.15.0">v0.15.0</a> -
2025-06-26</h2>
<ul>
<li>Return bool from <code>promote</code> and <code>demote</code> to
indicate whether key was found.</li>
</ul>
<h2><a
href="https://github.com/jeromefroe/lru-rs/tree/0.14.0">v0.14.0</a> -
2025-04-12</h2>
<ul>
<li>Use <code>NonZeroUsize::MAX</code> instead of <code>unwrap()</code>,
and update MSRV to 1.70.0.</li>
</ul>
<h2><a
href="https://github.com/jeromefroe/lru-rs/tree/0.13.0">v0.13.0</a> -
2025-01-27</h2>
<ul>
<li>Add <code>peek_mru</code> and <code>pop_mru</code> methods, upgrade
dependency on <code>hashbrown</code> to 0.15.2, and update MSRV to
1.65.0.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c699209232"><code>c699209</code></a>
Merge pull request <a
href="https://redirect.github.com/jeromefroe/lru-rs/issues/220">#220</a>
from jeromefroe/jerome/prepare-0-16-1-release</li>
<li><a
href="2bd8207030"><code>2bd8207</code></a>
Prepare 0.16.1 release</li>
<li><a
href="1b21bf1c59"><code>1b21bf1</code></a>
Merge pull request <a
href="https://redirect.github.com/jeromefroe/lru-rs/issues/219">#219</a>
from wqfish/bk</li>
<li><a
href="3ec42b6369"><code>3ec42b6</code></a>
Fix clone implementation for unbounded cache</li>
<li><a
href="e2e3e47c33"><code>e2e3e47</code></a>
Merge pull request <a
href="https://redirect.github.com/jeromefroe/lru-rs/issues/218">#218</a>
from jeromefroe/jerome/prepare-0-16-0-release</li>
<li><a
href="17fe4f328a"><code>17fe4f3</code></a>
Prepare 0.16.0 release</li>
<li><a
href="b1b974ba35"><code>b1b974b</code></a>
Merge pull request <a
href="https://redirect.github.com/jeromefroe/lru-rs/issues/217">#217</a>
from kralverde/clone</li>
<li><a
href="20bdf9831a"><code>20bdf98</code></a>
clone all hashers</li>
<li><a
href="5ef01d3e1d"><code>5ef01d3</code></a>
Merge pull request <a
href="https://redirect.github.com/jeromefroe/lru-rs/issues/216">#216</a>
from atouchet/codecov</li>
<li><a
href="6d35290666"><code>6d35290</code></a>
Remove Codecov badge</li>
<li>Additional commits viewable in <a
href="https://github.com/jeromefroe/lru-rs/compare/0.12.5...0.16.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Fixes
[APPLE-CLIENT-7S](https://sentry.io/organizations/firezone-inc/issues/6812982801/).
The issue was that: Synchronous access to
`Adapter.systemConfigurationResolvers` during concurrent deallocation
causes an EXC_BAD_ACCESS crash.
- Moves the `reset` command execution to the `workQueue` to prevent
potential deadlocks or race conditions when accessing shared resources
or interacting with the network extension's internal state.
This fix was generated by Seer in Sentry, triggered by
jamil@firezone.dev. 👁️ Run ID: 2183818
Not quite right? [Click here to continue debugging with
Seer.](https://sentry.io/organizations/firezone-inc/issues/6812982801/?seerDrawer=true)
Fixes#10195
---------
Co-authored-by: seer-by-sentry[bot] <157164994+seer-by-sentry[bot]@users.noreply.github.com>
Co-authored-by: Mariusz Klochowicz <mariusz@klochowicz.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
With the fix of taking into account link-scoped routes in #10554 we
introduced a bug: If a customer defines routes in Firezone that conflict
with the link-scope ones, those currently take priority as they are
usually more specific.
To fix this, we introduce tiered routing tables controlled by a set of
rules with different priority.
1. In the first "Firezone" routing table, we add all CIDR/IP routes that
users define in Firezone.
2. In the second "Firezone" routing table, we sync in all link-scope
routes from the system.
3. In the third "Firezone" routing table, we only add the Internet
Resource if it is active.
By evaluating the routing tables in this order, we effectively always
prioritize Firezone-controlled routes over local ones but still allow
access to LAN resources when the Internet Resource is active.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Bumps the hilt group in /kotlin/android with 4 updates:
[com.google.dagger.hilt.android](https://github.com/google/dagger),
[com.google.dagger:hilt-android](https://github.com/google/dagger),
[com.google.dagger:hilt-android-compiler](https://github.com/google/dagger)
and
[com.google.dagger:hilt-android-testing](https://github.com/google/dagger).
Updates `com.google.dagger.hilt.android` from 2.57.1 to 2.57.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/dagger/releases">com.google.dagger.hilt.android's
releases</a>.</em></p>
<blockquote>
<h2>Dagger 2.57.2</h2>
<h1>Bug fixes</h1>
<ul>
<li>Fixed <a
href="https://redirect.github.com/google/dagger/issues/4847">#4847</a>:
Fixed an issue with the Hilt Gradle Plugin registered transforms on
projects using Gradle 9.0.0 (ea570e7)</li>
<li>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4898">#4898</a>:
Fixed an issue with backwards compatibility handling for libraries that
export Hilt roots. (85c470ca4)</li>
<li>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4937">#4937</a>:
Fixed the incorrectly declared version of the Kotlin stdlib dependency
in the Hilt Gradle Plugin. (deefd9a2d)</li>
<li>Updated ASM dependency to 9.8 (365bc499d)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="438334a32d"><code>438334a</code></a>
2.57.2 release</li>
<li><a
href="365bc499de"><code>365bc49</code></a>
Update ASM dependency to 9.8</li>
<li><a
href="6f82a2b1c9"><code>6f82a2b</code></a>
Automated Code Change</li>
<li><a
href="ff49b3daf5"><code>ff49b3d</code></a>
Automated Code Change</li>
<li><a
href="f60dccae05"><code>f60dcca</code></a>
Fix issue with
DaggerSuperficialValidation#validateTypeHierarchyOf().</li>
<li><a
href="9319e8125d"><code>9319e81</code></a>
Add a test suite to group our generated functional tests.</li>
<li><a
href="9053b3ba88"><code>9053b3b</code></a>
Inline MultibindingTest sources into the test for better
encapsulation.</li>
<li><a
href="55b0311eba"><code>55b0311</code></a>
Adds DaggerSuperficialValidationTest test case for missing super
interface ty...</li>
<li><a
href="ee59ebdb1b"><code>ee59ebd</code></a>
Remove unnecessary workaround for b/242569252.</li>
<li><a
href="5426d64c93"><code>5426d64</code></a>
Add more info to error messages for cases reported in <a
href="https://redirect.github.com/google/dagger/issues/3450">#3450</a>.</li>
<li>Additional commits viewable in <a
href="https://github.com/google/dagger/compare/dagger-2.57.1...dagger-2.57.2">compare
view</a></li>
</ul>
</details>
<br />
Updates `com.google.dagger:hilt-android` from 2.57.1 to 2.57.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/dagger/releases">com.google.dagger:hilt-android's
releases</a>.</em></p>
<blockquote>
<h2>Dagger 2.57.2</h2>
<h1>Bug fixes</h1>
<ul>
<li>Fixed <a
href="https://redirect.github.com/google/dagger/issues/4847">#4847</a>:
Fixed an issue with the Hilt Gradle Plugin registered transforms on
projects using Gradle 9.0.0 (ea570e7)</li>
<li>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4898">#4898</a>:
Fixed an issue with backwards compatibility handling for libraries that
export Hilt roots. (85c470ca4)</li>
<li>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4937">#4937</a>:
Fixed the incorrectly declared version of the Kotlin stdlib dependency
in the Hilt Gradle Plugin. (deefd9a2d)</li>
<li>Updated ASM dependency to 9.8 (365bc499d)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="438334a32d"><code>438334a</code></a>
2.57.2 release</li>
<li><a
href="365bc499de"><code>365bc49</code></a>
Update ASM dependency to 9.8</li>
<li><a
href="6f82a2b1c9"><code>6f82a2b</code></a>
Automated Code Change</li>
<li><a
href="ff49b3daf5"><code>ff49b3d</code></a>
Automated Code Change</li>
<li><a
href="f60dccae05"><code>f60dcca</code></a>
Fix issue with
DaggerSuperficialValidation#validateTypeHierarchyOf().</li>
<li><a
href="9319e8125d"><code>9319e81</code></a>
Add a test suite to group our generated functional tests.</li>
<li><a
href="9053b3ba88"><code>9053b3b</code></a>
Inline MultibindingTest sources into the test for better
encapsulation.</li>
<li><a
href="55b0311eba"><code>55b0311</code></a>
Adds DaggerSuperficialValidationTest test case for missing super
interface ty...</li>
<li><a
href="ee59ebdb1b"><code>ee59ebd</code></a>
Remove unnecessary workaround for b/242569252.</li>
<li><a
href="5426d64c93"><code>5426d64</code></a>
Add more info to error messages for cases reported in <a
href="https://redirect.github.com/google/dagger/issues/3450">#3450</a>.</li>
<li>Additional commits viewable in <a
href="https://github.com/google/dagger/compare/dagger-2.57.1...dagger-2.57.2">compare
view</a></li>
</ul>
</details>
<br />
Updates `com.google.dagger:hilt-android-compiler` from 2.57.1 to 2.57.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/dagger/releases">com.google.dagger:hilt-android-compiler's
releases</a>.</em></p>
<blockquote>
<h2>Dagger 2.57.2</h2>
<h1>Bug fixes</h1>
<ul>
<li>Fixed <a
href="https://redirect.github.com/google/dagger/issues/4847">#4847</a>:
Fixed an issue with the Hilt Gradle Plugin registered transforms on
projects using Gradle 9.0.0 (ea570e7)</li>
<li>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4898">#4898</a>:
Fixed an issue with backwards compatibility handling for libraries that
export Hilt roots. (85c470ca4)</li>
<li>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4937">#4937</a>:
Fixed the incorrectly declared version of the Kotlin stdlib dependency
in the Hilt Gradle Plugin. (deefd9a2d)</li>
<li>Updated ASM dependency to 9.8 (365bc499d)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="438334a32d"><code>438334a</code></a>
2.57.2 release</li>
<li><a
href="365bc499de"><code>365bc49</code></a>
Update ASM dependency to 9.8</li>
<li><a
href="6f82a2b1c9"><code>6f82a2b</code></a>
Automated Code Change</li>
<li><a
href="ff49b3daf5"><code>ff49b3d</code></a>
Automated Code Change</li>
<li><a
href="f60dccae05"><code>f60dcca</code></a>
Fix issue with
DaggerSuperficialValidation#validateTypeHierarchyOf().</li>
<li><a
href="9319e8125d"><code>9319e81</code></a>
Add a test suite to group our generated functional tests.</li>
<li><a
href="9053b3ba88"><code>9053b3b</code></a>
Inline MultibindingTest sources into the test for better
encapsulation.</li>
<li><a
href="55b0311eba"><code>55b0311</code></a>
Adds DaggerSuperficialValidationTest test case for missing super
interface ty...</li>
<li><a
href="ee59ebdb1b"><code>ee59ebd</code></a>
Remove unnecessary workaround for b/242569252.</li>
<li><a
href="5426d64c93"><code>5426d64</code></a>
Add more info to error messages for cases reported in <a
href="https://redirect.github.com/google/dagger/issues/3450">#3450</a>.</li>
<li>Additional commits viewable in <a
href="https://github.com/google/dagger/compare/dagger-2.57.1...dagger-2.57.2">compare
view</a></li>
</ul>
</details>
<br />
Updates `com.google.dagger:hilt-android-testing` from 2.57.1 to 2.57.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/dagger/releases">com.google.dagger:hilt-android-testing's
releases</a>.</em></p>
<blockquote>
<h2>Dagger 2.57.2</h2>
<h1>Bug fixes</h1>
<ul>
<li>Fixed <a
href="https://redirect.github.com/google/dagger/issues/4847">#4847</a>:
Fixed an issue with the Hilt Gradle Plugin registered transforms on
projects using Gradle 9.0.0 (ea570e7)</li>
<li>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4898">#4898</a>:
Fixed an issue with backwards compatibility handling for libraries that
export Hilt roots. (85c470ca4)</li>
<li>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4937">#4937</a>:
Fixed the incorrectly declared version of the Kotlin stdlib dependency
in the Hilt Gradle Plugin. (deefd9a2d)</li>
<li>Updated ASM dependency to 9.8 (365bc499d)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="438334a32d"><code>438334a</code></a>
2.57.2 release</li>
<li><a
href="365bc499de"><code>365bc49</code></a>
Update ASM dependency to 9.8</li>
<li><a
href="6f82a2b1c9"><code>6f82a2b</code></a>
Automated Code Change</li>
<li><a
href="ff49b3daf5"><code>ff49b3d</code></a>
Automated Code Change</li>
<li><a
href="f60dccae05"><code>f60dcca</code></a>
Fix issue with
DaggerSuperficialValidation#validateTypeHierarchyOf().</li>
<li><a
href="9319e8125d"><code>9319e81</code></a>
Add a test suite to group our generated functional tests.</li>
<li><a
href="9053b3ba88"><code>9053b3b</code></a>
Inline MultibindingTest sources into the test for better
encapsulation.</li>
<li><a
href="55b0311eba"><code>55b0311</code></a>
Adds DaggerSuperficialValidationTest test case for missing super
interface ty...</li>
<li><a
href="ee59ebdb1b"><code>ee59ebd</code></a>
Remove unnecessary workaround for b/242569252.</li>
<li><a
href="5426d64c93"><code>5426d64</code></a>
Add more info to error messages for cases reported in <a
href="https://redirect.github.com/google/dagger/issues/3450">#3450</a>.</li>
<li>Additional commits viewable in <a
href="https://github.com/google/dagger/compare/dagger-2.57.1...dagger-2.57.2">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.223 to
1.0.228.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/serde/releases">serde's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.228</h2>
<ul>
<li>Allow building documentation with
<code>RUSTDOCFLAGS='--cfg=docsrs'</code> set for the whole dependency
graph (<a
href="https://redirect.github.com/serde-rs/serde/issues/2995">#2995</a>)</li>
</ul>
<h2>v1.0.227</h2>
<ul>
<li>Documentation improvements (<a
href="https://redirect.github.com/serde-rs/serde/issues/2991">#2991</a>)</li>
</ul>
<h2>v1.0.226</h2>
<ul>
<li>Deduplicate variant matching logic inside generated Deserialize impl
for adjacently tagged enums (<a
href="https://redirect.github.com/serde-rs/serde/issues/2935">#2935</a>,
thanks <a
href="https://github.com/Mingun"><code>@Mingun</code></a>)</li>
</ul>
<h2>v1.0.225</h2>
<ul>
<li>Avoid triggering a deprecation warning in derived Serialize and
Deserialize impls for a data structure that contains its own
deprecations (<a
href="https://redirect.github.com/serde-rs/serde/issues/2879">#2879</a>,
thanks <a
href="https://github.com/rcrisanti"><code>@rcrisanti</code></a>)</li>
</ul>
<h2>v1.0.224</h2>
<ul>
<li>Remove private types being suggested in rustc diagnostics (<a
href="https://redirect.github.com/serde-rs/serde/issues/2979">#2979</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a866b336f1"><code>a866b33</code></a>
Release 1.0.228</li>
<li><a
href="5adc9e816c"><code>5adc9e8</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2995">#2995</a>
from dtolnay/rustdocflags</li>
<li><a
href="ab581789f4"><code>ab58178</code></a>
Workaround for RUSTDOCFLAGS='--cfg=docsrs'</li>
<li><a
href="415d9fc560"><code>415d9fc</code></a>
Release 1.0.227</li>
<li><a
href="7c58427e12"><code>7c58427</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2991">#2991</a>
from dtolnay/inlinecoredoc</li>
<li><a
href="9d3410e3f4"><code>9d3410e</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2992">#2992</a>
from dtolnay/inplaceseed</li>
<li><a
href="2fb6748bf1"><code>2fb6748</code></a>
Remove InPlaceSeed public re-export</li>
<li><a
href="f8137c79a2"><code>f8137c7</code></a>
Inline serde_core into serde in docsrs mode</li>
<li><a
href="b7dbf7e3cb"><code>b7dbf7e</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2990">#2990</a>
from dtolnay/integer128</li>
<li><a
href="7c836915fc"><code>7c83691</code></a>
No longer macro_use integer128 module</li>
<li>Additional commits viewable in <a
href="https://github.com/serde-rs/serde/compare/v1.0.223...v1.0.228">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
In order to make the flow logs emitted by the Gateway more useful and
self-contained, we extend the `authorize_flow` message sent to the
Gateway with some more context around the Client and Actor of that flow.
In particular, we now also send the following to the Gateway:
- `client_version`
- `device_os_version`
- `device_os_name`
- `device_serial`
- `device_uuid`
- `device_identifier_for_vendor`
- `device_firebase_installation_id`
- `identity_id`
- `identity_name`
- `actor_id`
- `actor_email`
We only extend the `authorize_flow` message with these additional
properties. The legacy messages for 1.3.x Clients remain as is. For
those Clients, the above properties will be empty in the flow logs.
Resolves: #10690
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps the netlink group in /rust with 3 updates:
[netlink-packet-core](https://github.com/rust-netlink/netlink-packet-core),
[netlink-packet-route](https://github.com/rust-netlink/netlink-packet-route)
and [rtnetlink](https://github.com/rust-netlink/rtnetlink).
Updates `netlink-packet-core` from 0.7.0 to 0.8.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-core/releases">netlink-packet-core's
releases</a>.</em></p>
<blockquote>
<h2>New release 0.8.1</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Revert back to paste dependency. (4447216)</li>
</ul>
<h2>New release 0.8.0</h2>
<h3>Breaking changes</h3>
<ul>
<li>Changed <code>DecodeError</code> from enum to struct. (f55d7b7,
63da36a)</li>
<li>Merged <code>netlink-packet-utils</code> into
<code>netlink-packet-core</code>. (f55d7b7, 0951455,
ba127bf, a232478, 8027f63, 41fe03d, 260e596, cc6bf08, 63da36a,
410c61d)</li>
<li>Remove dependency of byteorder crate. (16d63fb)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support zero sized done message. (100413a)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-core/blob/main/CHANGELOG">netlink-packet-core's
changelog</a>.</em></p>
<blockquote>
<h2>[0.8.1] - 2025-09-18</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Revert back to paste dependency. (4447216)</li>
</ul>
<h2>[0.8.0] - 2025-08-27</h2>
<h3>Breaking changes</h3>
<ul>
<li>Changed <code>DecodeError</code> from enum to struct. (f55d7b7,
63da36a)</li>
<li>Merged <code>netlink-packet-utils</code> into
<code>netlink-packet-core</code>. (f55d7b7, 0951455,
ba127bf, a232478, 8027f63, 41fe03d, 260e596, cc6bf08, 63da36a,
410c61d)</li>
<li>Remove dependency of byteorder crate. (16d63fb)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support zero sized done message. (100413a)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e34595f54f"><code>e34595f</code></a>
New release 0.8.1</li>
<li><a
href="44472161c5"><code>4447216</code></a>
Revert back to paste dependency</li>
<li><a
href="b40f3d616f"><code>b40f3d6</code></a>
New release 0.8.0</li>
<li><a
href="46a3fee30b"><code>46a3fee</code></a>
Run cargo fmt</li>
<li><a
href="100413a1b7"><code>100413a</code></a>
Support zero sized done message</li>
<li><a
href="81b2d0f406"><code>81b2d0f</code></a>
CI: Fail to test for clippy warnings</li>
<li><a
href="663310a04c"><code>663310a</code></a>
Revert "ci: add code coverage support"</li>
<li><a
href="16d63fb0a8"><code>16d63fb</code></a>
Remove dependency of byteorder crate</li>
<li><a
href="410c61db71"><code>410c61d</code></a>
Changed Parseable to raise DecodeError</li>
<li><a
href="63da36a2fc"><code>63da36a</code></a>
Extend ErrorContext to accept <code>std::fmt::Display</code></li>
<li>Additional commits viewable in <a
href="https://github.com/rust-netlink/netlink-packet-core/compare/v0.7.0...v0.8.1">compare
view</a></li>
</ul>
</details>
<br />
Updates `netlink-packet-route` from 0.24.0 to 0.25.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-route/releases">netlink-packet-route's
releases</a>.</em></p>
<blockquote>
<h2>New release 0.25.1</h2>
<h3>Breaking changes</h3>
<ul>
<li>Set minimum supported rust version to 1.77. (6bd5418)</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix compiling error on rust 1.77. (6bd5418)</li>
</ul>
<h2>New release 0.25.0</h2>
<h3>Breaking changes</h3>
<ul>
<li>Drop the dependency on <code>netlink-packet-utils</code>.
(e09acbd)</li>
<li>Add <code>non_exhaustive</code> to these bond options: (eacf67f)
<ul>
<li><code>BondArpValidate</code></li>
<li><code>BondPrimaryReselect</code></li>
<li><code>BondXmitHashPolicy</code></li>
<li><code>BondArpAllTargets</code></li>
<li><code>BondFailOverMac</code></li>
</ul>
</li>
<li>Changed <code>AfSpecInet6::AddrGenMode</code> to enum.
(7daf895)</li>
<li>Changed <code>LinkAttribute::Mode</code> to enum. (be2796c)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support <code>LWTUNNEL_ENCAP_IP6</code>. (0e49453)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Expose In6AddrGenMode. (faf9d39)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-route/blob/main/CHANGELOG">netlink-packet-route's
changelog</a>.</em></p>
<blockquote>
<h2>[0.25.1] - 2025-08-29</h2>
<h3>Breaking changes</h3>
<ul>
<li>Set minimum supported rust version to 1.77. (6bd5418)</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix compiling error on rust 1.77. (6bd5418)</li>
</ul>
<h2>[0.25.0] - 2025-08-27</h2>
<h3>Breaking changes</h3>
<ul>
<li>Drop the dependency on <code>netlink-packet-utils</code>.
(e09acbd)</li>
<li>Add <code>non_exhaustive</code> to these bond options: (eacf67f)
<ul>
<li><code>BondArpValidate</code></li>
<li><code>BondPrimaryReselect</code></li>
<li><code>BondXmitHashPolicy</code></li>
<li><code>BondArpAllTargets</code></li>
<li><code>BondFailOverMac</code></li>
</ul>
</li>
<li>Changed <code>AfSpecInet6::AddrGenMode</code> to enum.
(7daf895)</li>
<li>Changed <code>LinkAttribute::Mode</code> to enum. (be2796c)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support <code>LWTUNNEL_ENCAP_IP6</code>. (0e49453)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Expose In6AddrGenMode. (faf9d39)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e3dc02da86"><code>e3dc02d</code></a>
New release 0.25.1</li>
<li><a
href="4dfe87d7cb"><code>4dfe87d</code></a>
CI: Change MSRV test not using metric</li>
<li><a
href="6bd5418da9"><code>6bd5418</code></a>
Set minimum supported rust version to 1.77</li>
<li><a
href="a473cca426"><code>a473cca</code></a>
New release 0.25.0</li>
<li><a
href="e09acbd440"><code>e09acbd</code></a>
Use netlink-packet-core 0.8.0</li>
<li><a
href="faf9d390f2"><code>faf9d39</code></a>
Fix private In6AddrGenMode</li>
<li><a
href="eacf67f90f"><code>eacf67f</code></a>
link: Add <code>non_exhaustive</code> to bond classes</li>
<li><a
href="eef9be7e7c"><code>eef9be7</code></a>
Add example code of dumping routes</li>
<li><a
href="0e49453468"><code>0e49453</code></a>
Add support for LWTUNNEL_ENCAP_IP6</li>
<li><a
href="7daf895552"><code>7daf895</code></a>
Change AddrGenMode into enum</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-netlink/netlink-packet-route/compare/v0.24.0...v0.25.1">compare
view</a></li>
</ul>
</details>
<br />
Updates `rtnetlink` from 0.17.0 to 0.18.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/rtnetlink/releases">rtnetlink's
releases</a>.</em></p>
<blockquote>
<h2>New release 0.18.1</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>route: Support defining ECMP weight. (7fcba62)</li>
<li>route: Support defining ECMP flags. (18c4331)</li>
<li>route: allow IPv6 gateway in IPv4 route. (e1784a3)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
<h2>New release 0.18.0</h2>
<h3>Breaking changes</h3>
<ul>
<li>Please check <code>netlink-packet-route</code> 0.25.0 breaking
changes.</li>
<li>Please check <code>netlink-packet-core</code> 0.8.0 breaking
changes.</li>
<li>Please check <code>netlink-proto</code> 0.12.0 breaking
changes.</li>
<li>Removed <code>rtnetlink::packet_utils</code>. (9373d77)</li>
</ul>
<h3>New features</h3>
<ul>
<li>ip: Introduced <code>AddressMessageBuilder</code>. (1fe2569)</li>
<li>macsec: Introduced <code>LinkMacSec</code>. (b9dd9d9)</li>
<li>Allow the user to specify their own socket. (6547f22)</li>
<li>Allow <code>TrafficGetFilterRequest</code> to get ingress or egress
filters. (45f9206)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Replace <code>impl TryStream</code> with <code>impl Stream</code>.
(513e8c3)</li>
<li>Fix android build. (3e270c6)</li>
<li>Should not set <code>NLM_F_EXCL</code> when deleting alt-name.
(7dd58dd)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/rtnetlink/blob/main/CHANGELOG">rtnetlink's
changelog</a>.</em></p>
<blockquote>
<h2>[0.18.1] - 2025-09-09</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>route: Support defining ECMP weight. (7fcba62)</li>
<li>route: Support defining ECMP flags. (18c4331)</li>
<li>route: allow IPv6 gateway in IPv4 route. (e1784a3)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
<h2>[0.18.0] - 2025-08-27</h2>
<h3>Breaking changes</h3>
<ul>
<li>Please check <code>netlink-packet-route</code> 0.25.0 breaking
changes.</li>
<li>Please check <code>netlink-packet-core</code> 0.8.0 breaking
changes.</li>
<li>Please check <code>netlink-proto</code> 0.12.0 breaking
changes.</li>
<li>Removed <code>rtnetlink::packet_utils</code>. (9373d77)</li>
</ul>
<h3>New features</h3>
<ul>
<li>ip: Introduced <code>AddressMessageBuilder</code>. (1fe2569)</li>
<li>macsec: Introduced <code>LinkMacSec</code>. (b9dd9d9)</li>
<li>Allow the user to specify their own socket. (6547f22)</li>
<li>Allow <code>TrafficGetFilterRequest</code> to get ingress or egress
filters. (45f9206)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Replace <code>impl TryStream</code> with <code>impl Stream</code>.
(513e8c3)</li>
<li>Fix android build. (3e270c6)</li>
<li>Should not set <code>NLM_F_EXCL</code> when deleting alt-name.
(7dd58dd)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e28f321f40"><code>e28f321</code></a>
New release 0.18.1</li>
<li><a
href="18c433148d"><code>18c4331</code></a>
rotue: Add <code>RouteNextHopBuilder::flags()</code></li>
<li><a
href="e1784a308b"><code>e1784a3</code></a>
route: allow IPv6 gateway in IPv4 route</li>
<li><a
href="7fcba62c1c"><code>7fcba62</code></a>
route: Support defining ECMP weight</li>
<li><a
href="e1184c005f"><code>e1184c0</code></a>
New release 0.18.0</li>
<li><a
href="9373d773d9"><code>9373d77</code></a>
Use latest rust-netlink crates</li>
<li><a
href="96d381efa8"><code>96d381e</code></a>
Fix cargo fmt and cargo clippy warnings</li>
<li><a
href="1fe25698f4"><code>1fe2569</code></a>
Create AddressMessageBuilder</li>
<li><a
href="6485710c84"><code>6485710</code></a>
Fix document code for Macsec</li>
<li><a
href="c7598bef13"><code>c7598be</code></a>
fix format</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-netlink/rtnetlink/compare/v0.17.0...v0.18.1">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [secrecy](https://github.com/iqlusioninc/crates) from 0.8.0 to
0.10.3.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/iqlusioninc/crates/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Bumps [proptest-state-machine](https://github.com/proptest-rs/proptest)
from 0.4.0 to 0.5.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2885bc2f3d"><code>2885bc2</code></a>
new releases for proptest, proptest-macro, and state-machine</li>
<li><a
href="a85563f3cc"><code>a85563f</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/584">#584</a>
from wojciech-graj/main</li>
<li><a
href="5331517f52"><code>5331517</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/596">#596</a>
from alexanderkjall/fix-arithmetic-overflow</li>
<li><a
href="157f3c083f"><code>157f3c0</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/595">#595</a>
from ebegumisa/main</li>
<li><a
href="02fa1fcc45"><code>02fa1fc</code></a>
changelog: add <a
href="https://redirect.github.com/proptest-rs/proptest/issues/595">#595</a></li>
<li><a
href="27fd76fbbc"><code>27fd76f</code></a>
fix for 32 bit processors</li>
<li><a
href="d1716ca7b4"><code>d1716ca</code></a>
Add <code>ReferenceStateMachine</code> arg to
<code>SystemUnderTest::teardown</code></li>
<li><a
href="ea4ddeb0a8"><code>ea4ddeb</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/594">#594</a>
from proptest-rs/attr-macro-preserve-arg-names</li>
<li><a
href="f80c1e6e8d"><code>f80c1e6</code></a>
fix shorthand struct initialization lint</li>
<li><a
href="b7590fa642"><code>b7590fa</code></a>
add new test for complex patterns</li>
<li>Additional commits viewable in <a
href="https://github.com/proptest-rs/proptest/compare/proptest-state-machine-0.4.0...proptest-state-machine-0.5.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [tokio-tungstenite](https://github.com/snapview/tokio-tungstenite)
from 0.27.0 to 0.28.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/snapview/tokio-tungstenite/blob/master/CHANGELOG.md">tokio-tungstenite's
changelog</a>.</em></p>
<blockquote>
<h1>0.28.0</h1>
<ul>
<li>Update <code>tungstenite</code> to <code>0.18.0</code>. See <a
href="https://github.com/snapview/tungstenite-rs/blob/master/CHANGELOG.md"><code>tungstenite</code>
release</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="35d110c24c"><code>35d110c</code></a>
Implement into_inner to get the underlying stream (<a
href="https://redirect.github.com/snapview/tokio-tungstenite/issues/367">#367</a>)</li>
<li><a
href="f3ae75d1de"><code>f3ae75d</code></a>
Update <code>tungstenite</code> version and fix bugs</li>
<li><a
href="25b544e43f"><code>25b544e</code></a>
Allow getting a reference to the shared inner stream (<a
href="https://redirect.github.com/snapview/tokio-tungstenite/issues/363">#363</a>)</li>
<li>See full diff in <a
href="https://github.com/snapview/tokio-tungstenite/compare/v0.27.0...v0.28.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[getsentry/action-release](https://github.com/getsentry/action-release)
from 3.2.0 to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/action-release/releases">getsentry/action-release's
releases</a>.</em></p>
<blockquote>
<h2>3.3.0</h2>
<h3>Various fixes & improvements</h3>
<ul>
<li>chore: pin cache action (<a
href="https://redirect.github.com/getsentry/action-release/issues/290">#290</a>)
by <a href="https://github.com/saibotk"><code>@saibotk</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/action-release/blob/master/CHANGELOG.md">getsentry/action-release's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>3.3.0</h2>
<h3>Various fixes & improvements</h3>
<ul>
<li>chore: pin cache action (<a
href="https://redirect.github.com/getsentry/action-release/issues/290">#290</a>)
by <a href="https://github.com/saibotk"><code>@saibotk</code></a></li>
<li>chore: Set docker tag for master [skip ci] (ae1d1cd5) by <a
href="https://github.com/getsantry"><code>@getsantry</code></a>[bot]</li>
</ul>
<h2>3.2.0</h2>
<h3>Various fixes & improvements</h3>
<ul>
<li>chore: Set docker tag for master [skip ci] (e8340952) by <a
href="https://github.com/getsantry"><code>@getsantry</code></a>[bot]</li>
<li>feat: Bump to node 20.19.2 (<a
href="https://redirect.github.com/getsentry/action-release/issues/284">#284</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
<li>chore: Set docker tag for master [skip ci] (ec695e24) by <a
href="https://github.com/getsantry"><code>@getsantry</code></a>[bot]</li>
</ul>
<h2>3.1.2</h2>
<ul>
<li>fix: Preserve existing Node version on macOS and Windows runners (<a
href="https://redirect.github.com/getsentry/action-release/issues/280">#280</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<h2>3.1.1</h2>
<ul>
<li>fix: Only pass <code>urlPrefix</code> to sentry-cli if it's not
empty (<a
href="https://redirect.github.com/getsentry/action-release/issues/275">#275</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<h2>3.1.0</h2>
<ul>
<li>feat: Add <code>release</code> and <code>release_prefix</code> in
favor of <code>version</code> and <code>version_prefix</code> (<a
href="https://redirect.github.com/getsentry/action-release/issues/273">#273</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<p>Input parameter <code>version</code> has been deprecated and will be
removed in a future version in favor of a newly introduced
<code>release</code> parameter.</p>
<p>Input parameter <code>version_prefix</code> has been deprecated and
will be removed in a future version in favor of a newly introduced
<code>release_prefix</code> parameter.</p>
<h2>3.0.0</h2>
<p>Version <code>3.0.0</code> contains breaking changes:</p>
<ul>
<li>feat(sourcemaps)!: Enable injecting debug ids by default (<a
href="https://redirect.github.com/getsentry/action-release/issues/272">#272</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<p>The action now automatically injects Debug IDs into your JavaScript
source files and source maps to ensure your stacktraces can be
properly un-minified.</p>
<p>This is a <strong>breaking change as it modifies your source
files</strong>. You can disable this behavior by setting <code>inject:
false</code>:</p>
<pre lang="yaml"><code>- uses: getsentry/action-release@v3
with:
environment: 'production'
sourcemaps: './dist'
inject: false
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4f502acc1d"><code>4f502ac</code></a>
release: 3.3.0</li>
<li><a
href="d0134c84e8"><code>d0134c8</code></a>
chore: pin cache action (<a
href="https://redirect.github.com/getsentry/action-release/issues/290">#290</a>)</li>
<li><a
href="ae1d1cd5d6"><code>ae1d1cd</code></a>
chore: Set docker tag for master [skip ci]</li>
<li><a
href="b81cc2efe1"><code>b81cc2e</code></a>
Merge branch 'release/3.2.0'</li>
<li>See full diff in <a
href="526942b682...4f502acc1d">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Upon moving the version string from PKG_VERSION and Cargo.toml, we lost
the bump version automation. To avoid more bugs here in the future, we
now check for the version marker across all Git-tracked files,
regardless of their extension.
Fixes#10748
---------
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Skip `setConfiguration()` IPC call when not in connected state; this was
observed as the root cause of the utun interface increments which we've
seen
recently.
Note: `utun` increments can still happen during other IPC calls when not
signed in,
notably during log export when signed out of Firezone. This is not a
major issue though,
as other IPC calls happen only as a result of user interaction between
network extension sleeps.
To fully get rid of the problem, we should address #10754.
To ensure we still are able to pass on configuration before sign in, we
are now
passing configuration directly in the startTunnel() options dictionary.
Fixes#10603
Setting `fail-fast: false` unsurprisingly makes our CI fail pretty
slowly. This is especially noticable in the merge queue where a
long-running job could still hold up the entire queue even though a
different job has failed already and the PR is never going to make it in
anyway.
To avoid this scenario, we set `fail-fast: true` whenever we are in the
merge queue.
Bumps [framer-motion](https://github.com/motiondivision/motion) from
12.23.18 to 12.23.22.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/motiondivision/motion/blob/main/CHANGELOG.md">framer-motion's
changelog</a>.</em></p>
<blockquote>
<h2>[12.23.22] 2025-09-25</h2>
<h3>Added</h3>
<ul>
<li>Exporting <code>HTMLElements</code> and <code>useComposedRefs</code>
type for internal use.</li>
</ul>
<h2>[12.23.21] 2025-09-24</h2>
<h3>Fixed</h3>
<ul>
<li>Fixing main-thread <code>scroll</code> with animations that contain
<code>delay</code>.</li>
</ul>
<h2>[12.23.20] 2025-09-24</h2>
<h3>Fixed</h3>
<ul>
<li>Suppress non-animatable value warning for instant animations.</li>
</ul>
<h2>[12.23.19] 2025-09-23</h2>
<h3>Fixed</h3>
<ul>
<li>Remove support for changing <code>ref</code> prop.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="833abbb5a7"><code>833abbb</code></a>
v12.23.22</li>
<li><a
href="41346e2af9"><code>41346e2</code></a>
Exporting HTMLElements</li>
<li><a
href="f469973999"><code>f469973</code></a>
Update README.md with Notion logo</li>
<li><a
href="5232c64895"><code>5232c64</code></a>
Update sponsor links and images in README</li>
<li><a
href="7d5ab4ba4f"><code>7d5ab4b</code></a>
Add Notion logo to Gold section</li>
<li><a
href="aae6399409"><code>aae6399</code></a>
Updating tests</li>
<li><a
href="0ef633e2e3"><code>0ef633e</code></a>
v12.23.21</li>
<li><a
href="28ea5f8d68"><code>28ea5f8</code></a>
Updating changelog</li>
<li><a
href="d941e3aea2"><code>d941e3a</code></a>
Merge pull request <a
href="https://redirect.github.com/motiondivision/motion/issues/3380">#3380</a>
from motiondivision/fix/return-total-duration</li>
<li><a
href="80288e54e2"><code>80288e5</code></a>
Replacing map with for loop</li>
<li>Additional commits viewable in <a
href="https://github.com/motiondivision/motion/compare/v12.23.18...v12.23.22">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.3 to
4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add note on runner versions by <a
href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1642">actions/cache#1642</a></li>
<li>Prepare <code>v4.3.0</code> release by <a
href="https://github.com/Link"><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1655">actions/cache#1655</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1642">actions/cache#1642</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.3.0">https://github.com/actions/cache/compare/v4...v4.3.0</a></p>
<h2>v4.2.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li>
<li>Upgrade <code>@actions/cache</code> to <code>4.0.5</code> and move
<code>@protobuf-ts/plugin</code> to dev depdencies by <a
href="https://github.com/Link"><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1634">actions/cache#1634</a></li>
<li>Prepare release <code>4.2.4</code> by <a
href="https://github.com/Link"><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1636">actions/cache#1636</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.2.4">https://github.com/actions/cache/compare/v4...v4.2.4</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.3.0</h3>
<ul>
<li>Bump <code>@actions/cache</code> to <a
href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li>
</ul>
<h3>4.2.4</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.5</li>
</ul>
<h3>4.2.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in
debug logs for cache entries)</li>
</ul>
<h3>4.2.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.2</li>
</ul>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0057852bfa"><code>0057852</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1655">#1655</a>
from actions/Link-/prepare-4.3.0</li>
<li><a
href="4f5ea67f1c"><code>4f5ea67</code></a>
Update licensed cache</li>
<li><a
href="9fcad95d03"><code>9fcad95</code></a>
Upgrade actions/cache to 4.1.0 and prepare 4.3.0 release</li>
<li><a
href="638ed79f9d"><code>638ed79</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1642">#1642</a>
from actions/GhadimiR-patch-1</li>
<li><a
href="3862dccb17"><code>3862dcc</code></a>
Add note on runner versions</li>
<li><a
href="0400d5f644"><code>0400d5f</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1636">#1636</a>
from actions/Link-/release-4.2.4</li>
<li><a
href="374a27f269"><code>374a27f</code></a>
Prepare release 4.2.4</li>
<li><a
href="358a7306cd"><code>358a730</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1634">#1634</a>
from actions/Link-/optimise-deps</li>
<li><a
href="2ee706ef74"><code>2ee706e</code></a>
Fix with another approach</li>
<li><a
href="94f7b5d913"><code>94f7b5d</code></a>
Fix bundle exec</li>
<li>Additional commits viewable in <a
href="5a3ec84eff...0057852bfa">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to
2.0.17.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/thiserror/releases">thiserror's
releases</a>.</em></p>
<blockquote>
<h2>2.0.17</h2>
<ul>
<li>Use differently named __private module per patch release (<a
href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="72ae716e6d"><code>72ae716</code></a>
Release 2.0.17</li>
<li><a
href="599fdce83a"><code>599fdce</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>
from dtolnay/private</li>
<li><a
href="9ec05f6b38"><code>9ec05f6</code></a>
Use differently named __private module per patch release</li>
<li><a
href="d2c492b549"><code>d2c492b</code></a>
Raise minimum tested compiler to rust 1.76</li>
<li><a
href="fc3ab9501d"><code>fc3ab95</code></a>
Opt in to generate-macro-expansion when building on docs.rs</li>
<li><a
href="819fe29dbb"><code>819fe29</code></a>
Update ui test suite to nightly-2025-09-12</li>
<li><a
href="259f48c549"><code>259f48c</code></a>
Enforce trybuild >= 1.0.108</li>
<li><a
href="470e6a681c"><code>470e6a6</code></a>
Update ui test suite to nightly-2025-08-24</li>
<li><a
href="544e191e6e"><code>544e191</code></a>
Update actions/checkout@v4 -> v5</li>
<li><a
href="cbc1ebad3e"><code>cbc1eba</code></a>
Delete duplicate cap-lints flag from build script</li>
<li>See full diff in <a
href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[github.com/getsentry/sentry-cocoa](https://github.com/getsentry/sentry-cocoa)
from 8.56.0 to 8.56.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-cocoa/releases">github.com/getsentry/sentry-cocoa's
releases</a>.</em></p>
<blockquote>
<h2>8.56.2</h2>
<blockquote>
<p>[!Warning]
Session Replay in this version does not correctly mask views when built
with Xcode 26 and running on iOS 26 with Liquid Glass, which may lead to
PII leaks. Please upgrade to 8.57.0 or later, which automatically
<strong>disables session replay</strong> in such environments.</p>
</blockquote>
<h3>Fixes</h3>
<ul>
<li>Fix crash from null UIApplication in SwiftUI apps (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6264">#6264</a>)</li>
</ul>
<h2>8.56.1</h2>
<blockquote>
<p>[!Warning]
This version can cause runtime crashes because the
<code>UIApplication.sharedApplication</code>/<code>NSApplication.sharedApplication</code>
is not yet available during SDK initialization, due to the changes in
[PR <a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5900">#5900</a>](<a
href="https://redirect.github.com/getsentry/sentry-cocoa/pull/5900">getsentry/sentry-cocoa#5900</a>),
released in <a
href="https://github.com/getsentry/sentry-cocoa/releases/tag/8.56.0">8.56.0</a>.</p>
</blockquote>
<blockquote>
<p>[!Warning]
Session Replay in this version does not correctly mask views when built
with Xcode 26 and running on iOS 26 with Liquid Glass, which may lead to
PII leaks. Please upgrade to 8.57.0 or later, which automatically
<strong>disables session replay</strong> in such environments.</p>
</blockquote>
<h3>Fixes</h3>
<ul>
<li>Fix potential app launch hang caused by the SentrySDK (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6181">#6181</a>)
Fixed by removing the call to <code>_dyld_get_image_header</code> on the
main thread.</li>
<li>Fix dynamic selector crash in SentryReplayRecording (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6211">#6211</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9e193ac0b7"><code>9e193ac</code></a>
release: 8.56.2</li>
<li><a
href="d1c491625f"><code>d1c4916</code></a>
test: Skip flaky user feedback UITests (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6289">#6289</a>)</li>
<li><a
href="9a32d525be"><code>9a32d52</code></a>
fix: Lazily access UIApplication.shared (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6264">#6264</a>)</li>
<li><a
href="2ec27000f0"><code>2ec2700</code></a>
chore(ci): Set iOS version for running Test Server unit tests (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6287">#6287</a>)</li>
<li><a
href="4be5cd8ec9"><code>4be5cd8</code></a>
ci: Extra test plan for test server unit tests (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6177">#6177</a>)</li>
<li><a
href="449d185f00"><code>449d185</code></a>
chore(deps): Update clang-format version (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6276">#6276</a>)</li>
<li><a
href="649265b71b"><code>649265b</code></a>
test: Skip AppHangTracking when debugger attached (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6242">#6242</a>)</li>
<li><a
href="7dabfb9176"><code>7dabfb9</code></a>
docs: Add warning to releases v8.56.0 and v8.56.1 (<a
href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6266">#6266</a>)</li>
<li><a
href="d8ceea3a0c"><code>d8ceea3</code></a>
Merge branch 'release/8.56.1'</li>
<li><a
href="a82041aad9"><code>a82041a</code></a>
release: 8.56.1</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-cocoa/compare/8.56.0...8.56.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.4 to
4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add note on runner versions by <a
href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1642">actions/cache#1642</a></li>
<li>Prepare <code>v4.3.0</code> release by <a
href="https://github.com/Link"><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1655">actions/cache#1655</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1642">actions/cache#1642</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.3.0">https://github.com/actions/cache/compare/v4...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.3.0</h3>
<ul>
<li>Bump <code>@actions/cache</code> to <a
href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li>
</ul>
<h3>4.2.4</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.5</li>
</ul>
<h3>4.2.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in
debug logs for cache entries)</li>
</ul>
<h3>4.2.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.2</li>
</ul>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0057852bfa"><code>0057852</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1655">#1655</a>
from actions/Link-/prepare-4.3.0</li>
<li><a
href="4f5ea67f1c"><code>4f5ea67</code></a>
Update licensed cache</li>
<li><a
href="9fcad95d03"><code>9fcad95</code></a>
Upgrade actions/cache to 4.1.0 and prepare 4.3.0 release</li>
<li><a
href="638ed79f9d"><code>638ed79</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1642">#1642</a>
from actions/GhadimiR-patch-1</li>
<li><a
href="3862dccb17"><code>3862dcc</code></a>
Add note on runner versions</li>
<li>See full diff in <a
href="0400d5f644...0057852bfa">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [quote](https://github.com/dtolnay/quote) from 1.0.40 to 1.0.41.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/quote/releases">quote's
releases</a>.</em></p>
<blockquote>
<h2>1.0.41</h2>
<ul>
<li>Improve compile error when repetition contains no interpolated value
that is an iterator (<a
href="https://redirect.github.com/dtolnay/quote/issues/302">#302</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="594c865ce8"><code>594c865</code></a>
Release 1.0.41</li>
<li><a
href="68956e650b"><code>68956e6</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/quote/issues/302">#302</a>
from dtolnay/hasiter</li>
<li><a
href="6a69784268"><code>6a69784</code></a>
Make diagnostic attribute conditional on compiler version</li>
<li><a
href="5f1924bd99"><code>5f1924b</code></a>
Tweak CheckHasIterator error message</li>
<li><a
href="c0adb26f41"><code>c0adb26</code></a>
Add diagnostic::on_unimplemented for no iterator in repetition</li>
<li><a
href="a1ddcab61b"><code>a1ddcab</code></a>
Combine HasIterator and ThereIsNoIteratorInRepetition to one type</li>
<li><a
href="bf48c854da"><code>bf48c85</code></a>
Switch to trait for checking iterator in repetition</li>
<li><a
href="d3b4777367"><code>d3b4777</code></a>
Update ui test suite to nightly-2025-09-27</li>
<li><a
href="3e6b04d98b"><code>3e6b04d</code></a>
Raise minimum tested compiler to rust 1.76</li>
<li><a
href="07deaaf89e"><code>07deaaf</code></a>
Opt in to generate-macro-expansion when building on docs.rs</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/quote/compare/1.0.40...1.0.41">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Currently, we launch the `required_check` right away with all others and
poll the GitHub API to see if all others have completed already. This
eats into our API quota.
An easier way to do the same thing is to declare a dependency of the
`required_check` onto all other jobs. Normally, this wouldn't work
because we skip certain jobs if the related files haven't been modified.
We can opt out of this default behaviour by telling GitHub to `always()`
run our job. That way, it naturally gets scheduled after all others,
even if some of the jobs have been skipped.
By default, Docker creates network interfaces with a txqueuelen of 1000.
This is pretty small and causes unnecessary packet drops when running
perf tests in that setup.
This comment breaks the multi-line command. The debian archive will be available from the APT repository so uploading that to the releases page is not actually necessary. We can still do it later if we want to though. For now, remove the comment to make the workflow work again.
To allow for better analysis of flow logs, we embed the resource name
and its address into the flow flogs. For the Internet Resource, the name
will be displayed as "Internet` and the address is either `0.0.0.0/0` or
`::/0` depending on the IP version of the packet. For CIDR resources,
the address is the subnet and for DNS resources, it is the domain
pattern.
Resolves: #10693
On clients prior to https://github.com/firezone/firezone/pull/10604,
sending `resource_created_or_updated` for a site change would cause a
panic. With the introduction of that PR, the portal can now send this
message without needing to "toggle" the resource first by sending
`resource_deleted`.
Fixes: #10593
This improves the secret handling inside `firezone-cli` by using the
`rpassword` crate to hide the token from stdin and using `secrecy` to
zeroize the memory afterwards. To make it easier to test locally, we add
a dry run mode for local testing, hidden behind the `FZ_DRY_RUN` env
variable.
With the refactoring coming up in #6294 we will be dropping production
support for JumpCloud directory sync.
In practice, this likely won't be an issue due to the better ergonomics
/ JIT provisioning that will be offered in the new system.
Related: #2701
Related: #6294
Related: #3115
Related: #7834
With this PR we add `cargo-deb` to our CI pipeline and build a debian
package for the Gateway. The debian package comes with several
configuration files that make it easy for admins to start and maintain a
Gateway installation:
- The embedded systemd unit file is essentially the same one as what we
currently install with the install script with some minor modifications.
- The token is read from `/etc/firezone/gateway-token` and passed as a
systemd credential. This allows us to set the permissions for this file
to `0400` and have it owned by `root:root`.
- The configuration is read from `/etc/firezone/gateway-env`.
- Both of these changes basically mean the user should never need to
touch the unit file itself.
- The `sysusers` configuration file ensures the `firezone` user and
group are present on the system.
- The `tmpfiles` configuration file ensures the necessary directories
are present.
All of the above is automatically installed and configured using the
post-installation script which is called by `apt` once the package is
installed.
In addition to the Gateway, we also package a first version of the
`firezone-cli`. Right now, `firezone-cli` (installed as `firezone`) has
three subcommands:
- `gateway authenticate`: Asks for the Gateway's token and installs it
at `/etc/firezone/gateway-token`. The user doesn't have to know how we
manage this token and can trust that we are using safe defaults.
- `gateway enable`: Enables and starts the systemd service.
- `gateway disable`: Disables the systemd service.
Right now, the `.deb` file is only uploaded to the preview APT
repository and not attached to the release. It should therefore not yet
be user-visible unless somebody pokes around a lot, meaning we can defer
documentation to a later PR and start testing it from the preview
repository for our own purposes.
Related: #10598Resolves: #8484Resolves: #10681
It is possible that our "roaming" integration test only ever connects
Client and Gateway over IPv6. In that case, the number of unique source
tuples after roaming is only 2 and not 3. To handle this case, we count
the number of IPv4 tuples and change the assertion accordingly.
In the current state, this causes test failures on `main`.
Currently, the default log level for both the Gateway and the headless
Client is actually `error` which basically means no logs at all. To
avoid having to create additional configuration as part of the Debian
packages, we set the default log level to `info`.
dependabot[bot]