mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 10:18:54 +00:00
bb089846d7809c026204eb579f6fca95aa76aa14
8201 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Jamil
|
bb089846d7 |
chore(portal): bump phoenix to 1.8 (#10510)
Bumps Phoenix to 1.8 and Phoenix LiveView to 1.1. As part of the bump a number of issues had to be addressed. Comments inline provide more context. Supersedes #10475 Supersedes #10448 |
||
|
Thomas Eizinger
|
5b60d9d64d |
fix(gui-client): don't stop service after upgrade on Fedora (#10539)
On Fedora, when a package gets upgraded, the new package is installed first, followed by the uninstall of the old package. As a result, the `prerm` script is called after the `postinst` script of the new package. In our `prerm` script, we stop the tunnel service. On package upgrades, this results in us stopping the tunnel service after installing the new package, confronting the user with an error that the tunnel service is not running. `rpm` passes arguments to these maintenance scripts. In the case of `prerm`, we receive the count of how many other instances of this packages are installed. To fix this bug, we check whether the first argument to the script is "1", meaning that we are being upgraded and should not stop the tunnel service. |
||
|
Jamil
|
d11bd14fce |
fix(ci): send PR swift builds to testflight (#10536)
Fixes a bug introduced in #8778 that disabled uploading release builds on PR runs to the App Store for TestFlight distribution. |
||
|
dependabot[bot]
|
e2e592301a |
build(deps): bump @fontsource-variable/source-sans-3 from 5.2.8 to 5.2.9 in /elixir/apps/web/assets (#10514)
Bumps [@fontsource-variable/source-sans-3](https://github.com/fontsource/font-files/tree/HEAD/fonts/variable/source-sans-3) from 5.2.8 to 5.2.9. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/fontsource/font-files/commits/HEAD/fonts/variable/source-sans-3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
f0726940c9 |
build(deps): bump actions/setup-node from 4.4.0 to 5.0.0 in /.github/actions/setup-node (#10530)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.4.0 to 5.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-node/releases">actions/setup-node's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <h3>Breaking Changes</h3> <ul> <li>Enhance caching in setup-node with automatic package manager detection by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/1348">actions/setup-node#1348</a></li> </ul> <p>This update, introduces automatic caching when a valid <code>packageManager</code> field is present in your <code>package.json</code>. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set <code>package-manager-cache: false</code></p> <pre lang="yaml"><code>steps: - uses: actions/checkout@v5 - uses: actions/setup-node@v5 with: package-manager-cache: false </code></pre> <ul> <li>Upgrade action to use node24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/1325">actions/setup-node#1325</a></li> </ul> <p>Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. <a href="https://github.com/actions/runner/releases/tag/v2.327.1">See Release Notes</a></p> <h3>Dependency Upgrades</h3> <ul> <li>Upgrade <code>@octokit/request-error</code> and <code>@actions/github</code> by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1227">actions/setup-node#1227</a></li> <li>Upgrade uuid from 9.0.1 to 11.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1273">actions/setup-node#1273</a></li> <li>Upgrade undici from 5.28.5 to 5.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1295">actions/setup-node#1295</a></li> <li>Upgrade form-data to bring in fix for critical vulnerability by <a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/1332">actions/setup-node#1332</a></li> <li>Upgrade actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1345">actions/setup-node#1345</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-node/pull/1348">actions/setup-node#1348</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-node/pull/1325">actions/setup-node#1325</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-node/compare/v4...v5.0.0">https://github.com/actions/setup-node/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
709ca25ba0 |
build(deps): bump actions/setup-python from 5.6.0 to 6.0.0 (#10528)
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.6.0 to 6.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-python/releases">actions/setup-python's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <h3>Breaking Changes</h3> <ul> <li>Upgrade to node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1164">actions/setup-python#1164</a></li> </ul> <p>Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. <a href="https://github.com/actions/runner/releases/tag/v2.327.1">See Release Notes</a></p> <h3>Enhancements:</h3> <ul> <li>Add support for <code>pip-version</code> by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1129">actions/setup-python#1129</a></li> <li>Enhance reading from .python-version by <a href="https://github.com/krystof-k"><code>@krystof-k</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/787">actions/setup-python#787</a></li> <li>Add version parsing from Pipfile by <a href="https://github.com/aradkdj"><code>@aradkdj</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1067">actions/setup-python#1067</a></li> </ul> <h3>Bug fixes:</h3> <ul> <li>Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1183">actions/setup-python#1183</a></li> <li>Change missing cache directory error to warning by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1182">actions/setup-python#1182</a></li> <li>Add Architecture-Specific PATH Management for Python with --user Flag on Windows by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1122">actions/setup-python#1122</a></li> <li>Include python version in PyPy python-version output by <a href="https://github.com/cdce8p"><code>@cdce8p</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1110">actions/setup-python#1110</a></li> <li>Update docs: clarification on pip authentication with setup-python by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1156">actions/setup-python#1156</a></li> </ul> <h3>Dependency updates:</h3> <ul> <li>Upgrade idna from 2.9 to 3.7 in /<strong>tests</strong>/data by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-python/pull/843">actions/setup-python#843</a></li> <li>Upgrade form-data to fix critical vulnerabilities <a href="https://redirect.github.com/actions/setup-python/issues/182">#182</a> & <a href="https://redirect.github.com/actions/setup-python/issues/183">#183</a> by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1163">actions/setup-python#1163</a></li> <li>Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1165">actions/setup-python#1165</a></li> <li>Upgrade actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-python/pull/1181">actions/setup-python#1181</a></li> <li>Upgrade <code>@actions/tool-cache</code> from 2.0.1 to 2.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-python/pull/1095">actions/setup-python#1095</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/krystof-k"><code>@krystof-k</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/787">actions/setup-python#787</a></li> <li><a href="https://github.com/cdce8p"><code>@cdce8p</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/1110">actions/setup-python#1110</a></li> <li><a href="https://github.com/aradkdj"><code>@aradkdj</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/1067">actions/setup-python#1067</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-python/compare/v5...v6.0.0">https://github.com/actions/setup-python/compare/v5...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
8ccf8b90bc |
chore(tests): remove comments from regression seeds file (#10534)
Whilst the regression seeds file itself is useful to have a fixed set of tests that are always run, the comments what a specific seed samples to quickly get outdated as the test suite evolves. Therefore, we remove the comments to not confuse developers. |
||
|
Thomas Eizinger
|
1140f6ffa3 |
feat(clients): cache DNS responses (#10533)
Firezone Clients set themselves as the system-wide DNS resolver on startup. This is necessary to intercept queries for DNS resources which resolve to proxy IPs whilst Firezone is active. All DNS queries for non-resources are forwarded to either the resolver defined on the system or the ones defined in the portal (if any). These DNS servers can also be CIDR resources in which cases the queries get forwarded through the tunnel to a Gateway. Right now, the responses from these DNS servers are never cached. DNS is pretty heavily relied on on most systems and having DNS fail or be slow usually results in a bad user experience. To improve on this, we embed a small DNS cache into connlib where for each query, we first try to answer it from the cache. Queries otherwise forwarded to the system/upstream resolver or through the tunnel will see a much improved response time with this change. When serving responses from this cache, the TTL is decremented automatically based on how much time has passed since the entry was first added to the cache. Outside of the response time being ~1ms, this makes the cache fully transparent. Resolves: #10508 |
||
|
Thomas Eizinger
|
8fc2ef8ad1 |
fix(clients): set Internet Resource state on startup (#10509)
Building on top of #10507, setting the initial Internet Resource state is a piece of cake. All we need to do is thread a boolean variable through to all call-sites of `Session::connect`. Without the need for the Internet Resource's ID, we can simply pass in the boolean that is saved in the configuration of each client. Resolves: #10255 |
||
|
Thomas Eizinger
|
36dfee2c42 |
refactor(connlib): explicitly enable/disable Internet Resource (#10507)
Instead of the generic "disable any kind of resource"-functionality that connlib currently exposes, we now provide an API to only enable / disable the Internet Resource. This is a lot simpler to deal with and reason about than the previous system, especially when it comes to the proptests. Those need to model connlib's behaviour correctly across its entire API surface which makes them unnecessarily complex if we only ever use the `set_disabled_resources` API with a single resource. In preparation for #4789, I want to extend the proptests to cover traffic filters (#7126). This will make them a fair bit more complicated, so any prior removal of complexity is appreciated. Simplifying the implementation here is also a good starting point to fix #10255. Not implicitly enabling the Internet Resource when it gets added should be quite simple after this change. Finally, resolving #8885 should also be quite easy. We just need to store the state of the Internet Resource once per API URL instead of globally. Resolves: #8404 --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Thomas Eizinger
|
4ef827b611 |
ci: revise Rust caching configuration (#10512)
We primarily rely on sccache for speeding up our Rust builds. The `setup-rust-toolchain` action configures `rust-cache` in addition but tries to set it up for the root of the repository which doesn't work in our scenario. It is also unnecessary to set up additional caching for the `target` directory because we use `sccache` anyway. sccache only caches compile artifacts but it can also be beneficial to cache the downloaded Rust sources. Those aren't very big so we use the `rust-cache` action for that but disable the `target` cache. This config option isn't forwarded by `setup-rust-toolchain` so we disable its cache integration and use `rust-cache` directly. |
||
|
dependabot[bot]
|
900186cd63 |
build(deps): bump github.com/getsentry/sentry-cocoa from 8.55.0 to 8.55.1 in /swift/apple/FirezoneKit (#10518)
Bumps [github.com/getsentry/sentry-cocoa](https://github.com/getsentry/sentry-cocoa) from 8.55.0 to 8.55.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-cocoa/releases">github.com/getsentry/sentry-cocoa's releases</a>.</em></p> <blockquote> <h2>8.55.1</h2> <h3>Features</h3> <h3>Fixes</h3> <ul> <li>Fix macOS's frameworks not following the versioned framework structure (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/6049">#6049</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
531a84268f |
fix(connlib): always process all errors from tunnel (#10500)
In #10347, we made sure that we always return all errors that happen during a single tick of the event-loop. What we overlooked is that as part of handling the errors, we need to use `continue` to jump to the next one instead of returning directly from the function. Signed-off-by: Thomas Eizinger <thomas@eizinger.io> |
||
|
dependabot[bot]
|
e3382a991f |
build(deps): bump com.diffplug.spotless from 7.0.4 to 8.0.0 in /kotlin/android (#10517)
Bumps com.diffplug.spotless from 7.0.4 to 8.0.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
9d37dda8af |
build(deps): bump @mdx-js/loader from 3.1.0 to 3.1.1 in /website (#10515)
Bumps [@mdx-js/loader](https://github.com/mdx-js/mdx/tree/HEAD/packages/loader) from 3.1.0 to 3.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mdx-js/mdx/releases"><code>@mdx-js/loader</code>'s releases</a>.</em></p> <blockquote> <h2>3.1.1</h2> <h4>Fix</h4> <ul> <li>3cad7d7e <code>@mdx-js/mdx</code>: add dependency on <code>acorn</code></li> <li>0dc4472f <code>@mdx-js/esbuild</code>: fix crash with esbuild loader and <code>jsx</code> option by <a href="https://github.com/egnor"><code>@egnor</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2593">mdx-js/mdx#2593</a></li> <li>84ec66ef <code>@mdx-js/esbuild</code>: refactor to improve error conversion in esbuild by <a href="https://github.com/egnor"><code>@egnor</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2595">mdx-js/mdx#2595</a></li> <li>2b3381a8 <code>@mdx-js/rollup</code>: fix support for query parameters in Vite by <a href="https://github.com/markdalgleish"><code>@markdalgleish</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2629">mdx-js/mdx#2629</a></li> </ul> <h4>Types</h4> <ul> <li>933ab444 <code>@mdx-js/mdx</code>: add <code>attributes</code> to export/import declarations</li> </ul> <h4>Docs</h4> <ul> <li>c156a1f6 Add <code>rehype-mdx-toc</code> to list of plugin by <a href="https://github.com/boning-w"><code>@boning-w</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2622">mdx-js/mdx#2622</a></li> <li>913659c8 Add <code>recma-module-to-function</code> to list of plugins by <a href="https://github.com/remcohaszing"><code>@remcohaszing</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2605">mdx-js/mdx#2605</a></li> <li>67fb1d07 Remove unneeded JSX type casting in docs, tests</li> <li>f0d20da8 Remove local use of <code>JSX</code> by <a href="https://github.com/remcohaszing"><code>@remcohaszing</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2604">mdx-js/mdx#2604</a></li> <li>63f39cea Remove references to twitter</li> <li>35ac59dd Refactor some docs regarding recma plugins</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/mdx-js/mdx/compare/3.1.0...3.1.1">https://github.com/mdx-js/mdx/compare/3.1.0...3.1.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ba0ee986c5 |
build(deps): bump net.java.dev.jna:jna from 5.17.0 to 5.18.1 in /kotlin/android (#10523)
Bumps [net.java.dev.jna:jna](https://github.com/java-native-access/jna) from 5.17.0 to 5.18.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/java-native-access/jna/blob/master/CHANGES.md">net.java.dev.jna:jna's changelog</a>.</em></p> <blockquote> <h1>Release 5.18.1</h1> <h2>Bug Fixes</h2> <ul> <li><a href="https://redirect.github.com/java-native-access/jna/issues/1686">#1686</a>: Fix <code>sortFields</code> race condition while getting fields - <a href="https://github.com/bendk"><code>@bendk</code></a>.</li> </ul> <h1>Release 5.18.0</h1> <h2>Features</h2> <ul> <li><a href="https://redirect.github.com/java-native-access/jna/pull/1671">#1671</a>: Add <code>isRISCV</code> to <code>c.s.j.Platform</code> - <a href="https://github.com/Glavo"><code>@Glavo</code></a>.</li> <li><a href="https://redirect.github.com/java-native-access/jna/pull/1672">#1672</a>: Add <code>CFLocale</code>, <code>CFLocaleCopyCurrent</code>, <code>CFCFDateFormatter</code>, <code>CFDateFormatterStyle</code>, <code>CFDateFormatterCreate</code> and <code>CFDateFormatterGetFormat</code> to <code>c.s.j.p.mac.CoreFoundation</code> - <a href="https://github.com/dbwiddis"><code>@dbwiddis</code></a>.</li> <li><a href="https://redirect.github.com/java-native-access/jna/pull/1669">#1669</a>: Document requirement for running on JDK 24+ - <a href="https://github.com/matthiasblaesing"><code>@matthiasblaesing</code></a>.</li> </ul> <h2>Bug Fixes</h2> <ul> <li><a href="https://redirect.github.com/java-native-access/jna/issues/1681">#1681</a>: Fix deadlock in Structure constructor introduced in 5.16.0 - <a href="https://github.com/brettwooldridge"><code>@brettwooldridge</code></a>.</li> <li><a href="https://redirect.github.com/java-native-access/jna/pull/1683">#1683</a>: Fix native build error on Xcode 16.3 / Apple Clang 17 - <a href="https://github.com/brettwooldridge"><code>@brettwooldridge</code></a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
b26af3f60a |
build(deps): bump mixpanel-browser from 2.69.1 to 2.70.0 in /website (#10521)
Bumps [mixpanel-browser](https://github.com/mixpanel/mixpanel-js) from 2.69.1 to 2.70.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mixpanel/mixpanel-js/releases">mixpanel-browser's releases</a>.</em></p> <blockquote> <h2>v2.8.0: misc. improvements</h2> <ul> <li><code>track_links()</code> and <code>track_forms()</code> can now take raw elements or element lists in addition to query selectors</li> <li>add <code>reset()</code> method to handle logout flow (thanks <a href="https://github.com/stefansedich"><code>@stefansedich</code></a>)</li> <li>catch exceptions during <code>_send_request()</code> (thanks <a href="https://github.com/feychenie"><code>@feychenie</code></a>)</li> <li>fix user agent detection/reporting for Chrome iOS and Firefox iOS</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mixpanel/mixpanel-js/blob/master/CHANGELOG.md">mixpanel-browser's changelog</a>.</em></p> <blockquote> <p><strong>2.70.0</strong> (4 Sep 2025)</p> <ul> <li>Feature flags requests now send params on query string with GET instead of POST for easier caching</li> </ul> <p><strong>2.68.0</strong> (11 Aug 2025)</p> <ul> <li>Initial rage-click detection support</li> <li>Block <code><audio></code> tags by default in Session Recording</li> <li>Add <code>flags.update_context()</code> method for updating context variables and refetching variants</li> </ul> <p><strong>2.67.0</strong> (17 Jul 2025)</p> <ul> <li>Use <code>get_api_host()</code> consistently across the SDK</li> <li>Include <code>device_id</code> in default Feature Flag context</li> <li>Track latency props in <code>$experiment_started</code> event</li> <li>Fix async behavior in <code>mixpanel.reset()</code> when a session recording is active</li> <li>Fix recorder integration test race conditions</li> </ul> <p><strong>2.66.0</strong> (8 Jul 2025)</p> <ul> <li>Add <code>api_host</code> configuration option to support different hosts/proxies for different endpoints (thanks <a href="https://github.com/chrisknu"><code>@chrisknu</code></a>)</li> <li>Add types.d.ts from existing public repo</li> <li>Fix race condition when calling <code>mixpanel.reset()</code> while a session recording is active</li> </ul> <p><strong>2.65.0</strong> (20 May 2025)</p> <ul> <li><code>mixpanel.people.track_charge()</code> (deprecated) no longer sets profile property</li> <li>Adds page height and width tracking to autocapture click tracking</li> <li>Session recording now stops when mixpanel.reset() is called</li> <li>Support for adding arbitrary query string params to tracking requests (thanks <a href="https://github.com/dylan-asos"><code>@dylan-asos</code></a>)</li> <li>Feature flagging API revisions</li> <li>Whale Browser detection</li> </ul> <p><strong>2.64.0</strong> (15 Apr 2025)</p> <ul> <li>Add <code>record_heatmap_data</code> init option for Session Recording to ensure click events are captured for Heat Maps</li> <li>Initial support for feature flagging</li> </ul> <p><strong>2.63.0</strong> (1 Apr 2025)</p> <ul> <li>Update rrweb to latest alpha version</li> <li>Refactor SDK build process to rely mainly on Rollup</li> </ul> <p><strong>2.62.0</strong> (26 Mar 2025)</p> <ul> <li>Replace UUID generator with UUIDv4 (using native API when available)</li> <li>Consistently use native JSON serialization when available</li> <li>Fix for session recording idle timeout race condition</li> </ul> <p><strong>2.61.2</strong> (14 Mar 2025)</p> <ul> <li>Revert 10ms throttle on enqueueing events to improve tracking reliability on page unload</li> </ul> <p><strong>2.61.1</strong> (11 Mar 2025)</p> <ul> <li>Session recording stops if initial DOM snapshot fails</li> <li>Errors triggered by rrweb's record function are now caught</li> <li>Fix for issue causing opt-out check error messages in <code>debug</code> mode</li> </ul> <p><strong>2.61.0</strong> (6 Mar 2025)</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/mixpanel/mixpanel-js/commits/v2.70.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
ce7870ac96 |
build(deps): bump com.google.android.gms:play-services-tasks from 18.3.0 to 18.4.0 in /kotlin/android (#10524)
Bumps com.google.android.gms:play-services-tasks from 18.3.0 to 18.4.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
c34d316a7d |
build(deps): bump tailwindcss from 3.4.17 to 3.4.18 in /website (#10520)
Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) from 3.4.17 to 3.4.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/releases">tailwindcss's releases</a>.</em></p> <blockquote> <h2>v3.4.18</h2> <h3>Fixed</h3> <ul> <li>Improve support for raw <code>supports-[…]</code> queries in arbitrary values (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/13605">#13605</a>)</li> <li>Fix <code>require.cache</code> error when loaded through a TypeScript file in Node 22.18+ (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18665">#18665</a>)</li> <li>Support <code>import.meta.resolve(…)</code> in configs for new enough Node.js versions (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18938">#18938</a>)</li> <li>Allow using newer versions of <code>postcss-load-config</code> for better ESM and TypeScript PostCSS config support with the CLI (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18938">#18938</a>)</li> <li>Remove irrelevant utility rules when matching important classes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19030">#19030</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md">tailwindcss's changelog</a>.</em></p> <blockquote> <h2>[3.4.18] - 2024-10-01</h2> <h3>Fixed</h3> <ul> <li>Improve support for raw <code>supports-[…]</code> queries in arbitrary values (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/13605">#13605</a>)</li> <li>Fix <code>require.cache</code> error when loaded through a TypeScript file in Node 22.18+ (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18665">#18665</a>)</li> <li>Support <code>import.meta.resolve(…)</code> in configs for new enough Node.js versions (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18938">#18938</a>)</li> <li>Allow using newer versions of <code>postcss-load-config</code> for better ESM and TypeScript PostCSS config support with the CLI (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18938">#18938</a>)</li> <li>Remove irrelevant utility rules when matching important classes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19030">#19030</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/tailwindlabs/tailwindcss/commits/v3.4.18/packages/tailwindcss">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
a2dd1c7941 |
build(deps): bump androidx.test:runner from 1.6.2 to 1.7.0 in /kotlin/android (#10522)
Bumps androidx.test:runner from 1.6.2 to 1.7.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Thomas Eizinger
|
a1b2ca195c |
ci(apple): explicitly select Xcode 26.0 (#10511)
In order to build the iOS app with the Xcode version that is installed on the GitHub runners, we need to select the Xcode version by major and minor version. Currently, the iOS builds are failing because Xcode 26.1 also exists but iOS 26.1 isn't supported (or released?). See https://github.com/firezone/firezone/actions/runs/18239282351/job/51938727311. |
||
|
dependabot[bot]
|
c12f80f6d6 |
build(deps): bump androidx.security:security-crypto from 1.1.0-beta01 to 1.1.0 in /kotlin/android (#10481)
Bumps androidx.security:security-crypto from 1.1.0-beta01 to 1.1.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Thomas Eizinger
|
e9e8792512 |
feat(connlib): tune down logs for recently disconnected clients (#10501)
When a Client disconnects from a Gateway, we might still be receiving packets that are either in-flight or are still being sent by the resource. For some amount of time after a disconnect, this is expected and not worth logging a warning for. With this PR, we define this time to be 60s. If we cannot look up a connection either by ID, session index or public key but the peer has disconnected within the last 60s, we will now only print a DEBUG log instead of a WARN. Resolves: #10175 |
||
|
Thomas Eizinger
|
2cc13cea24 |
refactor(connlib): set ECN bits directly on Transmit (#10497)
Instead of mirroring the ECN bits of an IP packet on the resulting UDP packet in the event-loop, we can extend `Transmit` with an `ecn` field and directly set it every time we construct a `Transmit`, mirroring the ECN bits from the inner IP packet if the UDP packet contains an encapsulated IP packet. Extracted from #10485 |
||
|
Thomas Eizinger
|
0d61cacb08 |
ci: add 20% jitter in test environment (#10504)
To simulate the real-world more accurately, we add a 20% jitter to the specified latency on the router containers. |
||
|
Thomas Eizinger
|
881514edfc |
fix(connlib): log fragmented IP packets on debug (#10488)
When an application sends UDP packets that are larger than the MTU of the underlying interface, the kernel fragments the packet at the IP level. Firezone does not support fragmented IP packets because we need to pack each IP packet into a UDP packet. Right now, we don't check for fragmented IP packets which results in packet parsing errors because the slice we are trying to parse the packet from is not long enough. To avoid spamming Sentry in these cases, we explicitly check for fragmented IP packets and only log those on DEBUG. Resolves: #10335 |
||
|
dependabot[bot]
|
815add151f |
build(deps): bump zbus from 5.9.0 to 5.11.0 in /rust (#10453)
Bumps [zbus](https://github.com/dbus2/zbus) from 5.9.0 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dbus2/zbus/releases">zbus's releases</a>.</em></p> <blockquote> <h2>🔖 zbus 5.11.0</h2> <ul> <li>✨ API to specify timeouts for method calls. Add a way to specify an timeout for method calls. If set, the method calls will timeout after the specified duration, returning an error. This can be used to handle the issues with non-answering D-Bus services.</li> <li>🩹 Add <code>connection::socket::Split::new</code> method, allowing <code>Socket</code> trait impls outside zbus.</li> <li>📝 Mention receive_X_changes in <code>proxy</code> docs.</li> </ul> <h2>🔖 zbus 5.10.0</h2> <ul> <li>✨ Property stream will now first yield the current value.</li> <li>🐛 Fall back to no groups rather than erroring out for peer creds.</li> <li>📝 Fix wrong documentation in blocking <code>Proxy</code> methods.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Mariusz Klochowicz
|
13851c8fd7 |
chore: bump Xcode version (#10499)
Use latest Xcode 26.0, which is now officially available on the same macos-15 runner. |
||
|
dependabot[bot]
|
de33774183 |
build(deps): bump sentry from 11.0.2 to 11.0.3 in /elixir (#10477)
Bumps [sentry](https://github.com/getsentry/sentry-elixir) from 11.0.2 to 11.0.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-elixir/releases">sentry's releases</a>.</em></p> <blockquote> <h2>11.0.3</h2> <h4>Various improvements</h4> <ul> <li>Allow any version of opentelemetry deps and verify minimum versions internally - this makes it possible to use <code>sentry</code> <em>with tracing disabled</em> along with older versions of opentelemetry deps (<a href="https://redirect.github.com/getsentry/sentry-elixir/pull/931">#931</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-elixir/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>11.0.3</h2> <h4>Various improvements</h4> <ul> <li>Allow any version of opentelemetry deps and verify minimum versions internally - this makes it possible to use <code>sentry</code> <em>with tracing disabled</em> along with older versions of opentelemetry deps (<a href="https://redirect.github.com/getsentry/sentry-elixir/pull/931">#931</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
06f02a809f |
build(deps): bump @mdx-js/react from 3.1.0 to 3.1.1 in /website (#10479)
Bumps [@mdx-js/react](https://github.com/mdx-js/mdx/tree/HEAD/packages/react) from 3.1.0 to 3.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mdx-js/mdx/releases"><code>@mdx-js/react</code>'s releases</a>.</em></p> <blockquote> <h2>3.1.1</h2> <h4>Fix</h4> <ul> <li>3cad7d7e <code>@mdx-js/mdx</code>: add dependency on <code>acorn</code></li> <li>0dc4472f <code>@mdx-js/esbuild</code>: fix crash with esbuild loader and <code>jsx</code> option by <a href="https://github.com/egnor"><code>@egnor</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2593">mdx-js/mdx#2593</a></li> <li>84ec66ef <code>@mdx-js/esbuild</code>: refactor to improve error conversion in esbuild by <a href="https://github.com/egnor"><code>@egnor</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2595">mdx-js/mdx#2595</a></li> <li>2b3381a8 <code>@mdx-js/rollup</code>: fix support for query parameters in Vite by <a href="https://github.com/markdalgleish"><code>@markdalgleish</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2629">mdx-js/mdx#2629</a></li> </ul> <h4>Types</h4> <ul> <li>933ab444 <code>@mdx-js/mdx</code>: add <code>attributes</code> to export/import declarations</li> </ul> <h4>Docs</h4> <ul> <li>c156a1f6 Add <code>rehype-mdx-toc</code> to list of plugin by <a href="https://github.com/boning-w"><code>@boning-w</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2622">mdx-js/mdx#2622</a></li> <li>913659c8 Add <code>recma-module-to-function</code> to list of plugins by <a href="https://github.com/remcohaszing"><code>@remcohaszing</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2605">mdx-js/mdx#2605</a></li> <li>67fb1d07 Remove unneeded JSX type casting in docs, tests</li> <li>f0d20da8 Remove local use of <code>JSX</code> by <a href="https://github.com/remcohaszing"><code>@remcohaszing</code></a> in <a href="https://redirect.github.com/mdx-js/mdx/pull/2604">mdx-js/mdx#2604</a></li> <li>63f39cea Remove references to twitter</li> <li>35ac59dd Refactor some docs regarding recma plugins</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/mdx-js/mdx/compare/3.1.0...3.1.1">https://github.com/mdx-js/mdx/compare/3.1.0...3.1.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
b4fae701ec |
ci: silence 429s errors in link checker (#10495)
Until https://github.com/lycheeverse/lychee/pull/1844 is shipped, we silence 429s as valid status codes whenever links are being checked by lychee. |
||
|
Thomas Eizinger
|
cfbdc30123 |
refactor(connlib): move log into state (#10498)
Instead of logging this inside the event-loop, it is better to move it into the corresponding handler function to free up the event-loop from as much "logic" as possible. It should ideally only be concerned with linking the state machine with the IO components that actually cause the side-effects. |
||
|
dependabot[bot]
|
2bc6fb2dea |
build(deps-dev): bump typescript from 5.8.3 to 5.9.2 in /website (#10480)
Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.8.3 to 5.9.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/microsoft/TypeScript/releases">typescript's releases</a>.</em></p> <blockquote> <h2>TypeScript 5.9</h2> <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-9/">release announcement</a></p> <ul> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.9.0%22+is%3Aclosed+">fixed issues query for Typescript 5.9.0 (Beta)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.9.1%22+is%3Aclosed+">fixed issues query for Typescript 5.9.1 (RC)</a>.</li> <li><em>No specific changes for TypeScript 5.9.2 (Stable)</em></li> </ul> <p>Downloads are available on:</p> <ul> <li><a href="https://www.npmjs.com/package/typescript">npm</a></li> </ul> <h2>TypeScript 5.9 RC</h2> <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-9-rc/">release announcement</a></p> <ul> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.9.0%22+is%3Aclosed+">fixed issues query for Typescript 5.9.0 (Beta)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.9.1%22+is%3Aclosed+">fixed issues query for Typescript 5.9.1 (RC)</a>.</li> </ul> <p>Downloads are available on:</p> <ul> <li><a href="https://www.npmjs.com/package/typescript">npm</a></li> </ul> <h2>TypeScript 5.9 Beta</h2> <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-9-beta/">release announcement</a>.</p> <ul> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.9.0%22+is%3Aclosed+">fixed issues query for Typescript 5.9.0 (Beta)</a>.</li> </ul> <p>Downloads are available on:</p> <ul> <li><a href="https://www.npmjs.com/package/typescript">npm</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
e1c6bb84c3 |
build(deps): bump open_api_spex from 3.21.5 to 3.22.0 in /elixir (#10482)
Bumps [open_api_spex](https://github.com/open-api-spex/open_api_spex) from 3.21.5 to 3.22.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/open-api-spex/open_api_spex/releases">open_api_spex's releases</a>.</em></p> <blockquote> <h2>v3.22.0</h2> <h2>What's Changed</h2> <ul> <li>Support multiple apps in Plug.SwaggerUI by <a href="https://github.com/zorbash"><code>@zorbash</code></a> in <a href="https://redirect.github.com/open-api-spex/open_api_spex/pull/676">open-api-spex/open_api_spex#676</a></li> <li>Validate keys given to operation/2 macro by <a href="https://github.com/xxdavid"><code>@xxdavid</code></a> in <a href="https://redirect.github.com/open-api-spex/open_api_spex/pull/675">open-api-spex/open_api_spex#675</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/xxdavid"><code>@xxdavid</code></a> made their first contribution in <a href="https://redirect.github.com/open-api-spex/open_api_spex/pull/675">open-api-spex/open_api_spex#675</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/open-api-spex/open_api_spex/compare/v3.21.5...v3.22.0">https://github.com/open-api-spex/open_api_spex/compare/v3.21.5...v3.22.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/open-api-spex/open_api_spex/blob/master/CHANGELOG.md">open_api_spex's changelog</a>.</em></p> <blockquote> <h2>v3.22.0 - 2025-08-05</h2> <ul> <li>Support multiple apps in Plug.SwaggerUI by <a href="https://github.com/zorbash"><code>@zorbash</code></a> in <a href="https://redirect.github.com/open-api-spex/open_api_spex/pull/676">open-api-spex/open_api_spex#676</a></li> <li>Validate keys given to operation/2 macro by <a href="https://github.com/xxdavid"><code>@xxdavid</code></a> in <a href="https://redirect.github.com/open-api-spex/open_api_spex/pull/675">open-api-spex/open_api_spex#675</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
f825995fc3 |
build(deps): bump github.com/getsentry/sentry-cocoa from 8.49.0 to 8.55.0 in /swift/apple/FirezoneKit (#10496)
Bumps [github.com/getsentry/sentry-cocoa](https://github.com/getsentry/sentry-cocoa) from 8.49.0 to 8.55.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-cocoa/releases">github.com/getsentry/sentry-cocoa's releases</a>.</em></p> <blockquote> <h2>8.55.0</h2> <blockquote> <p>[!Important] Xcode 26 no longer allows individual frameworks to contain arm64e slices anymore if the main binary doesn't contain them. We have decided to split the Dynamic variant and Sentry-WithoutUIKitOrAppKit of Sentry into two variants:</p> <ul> <li><code>Sentry-Dynamic</code>: Without ARM64e</li> <li><code>Sentry-Dynamic-WithARM64e</code>: <em>With</em> ARM64e slice</li> <li><code>Sentry-WithoutUIKitOrAppKit</code>: Without ARM64e</li> <li><code>Sentry-WithoutUIKitOrAppKit-WithARM64e</code>: <em>With</em> ARM64e slice</li> </ul> <p>If your app does not need arm64e, you don't need to make any changes. But if your app <em>needs arm64e</em> please use <code>Sentry-Dynamic-WithARM64e</code> or <code>Sentry-WithoutUIKitOrAppKit-WithARM64e</code> from 8.55.0 so you don't have issues uploading to the App Store.</p> </blockquote> <h3>Features</h3> <ul> <li>Add a new prebuilt framework with arm64e and remove it from the regular one (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5788">#5788</a>)</li> <li>Add <code>beforeSendLog</code> callback to <code>SentryOptions</code> (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5678">#5678</a>)</li> <li>Structured Logs: Flush logs on SDK flush/close (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5834">#5834</a>)</li> <li>Add a new prebuilt framework with ARM64e for WithoutUIKitOrAppKit (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5897">#5897</a>)</li> <li>Add source context and vars fields to SentryFrame (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5853">#5853</a>)</li> </ul> <h3>Fixes</h3> <ul> <li>Add support for PDFKit views in session replay (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5750">#5750</a>)</li> <li>Fix Infinite Session Replay Processing Loop (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5765">#5765</a>)</li> <li>Fix memory leak in SessionReplayIntegration (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5770">#5770</a>)</li> <li>Fix reporting of energy used while profiling (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5768">#5768</a>)</li> <li>Fixed a build error in <code>SentryFeedback.swift</code> when building with cocoapods on Xcode 14.2 (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5917">#5917</a>)</li> <li>Fix linking against Sentry on an app extension (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5813">#5813</a>)</li> </ul> <h2>8.54.1-alpha.2</h2> <blockquote> <p>[!Important] Xcode 26 no longer allows individual frameworks to contain arm64e slices anymore if the main binary doesn't contain them. We have decided to split the Dynamic variant and Sentry-WithoutUIKitOrAppKit of Sentry into two variants:</p> <ul> <li><code>Sentry-Dynamic</code>: Without ARM64e</li> <li><code>Sentry-Dynamic-WithARM64e</code>: <em>With</em> ARM64e slice</li> <li><code>Sentry-WithoutUIKitOrAppKit</code>: Without ARM64e</li> <li><code>Sentry-WithoutUIKitOrAppKit-WithARM64e</code>: <em>With</em> ARM64e slice</li> </ul> <p>If your app does not need arm64e, you don't need to make any changes. But if your app <em>needs arm64e</em> please use <code>Sentry-Dynamic-WithARM64e</code> or <code>Sentry-WithoutUIKitOrAppKit-WithARM64e</code> from 8.55.0 so you don't have issues uploading to the App Store.</p> </blockquote> <h3>Features</h3> <ul> <li>Structured Logs: Flush logs on SDK flush/close (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5834">#5834</a>)</li> <li>Add a new prebuilt framework with ARM64e for WithoutUIKitOrAppKit (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5897">#5897</a>)</li> <li>Add source context and vars fields to SentryFrame (<a href="https://redirect.github.com/getsentry/sentry-cocoa/issues/5853">#5853</a>)</li> </ul> <h3>Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
a297c6dbbd |
chore: differentiate between shutdown and shut down (#10494)
In a prior code review, CoPilot flagged that we were using the noun "shutdown" as a verb in certain places. Resolves: #10425 |
||
|
dependabot[bot]
|
81ea8af7f3 |
build(deps): bump @types/node from 24.1.0 to 24.3.0 in /website (#10436)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 24.1.0 to 24.3.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Mariusz Klochowicz
|
4d2b592d65 |
chore: Clean up Xcode config (#10461)
- declary sentry as FirezoneKit dependency - add config for non-Xcode LSP config - add some more info in README |
||
|
Jamil
|
f07d2932dc |
feat(portal): show outdated clients (#10456)
Clients more than one minor away from a particular won't be able to connect, so it would be useful to help admins recognize when this might be the case and encourage them to upgrade. We accomplish that with two small UX improvements in this PR: - In the outdated gateways email, we show them a count of clients that will no longer be able to connect to the new gateway version, linking them to a sorted view of the clients table - In the clients table, we add a new sortable `version` column to allow admins to see which clients are outdated Fixes #7727 Fixes #10385 --------- Signed-off-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
dependabot[bot]
|
1baf1f3a6e |
build(deps): bump known-folders from 1.2.0 to 1.3.1 in /rust (#10452)
Bumps [known-folders](https://github.com/artichoke/known-folders-rs) from 1.2.0 to 1.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/artichoke/known-folders-rs/releases">known-folders's releases</a>.</em></p> <blockquote> <h2>v1.3.1</h2> <h2>What's Changed</h2> <ul> <li>packaging: ensure READMEs in node_modules don't get uploaded to crate… by <a href="https://github.com/lopopolo"><code>@lopopolo</code></a> in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/84">artichoke/known-folders-rs#84</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/artichoke/known-folders-rs/compare/v1.3.0...v1.3.1">https://github.com/artichoke/known-folders-rs/compare/v1.3.0...v1.3.1</a></p> <h2>v1.3.0</h2> <h2>windows-sys</h2> <p>This release upgrades <code>known-folders</code>'s <code>windows-sys</code> version constraint to 0.60.0.</p> <h2>What's Changed</h2> <ul> <li>Bump the bundler-deps group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/53">artichoke/known-folders-rs#53</a></li> <li>Bump the gha-deps group with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/52">artichoke/known-folders-rs#52</a></li> <li>Bump the gha-deps group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/55">artichoke/known-folders-rs#55</a></li> <li>Bump rubocop from 1.66.0 to 1.66.1 in the bundler-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/54">artichoke/known-folders-rs#54</a></li> <li>Bump rubocop from 1.66.1 to 1.68.0 in the bundler-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/57">artichoke/known-folders-rs#57</a></li> <li>Bump the gha-deps group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/56">artichoke/known-folders-rs#56</a></li> <li>Bump the gha-deps group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/59">artichoke/known-folders-rs#59</a></li> <li>Bump rubocop from 1.68.0 to 1.69.0 in the bundler-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/58">artichoke/known-folders-rs#58</a></li> <li>Remove markdown link check by <a href="https://github.com/lopopolo"><code>@lopopolo</code></a> in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/60">artichoke/known-folders-rs#60</a></li> <li>Update Ruby, Bundler to latest by <a href="https://github.com/lopopolo"><code>@lopopolo</code></a> in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/61">artichoke/known-folders-rs#61</a></li> <li>Bump the gha-deps group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/63">artichoke/known-folders-rs#63</a></li> <li>Bump rubocop from 1.69.0 to 1.69.2 in the bundler-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/62">artichoke/known-folders-rs#62</a></li> <li>Bump rubocop from 1.69.2 to 1.71.1 in the bundler-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/65">artichoke/known-folders-rs#65</a></li> <li>Bump ruby/setup-ruby from 1.207.0 to 1.215.0 in the gha-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/64">artichoke/known-folders-rs#64</a></li> <li>Bump artichoke/setup-rust from 1.12.1 to 2.0.0 in the gha-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/66">artichoke/known-folders-rs#66</a></li> <li>Bump the gha-deps group with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/67">artichoke/known-folders-rs#67</a></li> <li>Bump the gha-deps group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/68">artichoke/known-folders-rs#68</a></li> <li>Address clippy lint violations on macOS and Windows by <a href="https://github.com/lopopolo"><code>@lopopolo</code></a> in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/70">artichoke/known-folders-rs#70</a></li> <li>Update rubocop config to use rake as a plugin by <a href="https://github.com/lopopolo"><code>@lopopolo</code></a> in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/71">artichoke/known-folders-rs#71</a></li> <li>Bump the bundler-deps group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/69">artichoke/known-folders-rs#69</a></li> <li>Bump ruby/setup-ruby from 1.229.0 to 1.237.0 in the gha-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/73">artichoke/known-folders-rs#73</a></li> <li>Bump rubocop from 1.75.1 to 1.75.4 in the bundler-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/72">artichoke/known-folders-rs#72</a></li> <li>Pin prettier and node deps, pin GitHub Actions by SHA by <a href="https://github.com/lopopolo"><code>@lopopolo</code></a> in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/74">artichoke/known-folders-rs#74</a></li> <li>Bump rubocop from 1.75.4 to 1.75.7 in the bundler-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/75">artichoke/known-folders-rs#75</a></li> <li>Bump the gha-deps group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/76">artichoke/known-folders-rs#76</a></li> <li>Bump the bundler-deps group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/78">artichoke/known-folders-rs#78</a></li> <li>Remove deprecated windows-2019 CI image by <a href="https://github.com/lopopolo"><code>@lopopolo</code></a> in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/77">artichoke/known-folders-rs#77</a></li> <li>Upgrade Ruby toolchain by <a href="https://github.com/lopopolo"><code>@lopopolo</code></a> in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/79">artichoke/known-folders-rs#79</a></li> <li>Bump rubocop from 1.75.8 to 1.77.0 in the bundler-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/82">artichoke/known-folders-rs#82</a></li> <li>Bump the gha-deps group with 5 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/80">artichoke/known-folders-rs#80</a></li> <li>Bump prettier from 3.5.3 to 3.6.2 in the npm-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/83">artichoke/known-folders-rs#83</a></li> <li>Update windows-sys requirement from 0.59.0 to 0.60.2 in the cargo-deps group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/artichoke/known-folders-rs/pull/81">artichoke/known-folders-rs#81</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/artichoke/known-folders-rs/compare/v1.2.0...v1.3.0">https://github.com/artichoke/known-folders-rs/compare/v1.2.0...v1.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ec93cfb834 |
build(deps): bump keyring from 3.6.2 to 3.6.3 in /rust (#10451)
Bumps [keyring](https://github.com/hwchen/keyring-rs) from 3.6.2 to 3.6.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hwchen/keyring-rs/releases">keyring's releases</a>.</em></p> <blockquote> <h2>v3.6.3: Likely final release of v3</h2> <p>This release integrates a few important bug fixes (thanks <a href="https://github.com/vermiculus"><code>@vermiculus</code></a>, <a href="https://github.com/unkcpz"><code>@unkcpz</code></a>) that have come in since the release of v3.6.2, and is the last release expected for the v3 series. The release of v4 is expected in about a month, and it will bring significant changes:</p> <ul> <li>the cross-platform API will become its own crate: keyring-core.</li> <li>each credential store will become its own store.</li> <li>this crate will become an example of how to write a keyring-based application.</li> </ul> <p>PLEASE NOTE: with this release, the main branch has changed significantly. What was on the main branch has moved to be a v4 branch, and the main branch was reverted to v3.6.2 and then had bug fix commits added on. If you have an existing fork of this repository, you should immediately sync your repo by choosing the "discard commits" option, which will take your repo back to v3.6.2 and then pull the newer commits. Then, if you have development work on one of your other branches, you should rebase that work onto the updated main.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ac85b70a43 |
build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 (#10429)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.3.0 to 5.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/407">actions/download-artifact#407</a></li> <li>BREAKING fix: inconsistent path behavior for single artifact downloads by ID by <a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/416">actions/download-artifact#416</a></li> </ul> <h2>v5.0.0</h2> <h3>🚨 Breaking Change</h3> <p>This release fixes an inconsistency in path behavior for single artifact downloads by ID. <strong>If you're downloading single artifacts by ID, the output path may change.</strong></p> <h4>What Changed</h4> <p>Previously, <strong>single artifact downloads</strong> behaved differently depending on how you specified the artifact:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (direct)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/my-artifact/</code> (nested)</li> </ul> <p>Now both methods are consistent:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (unchanged)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/</code> (fixed - now direct)</li> </ul> <h4>Migration Guide</h4> <h5>✅ No Action Needed If:</h5> <ul> <li>You download artifacts by <strong>name</strong></li> <li>You download <strong>multiple</strong> artifacts by ID</li> <li>You already use <code>merge-multiple: true</code> as a workaround</li> </ul> <h5>⚠️ Action Required If:</h5> <p>You download <strong>single artifacts by ID</strong> and your workflows expect the nested directory structure.</p> <p><strong>Before v5 (nested structure):</strong></p> <pre lang="yaml"><code>- uses: actions/download-artifact@v4 with: artifact-ids: 12345 path: dist # Files were in: dist/my-artifact/ </code></pre> <blockquote> <p>Where <code>my-artifact</code> is the name of the artifact you previously uploaded</p> </blockquote> <p><strong>To maintain old behavior (if needed):</strong></p> <pre lang="yaml"><code></tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Mariusz Klochowicz
|
3eebeeb515 |
chore(docs): add Discord badge to README (#10487)
Adds Discord server badge to the main README badge section for better visibility of the community Discord channel. Note: the server needs to enable server widget to properly show user count: 1. Open Discord Server Settings 2. Navigate to Widget section 3. Enable "Enable Server Widget" |
||
|
dependabot[bot]
|
9647c67a6b |
build(deps): bump the aya group in /rust with 5 updates (#10478)
Bumps the aya group in /rust with 5 updates: | Package | From | To | | --- | --- | --- | | [aya](https://github.com/aya-rs/aya) | ``3018246`` | ``ec3eacc`` | | [aya-build](https://github.com/aya-rs/aya) | ``3018246`` | ``ec3eacc`` | | [aya-ebpf](https://github.com/aya-rs/aya) | ``3018246`` | ``ec3eacc`` | | [aya-log](https://github.com/aya-rs/aya) | ``3018246`` | ``ec3eacc`` | | [aya-log-ebpf](https://github.com/aya-rs/aya) | ``3018246`` | ``ec3eacc`` | Updates `aya` from `3018246` to `ec3eacc` <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ea07298149 |
build(deps): bump androidx.core:core-ktx from 1.16.0 to 1.17.0 in /kotlin/android in the androidx group (#10432)
Bumps the androidx group in /kotlin/android with 1 update: androidx.core:core-ktx. Updates `androidx.core:core-ktx` from 1.16.0 to 1.17.0 [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
2cc050964c |
build(deps): bump com.google.firebase.crashlytics from 3.0.5 to 3.0.6 in /kotlin/android (#10469)
Bumps com.google.firebase.crashlytics from 3.0.5 to 3.0.6. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
5688a4ede7 |
build(deps): bump androidx.fragment:fragment-testing from 1.8.8 to 1.8.9 in /kotlin/android (#10473)
Bumps androidx.fragment:fragment-testing from 1.8.8 to 1.8.9. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
e5d0f3570a |
build(deps): bump lycheeverse/lychee-action from 2.4.1 to 2.6.1 (#10476)
Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 2.4.1 to 2.6.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lycheeverse/lychee-action/releases">lycheeverse/lychee-action's releases</a>.</em></p> <blockquote> <h2>Version 2.6.1</h2> <h2>What's Changed</h2> <ul> <li>Update lycheeVersion to v0.20.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/lycheeverse/lychee-action/pull/306">lycheeverse/lychee-action#306</a>, which contains a hotfix for <a href="https://redirect.github.com/lycheeverse/lychee-action/issues/305">lycheeverse/lychee-action#305</a>.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lycheeverse/lychee-action/compare/v2...v2.6.1">https://github.com/lycheeverse/lychee-action/compare/v2...v2.6.1</a></p> <h2>Version 2.6.0</h2> <h2>What's Changed</h2> <ul> <li>Update lychee version to v0.20.0 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/lycheeverse/lychee-action/pull/304">lycheeverse/lychee-action#304</a></li> <li>Bump actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lycheeverse/lychee-action/pull/303">lycheeverse/lychee-action#303</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lycheeverse/lychee-action/compare/v2...v2.6.0">https://github.com/lycheeverse/lychee-action/compare/v2...v2.6.0</a></p> <h2>Version 2.5.0</h2> <h2>Summary</h2> <p>Most notably with this release the deprecated <code>--exclude-mail</code> flag was removed and the behavior of the <code>--accept</code> flag was updated. Previously, status codes such as 200 OK were always accepted. Now they are only accepted by default. This means providing the argument <code>--accept 201</code> now rejects status code 200 OK.</p> <h2>What's Changed</h2> <ul> <li>Update lycheeVersion to v0.19.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/lycheeverse/lychee-action/pull/300">lycheeverse/lychee-action#300</a></li> <li>See the lychee changes here: <a href="https://github.com/lycheeverse/lychee/releases/tag/lychee-v0.19.1">https://github.com/lycheeverse/lychee/releases/tag/lychee-v0.19.1</a>, <a href="https://github.com/lycheeverse/lychee/releases/tag/lychee-v0.19.0">https://github.com/lycheeverse/lychee/releases/tag/lychee-v0.19.0</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lycheeverse/lychee-action/compare/v2...v2.5.0">https://github.com/lycheeverse/lychee-action/compare/v2...v2.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
08090baa8d |
build(deps): bump the react group in /rust/gui-client with 3 updates (#10470)
Bumps the react group in /rust/gui-client with 3 updates: [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react), [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom) and [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router). Updates `@types/react` from 19.1.9 to 19.1.12 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare view</a></li> </ul> </details> <br /> Updates `@types/react-dom` from 19.1.7 to 19.1.9 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom">compare view</a></li> </ul> </details> <br /> Updates `react-router` from 7.7.1 to 7.8.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/remix-run/react-router/releases">react-router's releases</a>.</em></p> <blockquote> <h2>v7.8.2</h2> <p>See the changelog for release notes: <a href="https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v782">https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v782</a></p> <h2>v7.8.1</h2> <p>See the changelog for release notes: <a href="https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v781">https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v781</a></p> <h2>v7.8.0</h2> <p>See the changelog for release notes: <a href="https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v780">https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v780</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md">react-router's changelog</a>.</em></p> <blockquote> <h2>7.8.2</h2> <h3>Patch Changes</h3> <ul> <li> <p>[UNSTABLE] Remove Data Mode <code>future.unstable_middleware</code> flag from <code>createBrowserRouter</code> (<a href="https://redirect.github.com/remix-run/react-router/pull/14213">#14213</a>)</p> <ul> <li>This is only needed as a Framework Mode flag because of the route modules and the <code>getLoadContext</code> type behavior change</li> <li>In Data Mode, it's an opt-in feature because it's just a new property on a route object, so there's no behavior changes that necessitate a flag</li> </ul> </li> <li> <p>[UNSTABLE] Add <code><RouterProvider unstable_onError></code>/<code><HydratedRouter unstable_onError></code> prop for client side error reporting (<a href="https://redirect.github.com/remix-run/react-router/pull/14162">#14162</a>)</p> </li> <li> <p>server action revalidation opt out via $SKIP_REVALIDATION field (<a href="https://redirect.github.com/remix-run/react-router/pull/14154">#14154</a>)</p> </li> <li> <p>Properly escape interpolated param values in <code>generatePath()</code> (<a href="https://redirect.github.com/remix-run/react-router/pull/13530">#13530</a>)</p> </li> <li> <p>Maintain <code>ReadonlyMap</code> and <code>ReadonlySet</code> types in server response data. (<a href="https://redirect.github.com/remix-run/react-router/pull/13092">#13092</a>)</p> </li> <li> <p>[UNSTABLE] Delay serialization of <code>.data</code> redirects to 202 responses until after middleware chain (<a href="https://redirect.github.com/remix-run/react-router/pull/14205">#14205</a>)</p> </li> <li> <p>Fix <code>TypeError</code> if you throw from <code>patchRoutesOnNavigation</code> when no partial matches exist (<a href="https://redirect.github.com/remix-run/react-router/pull/14198">#14198</a>)</p> </li> <li> <p>Fix <code>basename</code> usage without a leading slash in data routers (<a href="https://redirect.github.com/remix-run/react-router/pull/11671">#11671</a>)</p> </li> <li> <p>[UNSTABLE] Update client middleware so it returns the data strategy results allowing for more advanced post-processing middleware (<a href="https://redirect.github.com/remix-run/react-router/pull/14151">#14151</a>)</p> </li> </ul> <h2>7.8.1</h2> <h3>Patch Changes</h3> <ul> <li>Fix usage of optional path segments in nested routes defined using absolute paths (<a href="https://redirect.github.com/remix-run/react-router/pull/14135">#14135</a>)</li> <li>Bubble client pre-next middleware error to the shallowest ancestor that needs to load, not strictly the shallowest ancestor with a loader (<a href="https://redirect.github.com/remix-run/react-router/pull/14150">#14150</a>)</li> <li>Fix optional static segment matching in <code>matchPath</code> (<a href="https://redirect.github.com/remix-run/react-router/pull/11813">#11813</a>)</li> <li>Fix prerendering when a <code>basename</code> is set with <code>ssr:false</code> (<a href="https://redirect.github.com/remix-run/react-router/pull/13791">#13791</a>)</li> <li>Provide <code>isRouteErrorResponse</code> utility in <code>react-server</code> environments (<a href="https://redirect.github.com/remix-run/react-router/pull/14166">#14166</a>)</li> <li>Propagate non-redirect Responses thrown from middleware to the error boundary on document/data requests (<a href="https://redirect.github.com/remix-run/react-router/pull/14182">#14182</a>)</li> <li>Handle <code>meta</code> and <code>links</code> Route Exports in RSC Data Mode (<a href="https://redirect.github.com/remix-run/react-router/pull/14136">#14136</a>)</li> <li>Properly convert returned/thrown <code>data()</code> values to <code>Response</code> instances via <code>Response.json()</code> in resource routes and middleware (<a href="https://redirect.github.com/remix-run/react-router/pull/14159">#14159</a>, <a href="https://redirect.github.com/remix-run/react-router/pull/14181">#14181</a>)</li> </ul> <h2>7.8.0</h2> <h3>Minor Changes</h3> <ul> <li>Add <code>nonce</code> prop to <code>Links</code> & <code>PrefetchPageLinks</code> (<a href="https://redirect.github.com/remix-run/react-router/pull/14048">#14048</a>)</li> <li>Add <code>loaderData</code> arguments/properties alongside existing <code>data</code> arguments/properties to provide consistency and clarity between <code>loaderData</code> and <code>actionData</code> across the board (<a href="https://redirect.github.com/remix-run/react-router/pull/14047">#14047</a>) <ul> <li>Updated types: <code>Route.MetaArgs</code>, <code>Route.MetaMatch</code>, <code>MetaArgs</code>, <code>MetaMatch</code>, <code>Route.ComponentProps.matches</code>, <code>UIMatch</code></li> <li><code>@deprecated</code> warnings have been added to the existing <code>data</code> properties to point users to new <code>loaderData</code> properties, in preparation for removing the <code>data</code> properties in a future major release</li> </ul> </li> </ul> <h3>Patch Changes</h3> <ul> <li>Prevent <em>"Did not find corresponding fetcher result"</em> console error when navigating during a <code>fetcher.submit</code> revalidation (<a href="https://redirect.github.com/remix-run/react-router/pull/14114">#14114</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
b11adfcfe4 |
feat(connlib): create flow on ICMP error "prohibited" (#10462)
In Firezone, a Client requests an "access authorization" for a Resource on the fly when it sees the first packet for said Resource going through the tunnel. If we don't have a connection to the Gateway yet, this is also where we will establish a connection and create the WireGuard tunnel. In order for this to work, the access authorization state between the Client and the Gateway MUST NOT get out of sync. If the Client thinks it has access to a Resource, it will just route the traffic to the Gateway. If the access authorization on the Gateway has expired or vanished otherwise, the packets will be black-holed. Starting with #9816, the Gateway sends ICMP errors back to the application whenever it filters a packet. This can happen either because the access authorization is gone or because the traffic wasn't allowed by the specific filter rules on the Resource. With this patch, the Client will attempt to create a new flow (i.e. re-authorize) traffic for this resource whenever it sees such an ICMP error, therefore acting as a way of synchronizing the view of the world between Client and Gateway should they ever run out of sync. Testing turned out to be a bit tricky. If we let the authorization on the Gateway lapse naturally, we portal will also toggle the Resource off and on on the Client, resulting in "flushing" the current authorizations. Additionally, it the Client had only access to one Resource, then the Gateway will gracefully close the connection, also resulting in the Client creating a new flow for the next packet. To actually trigger this new behaviour we need to: - Access at least two resources via the same Gateway - Directly send `reject_access` to the Gateway for this particular resource To achieve this, we dynamically eval some code on the API node and instruct the Gateway channel to send `reject_access`. The connection stays intact because there is still another active access authorization but packets for the other resource are answered with ICMP errors. To achieve a safe roll-out, the new behaviour is feature-flagged. In order to still test it, we now also allow feature flags to be set via env variables. Resolves: #10074 --------- Co-authored-by: Mariusz Klochowicz <mariusz@klochowicz.com> |