The `flows` table tracks authorizations we've made for a resource and
persists them, so that we can determine which authorizations are still
valid across deploys or hiccups in the control plane connections.
Before, when the "in-use" authorization for a resource was deleted, we
would have flapped the resource in the client, and sent `reject_access`
to the gateway. However, that would cause issues in the following edge
case:
- Client is currently connected to Resource A through Policy B
- Client websocket goes down
- Policy B is created for Resource A (for another actor group), and
Policy A is deleted by admin
- Client reconnects
- Client sees that its resource list is the same
- Gateway has since received `reject_access` because no new flows were
created for this client-resource combination
To prevent this from happening, we now try to "reauthorize" the flow
whenever the last cached flow is removed for a particular
client-resource pair. This avoids needing to toggle the resource on the
client since we won't have sent `reject_access` to the gateway.
Bumps [mixpanel-browser](https://github.com/mixpanel/mixpanel-js) and
[@types/mixpanel-browser](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mixpanel-browser).
These dependencies needed to be updated together.
Updates `mixpanel-browser` from 2.65.0 to 2.67.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mixpanel/mixpanel-js/releases">mixpanel-browser's
releases</a>.</em></p>
<blockquote>
<h2>Fixes and minor updates</h2>
<ul>
<li><code>get_api_host()</code> is now used consistently across the SDK
to ensure that per-endpoint API host configs are respected
everywhere</li>
<li>A fix is included for the ordering of (asynchronous) operations when
calling <code>mixpanel.reset()</code> while a session recording is
active</li>
<li>Default Feature Flag context now includes <code>device_id</code>
alongside <code>distinct_id</code></li>
<li><code>$experiment_started</code> events now include several
API-latency-tracking properties</li>
</ul>
<h2>Fine-grained API host configuration and session recording fixes</h2>
<p>A new <code>api_hosts</code> configuration option enables different
endpoints (events, profiles, groups, session recordings) to be sent to
different hosts, for selective proxying, e.g.:</p>
<pre lang="js"><code>mixpanel.init('<TOKEN>', {
api_hosts: {
// proxy only session-recording requests, and leave the rest on the
default host api-js.mixpanel.com
'record': 'https://my-proxy.com',
},
});
</code></pre>
<p>This release also fixes a race condition when calling
<code>mixpanel.reset()</code> while a session recording is active, and
adds an initial TypeScript <code>types.d.ts</code> file.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mixpanel/mixpanel-js/blob/master/CHANGELOG.md">mixpanel-browser's
changelog</a>.</em></p>
<blockquote>
<p><strong>2.67.0</strong> (17 Jul 2025)</p>
<ul>
<li>Use <code>get_api_host()</code> consistently across the SDK</li>
<li>Include <code>device_id</code> in default Feature Flag context</li>
<li>Track latency props in <code>$experiment_started</code> event</li>
<li>Fix async behavior in <code>mixpanel.reset()</code> when a session
recording is active</li>
<li>Fix recorder integration test race conditions</li>
</ul>
<p><strong>2.66.0</strong> (8 Jul 2025)</p>
<ul>
<li>Add <code>api_host</code> configuration option to support different
hosts/proxies for different endpoints (thanks <a
href="https://github.com/chrisknu"><code>@chrisknu</code></a>)</li>
<li>Add types.d.ts from existing public repo</li>
<li>Fix race condition when calling <code>mixpanel.reset()</code> while
a session recording is active</li>
</ul>
<p><strong>2.65.0</strong> (20 May 2025)</p>
<ul>
<li><code>mixpanel.people.track_charge()</code> (deprecated) no longer
sets profile property</li>
<li>Adds page height and width tracking to autocapture click
tracking</li>
<li>Session recording now stops when mixpanel.reset() is called</li>
<li>Support for adding arbitrary query string params to tracking
requests (thanks <a
href="https://github.com/dylan-asos"><code>@dylan-asos</code></a>)</li>
<li>Feature flagging API revisions</li>
<li>Whale Browser detection</li>
</ul>
<p><strong>2.64.0</strong> (15 Apr 2025)</p>
<ul>
<li>Add <code>record_heatmap_data</code> init option for Session
Recording to ensure click events are captured for Heat Maps</li>
<li>Initial support for feature flagging</li>
</ul>
<p><strong>2.63.0</strong> (1 Apr 2025)</p>
<ul>
<li>Update rrweb to latest alpha version</li>
<li>Refactor SDK build process to rely mainly on Rollup</li>
</ul>
<p><strong>2.62.0</strong> (26 Mar 2025)</p>
<ul>
<li>Replace UUID generator with UUIDv4 (using native API when
available)</li>
<li>Consistently use native JSON serialization when available</li>
<li>Fix for session recording idle timeout race condition</li>
</ul>
<p><strong>2.61.2</strong> (14 Mar 2025)</p>
<ul>
<li>Revert 10ms throttle on enqueueing events to improve tracking
reliability on page unload</li>
</ul>
<p><strong>2.61.1</strong> (11 Mar 2025)</p>
<ul>
<li>Session recording stops if initial DOM snapshot fails</li>
<li>Errors triggered by rrweb's record function are now caught</li>
<li>Fix for issue causing opt-out check error messages in
<code>debug</code> mode</li>
</ul>
<p><strong>2.61.0</strong> (6 Mar 2025)</p>
<ul>
<li>Session recordings now continue across page loads within the same
tab, using IndexedDB for persistence</li>
</ul>
<p><strong>2.60.0</strong> (31 Jan 2025)</p>
<ul>
<li>Expanded Autocapture configs</li>
<li>Prevent duplicate values in persistence when using people.union
(thanks <a
href="https://github.com/chrisdeely"><code>@chrisdeely</code></a>)</li>
</ul>
<p><strong>2.59.0</strong> (21 Jan 2025)</p>
<ul>
<li>Initial Autocapture support</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ec87a0ab39"><code>ec87a0a</code></a>
2.67.0</li>
<li><a
href="952dea91ab"><code>952dea9</code></a>
changelog for 2.67.0</li>
<li><a
href="0ea33fd603"><code>0ea33fd</code></a>
Merge branch '2.67.0-rc'</li>
<li><a
href="e51b679cdd"><code>e51b679</code></a>
Update conventions, ignore is no longer used</li>
<li><a
href="742fabb992"><code>742fabb</code></a>
Create dependabot yml from template, set ignore rule from example
directory (...</li>
<li><a
href="6cdecd6ad0"><code>6cdecd6</code></a>
Push to 2.67</li>
<li><a
href="2033e9eb48"><code>2033e9e</code></a>
Dist files</li>
<li><a
href="b1c6a3f796"><code>b1c6a3f</code></a>
send in variant fetch start/complete as date strings</li>
<li><a
href="ba23ab0404"><code>ba23ab0</code></a>
Merge pull request <a
href="https://redirect.github.com/mixpanel/mixpanel-js/issues/281">#281</a>
from mixpanel/jg-final-flush</li>
<li><a
href="591fa5050f"><code>591fa50</code></a>
test fix</li>
<li>Additional commits viewable in <a
href="https://github.com/mixpanel/mixpanel-js/compare/v2.65.0...v2.67.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `@types/mixpanel-browser` from 2.60.0 to 2.66.0
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/mixpanel-browser">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Currently, packets for allocations, i.e. from relays are parsed inside
the `Allocation` struct. We have one of those structs for each relay
that `snownet` is talking to. When we disconnect from a relay because it
is e.g. not responding, then we deallocate this struct. As a result,
message that arrive from this relay can no longer be handled. This can
happen when the response time is longer than our timeout.
These packets then fall-through and end up being logged as "packet has
unknown format".
To prevent this, we make the signature on `Allocation` strongly-typed
and expect a fully parsed `Message` to be given to us. This allows us to
parse the message early and discard it with a DEBUG log in case we don't
have the necessary local state to handle it.
The functionality here is essentially the same, we just change at what
level this is being logged at from WARN to DEBUG.
We have to make one additional adjustment to make this work: Guard all
messages to be parsed by any `Allocation` to come from port 3478. This
is the assigned port that all relays are expected to listen on. If we
don't have any local state for a given address, we cannot decide whether
it is a STUN message for an agent or a STUN message for a relay that we
have disconnected from. Therefore, we need to de-multiplex based on the
source port.
Bumps [pnpm/action-setup](https://github.com/pnpm/action-setup) from
4.0.0 to 4.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pnpm/action-setup/releases">pnpm/action-setup's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.0</h2>
<p>Add support for <code>package.yaml</code> <a
href="https://redirect.github.com/pnpm/action-setup/pull/156">#156</a>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a7487c7e89"><code>a7487c7</code></a>
feat: update dist</li>
<li><a
href="fff70888d0"><code>fff7088</code></a>
test: update pnpm to v9</li>
<li><a
href="6e3017af18"><code>6e3017a</code></a>
docs: support <code>package.yaml</code> (<a
href="https://redirect.github.com/pnpm/action-setup/issues/157">#157</a>)</li>
<li><a
href="0cb0538c33"><code>0cb0538</code></a>
feat: support <code>package.yaml</code> (<a
href="https://redirect.github.com/pnpm/action-setup/issues/156">#156</a>)</li>
<li><a
href="e303250a24"><code>e303250</code></a>
docs: update pnpm version in readme examples (<a
href="https://redirect.github.com/pnpm/action-setup/issues/154">#154</a>)</li>
<li><a
href="ac5bf11548"><code>ac5bf11</code></a>
Update examples to use pnpm v9 (<a
href="https://redirect.github.com/pnpm/action-setup/issues/142">#142</a>)</li>
<li><a
href="18ac635edf"><code>18ac635</code></a>
docs: remove redundant manual cache due to setup-node cache (<a
href="https://redirect.github.com/pnpm/action-setup/issues/131">#131</a>)</li>
<li><a
href="0d0b43217a"><code>0d0b432</code></a>
docs: add warning about v2</li>
<li><a
href="0eb0e97082"><code>0eb0e97</code></a>
Add readme example for omitting <code>version</code> (<a
href="https://redirect.github.com/pnpm/action-setup/issues/134">#134</a>)</li>
<li><a
href="23657c8550"><code>23657c8</code></a>
docs: change order of setup node and pnpm (<a
href="https://redirect.github.com/pnpm/action-setup/issues/129">#129</a>)</li>
<li>Additional commits viewable in <a
href="fe02b34f77...a7487c7e89">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
On Apple platforms, we tried to be clever about filtering path updates
from the network connectivity change monitor, because there can be a
flurry of them upon waking from sleep or network roaming.
However, because of this, we had a bug that could occur in certain
situations (such as waking from sleep) where we could effectively "land"
on an empty DNS resolver list. This could happen if:
1. We receive a path update handler that meaningfully changes
connectivity, but its `supportsDNS` property is `false`. This means it
hasn't received any resolvers from DHCP yet. We would then setDns with
an empty resolver list.
2. We then receive a path update handler with the _only_ change being
`supportDNS=true`. Since we didn't count this change as a meaningful
path change, we skipped the `setDns` call, and connlib would be stuck
without DNS resolution.
To fix the above, we stop trying to be clever about connectivity
changes, and just use `oldPath != path`. That will increase reset a bit,
but it will now handle other edge cases such as an IP address changing
on the primary interface, any other interfaces change, and the like.
Fixes#9866
Bumps the flowbite group in /rust/gui-client with 1 update:
[flowbite-react](https://github.com/themesberg/flowbite-react/tree/HEAD/packages/ui).
Updates `flowbite-react` from 0.11.8 to 0.11.9
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/themesberg/flowbite-react/releases">flowbite-react's
releases</a>.</em></p>
<blockquote>
<h2>flowbite-react@0.11.9</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/themesberg/flowbite-react/pull/1587">#1587</a>
<a
href="3028f83f89"><code>3028f83</code></a>
Thanks <a href="https://github.com/raahed"><code>@raahed</code></a>! -
feat(Datepicker): Implemented a filter function prop</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/themesberg/flowbite-react/blob/main/packages/ui/CHANGELOG.md">flowbite-react's
changelog</a>.</em></p>
<blockquote>
<h2>0.11.9</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/themesberg/flowbite-react/pull/1587">#1587</a>
<a
href="3028f83f89"><code>3028f83</code></a>
Thanks <a href="https://github.com/raahed"><code>@raahed</code></a>! -
feat(Datepicker): Implemented a filter function prop</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="213be8eb96"><code>213be8e</code></a>
Version Packages (<a
href="https://github.com/themesberg/flowbite-react/tree/HEAD/packages/ui/issues/1590">#1590</a>)</li>
<li><a
href="3028f83f89"><code>3028f83</code></a>
feat: Add 'filterDate' prop function on Datepicker (<a
href="https://github.com/themesberg/flowbite-react/tree/HEAD/packages/ui/issues/1587">#1587</a>)</li>
<li>See full diff in <a
href="https://github.com/themesberg/flowbite-react/commits/flowbite-react@0.11.9/packages/ui">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
When validating the found system resolvers on macOS and iOS, we would
stop after validating the first found resolver (usually IPv4) because
`break` was used instead of `continue`.
Fixes#9914
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Due to network partitions between the Client and the Portal, it is
possible that a Client requests a new connection, then disconnects from
the portal and re-requests the connection once it is reconnected.
On the Gateway, we would have already authorized the first request and
initialise our ICE agents with our local candidates. The second time
around, the connection would be reused. The Client however has lost its
state and therefore, we need to tell it our candidates again.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Room join requests on the portal are only valid whilst we have a
WebSocket connection. To make sure the portal processes all our requests
correctly, we need to hold all other messages back while we are waiting
to join the room.
If the connection flaps while we are waiting to join a room, we may have
a lingering join request that never gets fulfilled and thus blocks the
sending of messages forever.
---------
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Now that we are capable of migrating a connection to another relay with
#9979, our test suite exposed an edge-case: If we are in the middle of
migrating a connection, it could be that the idle timer triggers because
we have not seen any application traffic in the last 20s.
Moving to idle mode drastically reduces the number of STUN bindings we
send and if this happens whilst we are still checking candidates, the
nomination doesn't happen in time for our boringtun handshake to
succeed.
Thus, we add a condition to our idle timer to not trigger unless ICE has
completed and reports us as `connected`.
When looking at logs, reducing noise is critical to make it easier to
spot important information. When sending logs to Sentry, we currently
append the fields of certain spans to message to make the output similar
to that of `tracing_subscriber::fmt`.
The actual name of a field inside a span is separated from the span name
by a colon. For example, here is a log message as we see it in Sentry
today:
> handle_input:class=success response
handle_input:from=C1A0479AA153FACA0722A5DF76343CF2BEECB10E:3478
handle_input:method=binding handle_input:rtt=34.7479ms
handle_input:tid=BB30E859ED88FFDF0786B634 request=["Software(snownet;
session=BCA42EF159C794F41AE45BF5099E54D3A193A7184C4D2C3560C2FE49C4C6CFB7)"]
response=["Software(firezone-relay; rev=e4ba5a69)",
"XorMappedAddress(B824B4035A78A6B188EF38BE13AA3C1B1B1196D6:52625)"]
Really, what we would like to see is only this:
> class=success response
from=C1A0479AA153FACA0722A5DF76343CF2BEECB10E:3478 method=binding
rtt=34.7479ms tid=BB30E859ED88FFDF0786B634 request=["Software(snownet;
session=BCA42EF159C794F41AE45BF5099E54D3A193A7184C4D2C3560C2FE49C4C6CFB7)"]
response=["Software(firezone-relay; rev=e4ba5a69)",
"XorMappedAddress(B824B4035A78A6B188EF38BE13AA3C1B1B1196D6:52625)"]
The duplication of `handle_input:` is just noise. In our local log
output, we already strip the name of the span to make it easier to read.
Here we now also do the same for the logs reported to Sentry.
When looking through customer logs, we see a lot of "Resolved best route
outside of tunnel" messages. Those get logged every time we need to
rerun our re-implementation of Windows' weighting algorithm as to which
source interface / IP a packet should be sent from.
Currently, this gets cached in every socket instance so for the
peer-to-peer socket, this is only computed once per destination IP.
However, for DNS queries, we make a new socket for every query. Using a
new source port DNS queries is recommended to avoid fingerprinting of
DNS queries. Using a new socket also means that we need to re-run this
algorithm every time we make a DNS query which is why we see this log so
often.
To fix this, we need to share this cache across all UDP sockets. Cache
invalidation is one of the hardest problems in computer science and this
instance is no different. This cache needs to be reset every time we
roam as that changes the weighting of which source interface to use.
To achieve this, we extend the `SocketFactory` trait with a `reset`
method. This method is called whenever we roam and can then reset a
shared cache inside the `UdpSocketFactory`. The "source IP resolver"
function that is passed to the UDP socket now simply accesses this
shared cache and inserts a new entry when it needs to resolve the IP.
As an added benefit, this may speed up DNS queries on Windows a bit
(although I haven't benchmarked it). It should certainly drastically
reduce the amount of syscalls we make on Windows.
In #6876, we added functionality that would only make use of new remote
candidates whilst we haven't nominated a socket yet with the remote. The
reason for that was because in the described edge-case where relays
reboot or get replaced whilst the client is partitioned from the portal
(or we experience a connection hiccup), only one of the two peers, i.e.
Client or Gateway would migrate to the new relay, leaving the other one
in an inconsistent state.
Looking at recent customer logs, I've been seeing a lot of these
messages:
> Unknown connection or socket has already been nominated
For this particular customer, these are then very quickly followed by
ICE timeouts, leaving the connection unusable.
Considering that, I no longer think that the above change was a good
idea and we should instead always make use of all candidates that we are
given. What we are seeing is that in deployment scenarios where the
latency link between Client and Gateway is very short (5-10ms) yet the
latency to the portal is longer (~30-50ms), we trigger a race condition
where we are temporarily nominating a _peer-reflexive_ candidate pair
instead of a regular one. This happens because with such a short latency
link, Client and Gateway are _faster_ in sending back and forth several
STUN bindings than the control plane is in delivering all the
candidates.
Due to the functionality added in #6876, this then results in us not
accepting the candidates. It further appears that a nominated
peer-reflexive candidate does not provide a stable connection which is
why we then run into an ICE timeout, requiring Firezone to establish a
new connection only to have the same thing happen again.
This is very disruptive for the user experience as the connection only
works for a few moments at a time.
With #9793, we have actually added a feature that is also at play here.
Now that we don't immediately act on an ICE timeout, it is actually
possible for both Client and Gateway to migrate a connection to a
different relay, should the one that they are using get disconnected. In
#9793, we added a timeout of 2s for this.
To make this fully work, we need to patch str0m to transition to
`Checking` early. Presently, str0m would directly transition from
`Disconnected` to `Connected` in this case which in some of the
high-latency scenarios that we are testing in CI is not enough to
recover the connection within 2s. By transitioning to `Checking` early,
we abort this timer.
Related: https://github.com/algesten/str0m/pull/676
In case we received a newly nominated socket from `str0m` whilst our
connection was in idle mode, we mistakenly did not apply that and kept
using the old one. ICE would still be functioning in this case because
`str0m` would have updated its internal state but we would be sending
packets into Nirvana.
I don't think that this is likely to be hit in production though as it
would be quite unusual to receive a new nomination whilst the connection
was completely idle.
When encrypting IP packets, `snownet` needs to prepare a buffer where
the encrypted packet is going to end up. Depending on whether we are
sending data via a relayed connection or direct, this buffer needs to be
offset by 4 bytes to allow for the 4-byte channel-data header of the
TURN protocol.
At present, we always first encrypt the packet and then on-demand move
the packet by 4-bytes to the left if we **don't** need to send it via a
relay. Internally, this translates to a `memmove` instruction which
actually turns out to be very cheap (I couldn't measure a speed
difference between this and `main`).
All of this code has grown historically though so I figured, it is
better to clean it up a bit to first evaluate, whether we have a direct
or relayed connection and based on that, write the encrypted packet
directly to the front of the buffer or offset it by 4 bytes.
Profiling has shown that using a spinlock-based buffer pool is
marginally (~1%) faster than the mutex-based one because it resolves
contention quicker.
Profiling has shown that checking whether the level is enabled is
actually more expensive than checking whether the packet is a DNS
packet. This improves performance by about 3%.
When debugging why we're receiving "Failed to start replication
connection" errors on deploy, it was discovered that there's a bug in
the Process discovery mechanism that new nodes use to attempt to link to
the existing replication connection. When restarting an existing
`domain` container that's not doing replication, we see this:
```
{"message":"Elixir.Domain.Events.ReplicationConnection: Publication tables are up to date","time":"2025-07-22T07:18:45.948Z","domain":["elixir"],"application":"domain","severity":"INFO","logging.googleapis.com/sourceLocation":{"function":"Elixir.Domain.Events.ReplicationConnection.handle_publication_tables_diff/2","line":2,"file":"lib/domain/events/replication_connection.ex"},"logging.googleapis.com/operation":{"producer":"#PID<0.764.0>"}}
{"message":"notifier only receiving messages from its own node, functionality may be degraded","time":"2025-07-22T07:18:45.942Z","domain":["elixir"],"application":"oban","source":"oban","severity":"DEBUG","event":"notifier:switch","connectivity_status":"solitary","logging.googleapis.com/sourceLocation":{"function":"Elixir.Oban.Telemetry.log/2","line":624,"file":"lib/oban/telemetry.ex"},"logging.googleapis.com/operation":{"producer":"#PID<0.756.0>"}}
{"message":"Elixir.Domain.ChangeLogs.ReplicationConnection: Publication tables are up to date","time":"2025-07-22T07:18:45.952Z","domain":["elixir"],"application":"domain","severity":"INFO","logging.googleapis.com/sourceLocation":{"function":"Elixir.Domain.ChangeLogs.ReplicationConnection.handle_publication_tables_diff/2","line":2,"file":"lib/domain/change_logs/replication_connection.ex"},"logging.googleapis.com/operation":{"producer":"#PID<0.763.0>"}}
{"message":"Elixir.Domain.ChangeLogs.ReplicationConnection: Starting replication slot change_logs_slot","time":"2025-07-22T07:18:45.966Z","state":"[REDACTED]","domain":["elixir"],"application":"domain","severity":"INFO","logging.googleapis.com/sourceLocation":{"function":"Elixir.Domain.ChangeLogs.ReplicationConnection.handle_result/2","line":2,"file":"lib/domain/change_logs/replication_connection.ex"},"logging.googleapis.com/operation":{"producer":"#PID<0.763.0>"}}
{"message":"Elixir.Domain.Events.ReplicationConnection: Starting replication slot events_slot","time":"2025-07-22T07:18:45.966Z","state":"[REDACTED]","domain":["elixir"],"application":"domain","severity":"INFO","logging.googleapis.com/sourceLocation":{"function":"Elixir.Domain.Events.ReplicationConnection.handle_result/2","line":2,"file":"lib/domain/events/replication_connection.ex"},"logging.googleapis.com/operation":{"producer":"#PID<0.764.0>"}}
{"message":"Elixir.Domain.ChangeLogs.ReplicationConnection: Replication connection disconnected","time":"2025-07-22T07:18:45.977Z","domain":["elixir"],"application":"domain","counter":0,"severity":"INFO","logging.googleapis.com/sourceLocation":{"function":"Elixir.Domain.ChangeLogs.ReplicationConnection.handle_disconnect/1","line":2,"file":"lib/domain/change_logs/replication_connection.ex"},"logging.googleapis.com/operation":{"producer":"#PID<0.763.0>"}}
{"message":"Elixir.Domain.Events.ReplicationConnection: Replication connection disconnected","time":"2025-07-22T07:18:45.977Z","domain":["elixir"],"application":"domain","counter":0,"severity":"INFO","logging.googleapis.com/sourceLocation":{"function":"Elixir.Domain.Events.ReplicationConnection.handle_disconnect/1","line":2,"file":"lib/domain/events/replication_connection.ex"},"logging.googleapis.com/operation":{"producer":"#PID<0.764.0>"}}
{"message":"Failed to start replication connection Elixir.Domain.Events.ReplicationConnection","reason":"%Postgrex.Error{message: nil, postgres: %{code: :object_in_use, line: \"607\", message: \"replication slot \\\"events_slot\\\" is active for PID 135123\", file: \"slot.c\", unknown: \"ERROR\", severity: \"ERROR\", pg_code: \"55006\", routine: \"ReplicationSlotAcquire\"}, connection_id: 136400, query: nil}","time":"2025-07-22T07:18:45.978Z","domain":["elixir"],"application":"domain","max_retries":10,"severity":"INFO","logging.googleapis.com/sourceLocation":{"function":"Elixir.Domain.Replication.Manager.handle_info/2","line":41,"file":"lib/domain/replication/manager.ex"},"logging.googleapis.com/operation":{"producer":"#PID<0.761.0>"},"retries":0}
{"message":"Failed to start replication connection Elixir.Domain.ChangeLogs.ReplicationConnection","reason":"%Postgrex.Error{message: nil, postgres: %{code: :object_in_use, line: \"607\", message: \"replication slot \\\"change_logs_slot\\\" is active for PID 135124\", file: \"slot.c\", unknown: \"ERROR\", severity: \"ERROR\", pg_code: \"55006\", routine: \"ReplicationSlotAcquire\"}, connection_id: 136401, query: nil}","time":"2025-07-22T07:18:45.978Z","domain":["elixir"],"application":"domain","max_retries":10,"severity":"INFO","logging.googleapis.com/sourceLocation":{"function":"Elixir.Domain.Replication.Manager.handle_info/2","line":41,"file":"lib/domain/replication/manager.ex"},"logging.googleapis.com/operation":{"producer":"#PID<0.760.0>"},"retries":0}
```
Before, we relied on `start_link` telling us that there was an existing
pid running in the cluster. However, from the output above, it appears
that may not always be reliable.
Instead, we first check explicitly where the running process is and, if
alive, we try linking to it. If not, we try starting the connection
ourselves.
Once linked to the process, we react to it being torn down as well,
causing a first-one-wins scenario where all nodes will attempt to start
replication, minimizing downtime during deploys.
Now that https://github.com/firezone/infra/pull/94 is in place, I did
verify we are properly handling SIGTERM in the BEAM, so the deployment
would now go like this:
1. GCP brings up the new nodes, they all find the existing pid and link
to it
2. GCP sends SIGTERM to the old nodes
3. The _actual_ pid receives SIGTERM and exits
4. This exit propagates to all other nodes due to the link
5. Some node will "win", and the others will end up linking to it
Fixes#9911
These are flooding our monitoring infra and don't really add that much
value. Pretty much all of the processing the relay does is request in
and out and none of the spans are nested.
We can therefore almost 1-to-1 replicate the logging we do with spans by
adding the fields to each log message.
Resolves: #9954
Bumps
[taiki-e/install-action](https://github.com/taiki-e/install-action) from
2.55.3 to 2.56.19.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/releases">taiki-e/install-action's
releases</a>.</em></p>
<blockquote>
<h2>2.56.19</h2>
<ul>
<li>Update <code>cargo-llvm-cov@latest</code> to 0.6.18.</li>
</ul>
<h2>2.56.18</h2>
<ul>
<li>Update <code>just@latest</code> to 1.42.3.</li>
</ul>
<h2>2.56.17</h2>
<ul>
<li>Update <code>wasmtime@latest</code> to 34.0.2.</li>
</ul>
<h2>2.56.16</h2>
<ul>
<li>
<p>Update <code>cargo-zigbuild@latest</code> to 0.20.1.</p>
</li>
<li>
<p>Update <code>cargo-lambda@latest</code> to 1.8.6.</p>
</li>
<li>
<p>Update <code>vacuum@latest</code> to 0.17.6.</p>
</li>
<li>
<p>Update <code>earthly@latest</code> to 0.8.16.</p>
</li>
</ul>
<h2>2.56.15</h2>
<ul>
<li>
<p>Fix <code>cargo-valgrind</code> installation error due to their tag
rename.</p>
</li>
<li>
<p>Update <code>cargo-valgrind@latest</code> to 2.3.2.</p>
</li>
<li>
<p>Update <code>just@latest</code> to 1.42.2.</p>
</li>
</ul>
<h2>2.56.14</h2>
<ul>
<li>
<p>Update <code>zola@latest</code> to 0.21.0.</p>
</li>
<li>
<p>Update <code>wait-for-them@latest</code> to 0.5.1.</p>
</li>
<li>
<p>Update <code>mdbook@latest</code> to 0.4.52.</p>
</li>
<li>
<p>Update <code>just@latest</code> to 1.42.1.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.4.0.</p>
</li>
<li>
<p>Update <code>cyclonedx@latest</code> to 0.29.0.</p>
</li>
</ul>
<h2>2.56.13</h2>
<ul>
<li>Update <code>cargo-nextest@latest</code> to 0.9.101.</li>
</ul>
<h2>2.56.12</h2>
<ul>
<li>Update <code>cargo-hack@latest</code> to 0.6.37.</li>
</ul>
<h2>2.56.11</h2>
<ul>
<li>
<p>Update <code>osv-scanner@latest</code> to 2.1.0.</p>
</li>
<li>
<p>Update <code>cargo-no-dev-deps@latest</code> to 0.2.16.</p>
</li>
<li>
<p>Update <code>cargo-minimal-versions@latest</code> to 0.1.31.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md">taiki-e/install-action's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>This project adheres to <a href="https://semver.org">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased]</h2>
<h2>[2.56.19] - 2025-07-19</h2>
<ul>
<li>Update <code>cargo-llvm-cov@latest</code> to 0.6.18.</li>
</ul>
<h2>[2.56.18] - 2025-07-19</h2>
<ul>
<li>Update <code>just@latest</code> to 1.42.3.</li>
</ul>
<h2>[2.56.17] - 2025-07-18</h2>
<ul>
<li>Update <code>wasmtime@latest</code> to 34.0.2.</li>
</ul>
<h2>[2.56.16] - 2025-07-18</h2>
<ul>
<li>
<p>Update <code>cargo-zigbuild@latest</code> to 0.20.1.</p>
</li>
<li>
<p>Update <code>cargo-lambda@latest</code> to 1.8.6.</p>
</li>
<li>
<p>Update <code>vacuum@latest</code> to 0.17.6.</p>
</li>
<li>
<p>Update <code>earthly@latest</code> to 0.8.16.</p>
</li>
</ul>
<h2>[2.56.15] - 2025-07-16</h2>
<ul>
<li>
<p>Fix <code>cargo-valgrind</code> installation error due to their tag
rename.</p>
</li>
<li>
<p>Update <code>cargo-valgrind@latest</code> to 2.3.2.</p>
</li>
<li>
<p>Update <code>just@latest</code> to 1.42.2.</p>
</li>
</ul>
<h2>[2.56.14] - 2025-07-15</h2>
<ul>
<li>
<p>Update <code>zola@latest</code> to 0.21.0.</p>
</li>
<li>
<p>Update <code>wait-for-them@latest</code> to 0.5.1.</p>
</li>
<li>
<p>Update <code>mdbook@latest</code> to 0.4.52.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c99cc51b30"><code>c99cc51</code></a>
Release 2.56.19</li>
<li><a
href="35aa282e0f"><code>35aa282</code></a>
Update <code>cargo-llvm-cov@latest</code> to 0.6.18</li>
<li><a
href="8962e8bc90"><code>8962e8b</code></a>
Release 2.56.18</li>
<li><a
href="86ed27786e"><code>86ed277</code></a>
Update <code>just@latest</code> to 1.42.3</li>
<li><a
href="d8fcd11e5f"><code>d8fcd11</code></a>
Release 2.56.17</li>
<li><a
href="03efa19be6"><code>03efa19</code></a>
Update readme</li>
<li><a
href="14dc975de9"><code>14dc975</code></a>
ci: Fix debian 10 setup</li>
<li><a
href="00c7072f52"><code>00c7072</code></a>
Update wasmtime manifest</li>
<li><a
href="8520ed0913"><code>8520ed0</code></a>
Release 2.56.16</li>
<li><a
href="56de642f63"><code>56de642</code></a>
Update <code>cargo-zigbuild@latest</code> to 0.20.1</li>
<li>Additional commits viewable in <a
href="9ca1734d89...c99cc51b30">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the sentry group in /rust/gui-client with 2 updates:
[@sentry/core](https://github.com/getsentry/sentry-javascript) and
[@sentry/react](https://github.com/getsentry/sentry-javascript).
Updates `@sentry/core` from 9.34.0 to 9.40.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/releases"><code>@sentry/core</code>'s
releases</a>.</em></p>
<blockquote>
<h2>9.40.0</h2>
<h3>Important Changes</h3>
<ul>
<li><strong>feat(browser): Add debugId sync APIs between web worker and
main thread (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16981">#16981</a>)</strong></li>
</ul>
<p>This release adds two Browser SDK APIs to let the main thread know
about debugIds of worker files:</p>
<ul>
<li><code>webWorkerIntegration({worker})</code> to be used in the main
thread</li>
<li><code>registerWebWorker({self})</code> to be used in the web
worker</li>
</ul>
<pre lang="js"><code>// main.js
Sentry.init({...})
<p>const worker = new MyWorker(...);</p>
<p>Sentry.addIntegration(Sentry.webWorkerIntegration({ worker }));</p>
<p>worker.addEventListener('message', e => {...});<br />
</code></pre></p>
<pre lang="js"><code>// worker.js
Sentry.registerWebWorker({ self });
self.postMessage(...);
</code></pre>
<ul>
<li><strong>feat(core): Deprecate logger in favor of debug (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/17040">#17040</a>)</strong></li>
</ul>
<p>The internal SDK <code>logger</code> export from
<code>@sentry/core</code> has been deprecated in favor of the
<code>debug</code> export. <code>debug</code> only exposes
<code>log</code>, <code>warn</code>, and <code>error</code> methods but
is otherwise identical to <code>logger</code>. Note that this
deprecation does not affect the <code>logger</code> export from other
packages (like <code>@sentry/browser</code> or
<code>@sentry/node</code>) which is used for Sentry Logging.</p>
<pre lang="js"><code>import { logger, debug } from '@sentry/core';
<p>// before<br />
logger.info('This is an info message');</p>
<p>// after<br />
debug.log('This is an info message');<br />
</code></pre></p>
<ul>
<li><strong>feat(node): Add OpenAI integration (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/17022">#17022</a>)</strong></li>
</ul>
<p>This release adds official support for instrumenting OpenAI SDK calls
in with Sentry tracing, following OpenTelemetry semantic conventions for
Generative AI. It instruments:</p>
<ul>
<li><code>client.chat.completions.create()</code> - For chat-based
completions</li>
<li><code>client.responses.create()</code> - For the responses API</li>
</ul>
<pre lang="js"><code></tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md"><code>@sentry/core</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>9.40.0</h2>
<h3>Important Changes</h3>
<ul>
<li><strong>feat(browser): Add debugId sync APIs between web worker and
main thread (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16981">#16981</a>)</strong></li>
</ul>
<p>This release adds two Browser SDK APIs to let the main thread know
about debugIds of worker files:</p>
<ul>
<li><code>webWorkerIntegration({worker})</code> to be used in the main
thread</li>
<li><code>registerWebWorker({self})</code> to be used in the web
worker</li>
</ul>
<pre lang="js"><code>// main.js
Sentry.init({...})
<p>const worker = new MyWorker(...);</p>
<p>Sentry.addIntegration(Sentry.webWorkerIntegration({ worker }));</p>
<p>worker.addEventListener('message', e => {...});<br />
</code></pre></p>
<pre lang="js"><code>// worker.js
Sentry.registerWebWorker({ self });
self.postMessage(...);
</code></pre>
<ul>
<li><strong>feat(core): Deprecate logger in favor of debug (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/17040">#17040</a>)</strong></li>
</ul>
<p>The internal SDK <code>logger</code> export from
<code>@sentry/core</code> has been deprecated in favor of the
<code>debug</code> export. <code>debug</code> only exposes
<code>log</code>, <code>warn</code>, and <code>error</code> methods but
is otherwise identical to <code>logger</code>. Note that this
deprecation does not affect the <code>logger</code> export from other
packages (like <code>@sentry/browser</code> or
<code>@sentry/node</code>) which is used for Sentry Logging.</p>
<pre lang="js"><code>import { logger, debug } from '@sentry/core';
<p>// before<br />
logger.info('This is an info message');</p>
<p>// after<br />
debug.log('This is an info message');<br />
</code></pre></p>
<ul>
<li><strong>feat(node): Add OpenAI integration (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/17022">#17022</a>)</strong></li>
</ul>
<p>This release adds official support for instrumenting OpenAI SDK calls
in with Sentry tracing, following OpenTelemetry semantic conventions for
Generative AI. It instruments:</p>
<ul>
<li><code>client.chat.completions.create()</code> - For chat-based
completions</li>
<li><code>client.responses.create()</code> - For the responses API</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cc51366965"><code>cc51366</code></a>
release: 9.40.0</li>
<li><a
href="a12c5a6ff6"><code>a12c5a6</code></a>
Merge pull request <a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17039">#17039</a>
from getsentry/prepare-release/9.40.0</li>
<li><a
href="d4ab7c09c1"><code>d4ab7c0</code></a>
meta(changelog): Update changelog for 9.40.0</li>
<li><a
href="f538ef024c"><code>f538ef0</code></a>
feat(node): Add OpenAI integration (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17022">#17022</a>)</li>
<li><a
href="53199420c4"><code>5319942</code></a>
feat(node-core): Expand <code>@opentelemetry/instrumentation</code>
range to cover `0.20...</li>
<li><a
href="962d6973cc"><code>962d697</code></a>
fix(core): Add missing <code>SentryDebugLogger</code> type export (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17046">#17046</a>)</li>
<li><a
href="779c15995c"><code>779c159</code></a>
chore(test-registry): Add more descriptive error code for common error
(<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16790">#16790</a>)</li>
<li><a
href="6116610341"><code>6116610</code></a>
chore: Add external contributor to CHANGELOG.md (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17052">#17052</a>)</li>
<li><a
href="14c5d444cc"><code>14c5d44</code></a>
test(react): Pin react-router version for e2e test (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17051">#17051</a>)</li>
<li><a
href="163798656a"><code>1637986</code></a>
docs(bun): remove advice concerning unhandled exceptions (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17049">#17049</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-javascript/compare/9.34.0...9.40.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `@sentry/react` from 9.34.0 to 9.40.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/releases"><code>@sentry/react</code>'s
releases</a>.</em></p>
<blockquote>
<h2>9.40.0</h2>
<h3>Important Changes</h3>
<ul>
<li><strong>feat(browser): Add debugId sync APIs between web worker and
main thread (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16981">#16981</a>)</strong></li>
</ul>
<p>This release adds two Browser SDK APIs to let the main thread know
about debugIds of worker files:</p>
<ul>
<li><code>webWorkerIntegration({worker})</code> to be used in the main
thread</li>
<li><code>registerWebWorker({self})</code> to be used in the web
worker</li>
</ul>
<pre lang="js"><code>// main.js
Sentry.init({...})
<p>const worker = new MyWorker(...);</p>
<p>Sentry.addIntegration(Sentry.webWorkerIntegration({ worker }));</p>
<p>worker.addEventListener('message', e => {...});<br />
</code></pre></p>
<pre lang="js"><code>// worker.js
Sentry.registerWebWorker({ self });
self.postMessage(...);
</code></pre>
<ul>
<li><strong>feat(core): Deprecate logger in favor of debug (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/17040">#17040</a>)</strong></li>
</ul>
<p>The internal SDK <code>logger</code> export from
<code>@sentry/core</code> has been deprecated in favor of the
<code>debug</code> export. <code>debug</code> only exposes
<code>log</code>, <code>warn</code>, and <code>error</code> methods but
is otherwise identical to <code>logger</code>. Note that this
deprecation does not affect the <code>logger</code> export from other
packages (like <code>@sentry/browser</code> or
<code>@sentry/node</code>) which is used for Sentry Logging.</p>
<pre lang="js"><code>import { logger, debug } from '@sentry/core';
<p>// before<br />
logger.info('This is an info message');</p>
<p>// after<br />
debug.log('This is an info message');<br />
</code></pre></p>
<ul>
<li><strong>feat(node): Add OpenAI integration (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/17022">#17022</a>)</strong></li>
</ul>
<p>This release adds official support for instrumenting OpenAI SDK calls
in with Sentry tracing, following OpenTelemetry semantic conventions for
Generative AI. It instruments:</p>
<ul>
<li><code>client.chat.completions.create()</code> - For chat-based
completions</li>
<li><code>client.responses.create()</code> - For the responses API</li>
</ul>
<pre lang="js"><code></tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md"><code>@sentry/react</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>9.40.0</h2>
<h3>Important Changes</h3>
<ul>
<li><strong>feat(browser): Add debugId sync APIs between web worker and
main thread (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16981">#16981</a>)</strong></li>
</ul>
<p>This release adds two Browser SDK APIs to let the main thread know
about debugIds of worker files:</p>
<ul>
<li><code>webWorkerIntegration({worker})</code> to be used in the main
thread</li>
<li><code>registerWebWorker({self})</code> to be used in the web
worker</li>
</ul>
<pre lang="js"><code>// main.js
Sentry.init({...})
<p>const worker = new MyWorker(...);</p>
<p>Sentry.addIntegration(Sentry.webWorkerIntegration({ worker }));</p>
<p>worker.addEventListener('message', e => {...});<br />
</code></pre></p>
<pre lang="js"><code>// worker.js
Sentry.registerWebWorker({ self });
self.postMessage(...);
</code></pre>
<ul>
<li><strong>feat(core): Deprecate logger in favor of debug (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/17040">#17040</a>)</strong></li>
</ul>
<p>The internal SDK <code>logger</code> export from
<code>@sentry/core</code> has been deprecated in favor of the
<code>debug</code> export. <code>debug</code> only exposes
<code>log</code>, <code>warn</code>, and <code>error</code> methods but
is otherwise identical to <code>logger</code>. Note that this
deprecation does not affect the <code>logger</code> export from other
packages (like <code>@sentry/browser</code> or
<code>@sentry/node</code>) which is used for Sentry Logging.</p>
<pre lang="js"><code>import { logger, debug } from '@sentry/core';
<p>// before<br />
logger.info('This is an info message');</p>
<p>// after<br />
debug.log('This is an info message');<br />
</code></pre></p>
<ul>
<li><strong>feat(node): Add OpenAI integration (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/17022">#17022</a>)</strong></li>
</ul>
<p>This release adds official support for instrumenting OpenAI SDK calls
in with Sentry tracing, following OpenTelemetry semantic conventions for
Generative AI. It instruments:</p>
<ul>
<li><code>client.chat.completions.create()</code> - For chat-based
completions</li>
<li><code>client.responses.create()</code> - For the responses API</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cc51366965"><code>cc51366</code></a>
release: 9.40.0</li>
<li><a
href="a12c5a6ff6"><code>a12c5a6</code></a>
Merge pull request <a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17039">#17039</a>
from getsentry/prepare-release/9.40.0</li>
<li><a
href="d4ab7c09c1"><code>d4ab7c0</code></a>
meta(changelog): Update changelog for 9.40.0</li>
<li><a
href="f538ef024c"><code>f538ef0</code></a>
feat(node): Add OpenAI integration (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17022">#17022</a>)</li>
<li><a
href="53199420c4"><code>5319942</code></a>
feat(node-core): Expand <code>@opentelemetry/instrumentation</code>
range to cover `0.20...</li>
<li><a
href="962d6973cc"><code>962d697</code></a>
fix(core): Add missing <code>SentryDebugLogger</code> type export (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17046">#17046</a>)</li>
<li><a
href="779c15995c"><code>779c159</code></a>
chore(test-registry): Add more descriptive error code for common error
(<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16790">#16790</a>)</li>
<li><a
href="6116610341"><code>6116610</code></a>
chore: Add external contributor to CHANGELOG.md (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17052">#17052</a>)</li>
<li><a
href="14c5d444cc"><code>14c5d44</code></a>
test(react): Pin react-router version for e2e test (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17051">#17051</a>)</li>
<li><a
href="163798656a"><code>1637986</code></a>
docs(bun): remove advice concerning unhandled exceptions (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/17049">#17049</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-javascript/compare/9.34.0...9.40.0">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sentry](https://github.com/getsentry/sentry-elixir) from 10.10.0
to 11.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-elixir/releases">sentry's
releases</a>.</em></p>
<blockquote>
<h2>11.0.2</h2>
<h3>Bug fixes</h3>
<ul>
<li>Deeply nested spans are handled now when building up traces in
<code>SpanProcessor</code> (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/924">#924</a>)</li>
</ul>
<h4>Various improvements</h4>
<ul>
<li>Span's attributes no longer include <code>db.url:
"ecto:"</code> entries as they are now filtered out (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/925">#925</a>)</li>
</ul>
<h2>11.0.1</h2>
<h4>Various improvements</h4>
<ul>
<li><code>Sentry.OpenTelemetry.Sampler</code> now works with an empty
config (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/915">#915</a>)</li>
</ul>
<h2>11.0.0</h2>
<p>This release comes with a beta support for Traces using OpenTelemetry
- please test it out and report any issues you find.</p>
<h3>New features</h3>
<ul>
<li>
<p>Beta support for Traces using OpenTelemetry (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/902">#902</a>)</p>
<p>To enable Tracing in your Phoenix application, you need to add the
following to your <code>mix.exs</code>:</p>
<pre lang="elixir"><code>def deps do
[
# ...
{:sentry, "~> 11.0.0"},
{:opentelemetry, "~> 1.5"},
{:opentelemetry_api, "~> 1.4"},
{:opentelemetry_exporter, "~> 1.0"},
{:opentelemetry_semantic_conventions, "~> 1.27"},
{:opentelemetry_phoenix, "~> 2.0"},
{:opentelemetry_ecto, "~> 1.2"},
# ...
]
</code></pre>
<p>And then configure Tracing in Sentry and OpenTelemetry in your
<code>config.exs</code>:</p>
<pre lang="elixir"><code>config :sentry,
# ...
traces_sample_rate: 1.0 # any value between 0 and 1.0 enables tracing
<p>config :opentelemetry, span_processor:
{Sentry.OpenTelemetry.SpanProcessor, []}
config :opentelemetry, sampler: {Sentry.OpenTelemetry.Sampler, [drop:
[]]}
</code></pre></p>
</li>
<li>
<p>Add installer (based on Igniter) (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/876">#876</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-elixir/blob/master/CHANGELOG.md">sentry's
changelog</a>.</em></p>
<blockquote>
<h2>11.0.2</h2>
<h3>Bug fixes</h3>
<ul>
<li>Deeply nested spans are handled now when building up traces in
<code>SpanProcessor</code> (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/924">#924</a>)</li>
</ul>
<h4>Various improvements</h4>
<ul>
<li>Span's attributes no longer include <code>db.url:
"ecto:"</code> entries as they are now filtered out (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/925">#925</a>)</li>
</ul>
<h2>11.0.1</h2>
<h4>Various improvements</h4>
<ul>
<li><code>Sentry.OpenTelemetry.Sampler</code> now works with an empty
config (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/915">#915</a>)</li>
</ul>
<h2>11.0.0</h2>
<p>This release comes with a beta support for Traces using OpenTelemetry
- please test it out and report any issues you find.</p>
<h3>New features</h3>
<ul>
<li>
<p>Beta support for Traces using OpenTelemetry (<a
href="https://redirect.github.com/getsentry/sentry-elixir/pull/902">#902</a>)</p>
<p>To enable Tracing in your Phoenix application, you need to add the
following to your <code>mix.exs</code>:</p>
<pre lang="elixir"><code>def deps do
[
# ...
{:sentry, "~> 11.0.0"},
{:opentelemetry, "~> 1.5"},
{:opentelemetry_api, "~> 1.4"},
{:opentelemetry_exporter, "~> 1.0"},
{:opentelemetry_semantic_conventions, "~> 1.27"},
{:opentelemetry_phoenix, "~> 2.0"},
{:opentelemetry_ecto, "~> 1.2"},
# ...
]
</code></pre>
<p>And then configure Tracing in Sentry and OpenTelemetry in your
<code>config.exs</code>:</p>
<pre lang="elixir"><code>config :sentry,
# ...
traces_sample_rate: 1.0 # any value between 0 and 1.0 enables tracing
<p>config :opentelemetry, span_processor:
{Sentry.OpenTelemetry.SpanProcessor, []}
config :opentelemetry, sampler: {Sentry.OpenTelemetry.Sampler, []}
</code></pre></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b142174df9"><code>b142174</code></a>
release: 11.0.2</li>
<li><a
href="f43055b8ca"><code>f43055b</code></a>
Update CHANGELOG for 11.0.2 (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/926">#926</a>)</li>
<li><a
href="ee512d3bf6"><code>ee512d3</code></a>
Filter out empty db.url from span's attributes (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/925">#925</a>)</li>
<li><a
href="6809aaa68c"><code>6809aaa</code></a>
Fix handling of spans at 2+ levels (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/924">#924</a>)</li>
<li><a
href="b7e16798d3"><code>b7e1679</code></a>
Improve event callback docs (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/922">#922</a>)</li>
<li><a
href="97d0382418"><code>97d0382</code></a>
Merge branch 'release/11.0.1'</li>
<li><a
href="738fc763cd"><code>738fc76</code></a>
release: 11.0.1</li>
<li><a
href="ab58c0ef6b"><code>ab58c0e</code></a>
Update CHANGELOG (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/917">#917</a>)</li>
<li><a
href="028ce18841"><code>028ce18</code></a>
handle nil drop list (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/915">#915</a>)</li>
<li><a
href="5850c73a96"><code>5850c73</code></a>
Merge branch 'release/11.0.0'</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-elixir/compare/10.10.0...11.0.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
When an account is perma-deleted, we need to handle that with another
function clause matching the WAL message coming into the change logs
replication connection module.
Before:
- When a flow was deleted, we flapped the resource on the client, and
sent `reject_access` naively for the flow's `{client_id, resource_id}`
pair on the gateway. This resulted in lots of unneeded resource flappage
on the client whenever bulk flow deletions happened.
After:
- When a flow is deleted, we check if this is an active flow for the
client. If so, we flap the resource then in order to trigger generation
of a new flow. If access was truly affected, that results in a loss of a
resource, we will push `resource_deleted` for the update that triggered
the flow deletion (for example the resource/policy removal). On the
gateway, we only send `reject_access` if it was the last flow granting
access for a particular `client/resource` tuple.
Why:
- While the access state is still correct in the previous
implementation, we run the possibility of pushing way too many resource
flaps to the client in an overly eager attempt to remove access the
client may not have access to.
cc @thomaseizinger
Related:
https://firezonehq.slack.com/archives/C08FPHECLUF/p1753101115735179
Bumps [hammer](https://github.com/ExHammer/hammer) from 7.0.1 to 7.1.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ExHammer/hammer/blob/master/CHANGELOG.md">hammer's
changelog</a>.</em></p>
<blockquote>
<h2>7.1.0 - 2025-07-18</h2>
<ul>
<li>Fix key type inconsistency in backend implementations - all backends
now accept <code>term()</code> keys instead of <code>String.t()</code>
(<a
href="https://redirect.github.com/ExHammer/hammer/issues/143">#143</a>)</li>
<li>Add comprehensive test coverage for various key types (atoms,
tuples, integers, lists, maps)</li>
<li>Fix race conditions in atomic backend tests (FixWindow, LeakyBucket,
TokenBucket)</li>
<li>Replace timing-dependent tests with polling-based
<code>eventually</code> helper for better CI reliability</li>
<li>Add documentation warning about Redis backend string key
requirement</li>
<li>Fix typo in <code>inc/3</code> optional callback documentation (<a
href="https://redirect.github.com/ExHammer/hammer/issues/142">#142</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a57bdecdc1"><code>a57bdec</code></a>
improve changelog last commit (<a
href="https://redirect.github.com/ExHammer/hammer/issues/145">#145</a>)</li>
<li><a
href="bb061c5334"><code>bb061c5</code></a>
Bump version to 7.1.0 (<a
href="https://redirect.github.com/ExHammer/hammer/issues/144">#144</a>)</li>
<li><a
href="7d7967f898"><code>7d7967f</code></a>
Fix key type inconsistency in backend implementations (<a
href="https://redirect.github.com/ExHammer/hammer/issues/143">#143</a>)</li>
<li><a
href="94d39525e8"><code>94d3952</code></a>
Fixes typo for inc/3 optional callback <code>@doc</code> (<a
href="https://redirect.github.com/ExHammer/hammer/issues/142">#142</a>)</li>
<li><a
href="79ca221876"><code>79ca221</code></a>
Bump benchee from 1.3.1 to 1.4.0 (<a
href="https://redirect.github.com/ExHammer/hammer/issues/135">#135</a>)</li>
<li><a
href="a09bbd0d42"><code>a09bbd0</code></a>
Bump ex_doc from 0.37.3 to 0.38.2 (<a
href="https://redirect.github.com/ExHammer/hammer/issues/141">#141</a>)</li>
<li><a
href="d06a17b6be"><code>d06a17b</code></a>
Bump credo from 1.7.11 to 1.7.12 (<a
href="https://redirect.github.com/ExHammer/hammer/issues/134">#134</a>)</li>
<li><a
href="26df742620"><code>26df742</code></a>
Update bug_report.md (<a
href="https://redirect.github.com/ExHammer/hammer/issues/133">#133</a>)</li>
<li><a
href="b8765fe216"><code>b8765fe</code></a>
Bump ex_doc from 0.37.2 to 0.37.3 (<a
href="https://redirect.github.com/ExHammer/hammer/issues/131">#131</a>)</li>
<li>See full diff in <a
href="https://github.com/ExHammer/hammer/compare/7.0.1...7.1.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[telemetry_poller](https://github.com/beam-telemetry/telemetry_poller)
from 1.2.0 to 1.3.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/beam-telemetry/telemetry_poller/blob/main/CHANGELOG.md">telemetry_poller's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/beam-telemetry/telemetry_poller/tree/v1.3.0">1.3.0</a></h2>
<h3>Added</h3>
<ul>
<li>Add <code>atom_limit</code>, <code>process_limit</code>, and
<code>port_limit</code> measurements to the <code>[vm,
system_counts]</code> event. (<a
href="https://redirect.github.com/beam-telemetry/telemetry_poller/issues/79">#79</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6d5c98f580"><code>6d5c98f</code></a>
Release v1.3.0</li>
<li><a
href="411675d8ed"><code>411675d</code></a>
Add vm.system_counts measurements with atom, port, process limits (<a
href="https://redirect.github.com/beam-telemetry/telemetry_poller/issues/79">#79</a>)</li>
<li><a
href="fefb3e9053"><code>fefb3e9</code></a>
Fix incorrect GitHub CI badge URL (<a
href="https://redirect.github.com/beam-telemetry/telemetry_poller/issues/78">#78</a>)</li>
<li><a
href="f5a3a389a7"><code>f5a3a38</code></a>
Mention persistent_term in the README (<a
href="https://redirect.github.com/beam-telemetry/telemetry_poller/issues/77">#77</a>)</li>
<li><a
href="8e8148f774"><code>8e8148f</code></a>
Fix docs</li>
<li>See full diff in <a
href="https://github.com/beam-telemetry/telemetry_poller/compare/v1.2.0...v1.3.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [zbus](https://github.com/dbus2/zbus) from 5.8.0 to 5.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dbus2/zbus/releases">zbus's
releases</a>.</em></p>
<blockquote>
<h2>🔖 zbus 5.9.0</h2>
<ul>
<li>🧵 Remove deadlocks in Connection name request tasks, resulting in
leaks under certain
circumstances.</li>
<li>🐛 When registering names, allow name replacement by default.</li>
<li>✨ Allow setting request name flags in
<code>connection::Builder</code>.</li>
<li>✨ Proper Default impl for <code>RequestNameFlags</code>. This change
is theoretically an API break for
users who assumed the default value to be empty.</li>
<li>🧑💻 Add <code>fdo::StartServiceReply</code> type. In 6.0 this will be
the return type of
<code>fdo::DBusProxy::start_service_by_name</code>. For now, just
provide a <code>TryFrom<u32></code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="30487b8fdb"><code>30487b8</code></a>
Merge pull request <a
href="https://redirect.github.com/dbus2/zbus/issues/1434">#1434</a> from
zeenix/zb-release</li>
<li><a
href="4b7928d2f8"><code>4b7928d</code></a>
🔖 zb,zm: Release 5.9.0</li>
<li><a
href="d570c947ea"><code>d570c94</code></a>
📝 CONTRIBUTING: Link to gimoji's web interface</li>
<li><a
href="0bf6e14b54"><code>0bf6e14</code></a>
Merge pull request <a
href="https://redirect.github.com/dbus2/zbus/issues/1431">#1431</a> from
zeenix/name-request-defaults</li>
<li><a
href="ba2a40752d"><code>ba2a407</code></a>
🧵 zb: Remove deadlocks in Connection name request tasks</li>
<li><a
href="3d35496021"><code>3d35496</code></a>
🐛 zb: Allow name replacement by default</li>
<li><a
href="0ad37f317a"><code>0ad37f3</code></a>
📝 zb: Remove a bunch of unnecessary links</li>
<li><a
href="493a9943d6"><code>493a994</code></a>
Merge pull request <a
href="https://redirect.github.com/dbus2/zbus/issues/1429">#1429</a> from
valpackett/val/knrmmkqzrvyp</li>
<li><a
href="f2fb16fd18"><code>f2fb16f</code></a>
🧑💻 zb: add fdo::dbus::StartServiceReply type</li>
<li><a
href="f93584de1f"><code>f93584d</code></a>
⬆️ micro: Update winnow to v0.7.12 (<a
href="https://redirect.github.com/dbus2/zbus/issues/1428">#1428</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/dbus2/zbus/compare/zbus-5.8.0...zbus-5.9.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the lifecycle group in /kotlin/android with 3 updates:
androidx.lifecycle:lifecycle-runtime-ktx,
androidx.lifecycle:lifecycle-viewmodel-ktx and
androidx.lifecycle:lifecycle-livedata-ktx.
Updates `androidx.lifecycle:lifecycle-runtime-ktx` from 2.9.1 to 2.9.2
Updates `androidx.lifecycle:lifecycle-viewmodel-ktx` from 2.9.1 to 2.9.2
Updates `androidx.lifecycle:lifecycle-livedata-ktx` from 2.9.1 to 2.9.2
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.140 to
1.0.141.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/json/releases">serde_json's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.141</h2>
<ul>
<li>Optimize string escaping during serialization (<a
href="https://redirect.github.com/serde-rs/json/issues/1273">#1273</a>,
thanks <a
href="https://github.com/conradludgate"><code>@conradludgate</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6843c3660e"><code>6843c36</code></a>
Release 1.0.141</li>
<li><a
href="6e2c21063a"><code>6e2c210</code></a>
Touch up PR 1273</li>
<li><a
href="623d9b47cf"><code>623d9b4</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1273">#1273</a>
from conradludgate/optimise-string-escaping</li>
<li><a
href="de70b7db1f"><code>de70b7d</code></a>
use unreachable_unchecked for escape table. use a second match to
roundtrip E...</li>
<li><a
href="f2d940dd54"><code>f2d940d</code></a>
replace start index with bytes slice reference</li>
<li><a
href="cd55b5a0ff"><code>cd55b5a</code></a>
Ignore mismatched_lifetime_syntaxes lint</li>
<li><a
href="c1826ebccc"><code>c1826eb</code></a>
Pin nightly toolchain used for miri job</li>
<li><a
href="8a56cfa6d0"><code>8a56cfa</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1248">#1248</a>
from jimmycathy/master</li>
<li><a
href="af3d80de56"><code>af3d80d</code></a>
chore: fix typo</li>
<li>See full diff in <a
href="https://github.com/serde-rs/json/compare/v1.0.140...v1.0.141">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the navigation group in /kotlin/android with 4 updates:
androidx.navigation:navigation-safe-args-gradle-plugin,
androidx.navigation:navigation-fragment-ktx,
androidx.navigation:navigation-ui-ktx and
androidx.navigation:navigation-testing.
Updates `androidx.navigation:navigation-safe-args-gradle-plugin` from
2.9.0 to 2.9.2
Updates `androidx.navigation:navigation-fragment-ktx` from 2.9.0 to
2.9.2
Updates `androidx.navigation:navigation-ui-ktx` from 2.9.0 to 2.9.2
Updates `androidx.navigation:navigation-testing` from 2.9.0 to 2.9.2
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the hilt group in /kotlin/android with 4 updates:
[com.google.dagger.hilt.android](https://github.com/google/dagger),
[com.google.dagger:hilt-android](https://github.com/google/dagger),
[com.google.dagger:hilt-android-compiler](https://github.com/google/dagger)
and
[com.google.dagger:hilt-android-testing](https://github.com/google/dagger).
Updates `com.google.dagger.hilt.android` from 2.56.2 to 2.57
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/dagger/releases">com.google.dagger.hilt.android's
releases</a>.</em></p>
<blockquote>
<h2>Dagger 2.57</h2>
<h1>Potential breaking changes</h1>
<p>The generated <code>Factory</code>/<code>MembersInjector</code>
constructors have changed from public to private. This shouldn’t affect
most users since these classes are only meant to be called by Dagger’s
other generated code. If you do happen to be broken by this change, you
should avoid calling Dagger’s generated
<code>Factory</code>/<code>MembersInjector</code> classes directly. For
a temporary solution, you can also switch to using the public static
methods to create an instance. (165cf20ee)</p>
<h1>Bug fixes</h1>
<p>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4779">#4779</a>.
Unshades the Kotlinx Metadata to support Kotlin 2.2.0 (bfa88b962)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="370c1b8363"><code>370c1b8</code></a>
2.57 release</li>
<li><a
href="3e66fdf163"><code>3e66fdf</code></a>
Add developer information to the Hilt Gradle Plugin POM</li>
<li><a
href="07c2d73938"><code>07c2d73</code></a>
Internal changes</li>
<li><a
href="e966c5c981"><code>e966c5c</code></a>
Internal codegen</li>
<li><a
href="78a530cc3b"><code>78a530c</code></a>
Internal changes</li>
<li><a
href="18d0bf32fe"><code>18d0bf3</code></a>
Automated Code Change</li>
<li><a
href="b5901d3cce"><code>b5901d3</code></a>
Internal change</li>
<li><a
href="e716cbe163"><code>e716cbe</code></a>
Automated Code Change</li>
<li><a
href="2e940c0a84"><code>2e940c0</code></a>
Automated Code Change</li>
<li><a
href="93c342a676"><code>93c342a</code></a>
Automated Code Change</li>
<li>Additional commits viewable in <a
href="https://github.com/google/dagger/compare/dagger-2.56.2...dagger-2.57">compare
view</a></li>
</ul>
</details>
<br />
Updates `com.google.dagger:hilt-android` from 2.56.2 to 2.57
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/dagger/releases">com.google.dagger:hilt-android's
releases</a>.</em></p>
<blockquote>
<h2>Dagger 2.57</h2>
<h1>Potential breaking changes</h1>
<p>The generated <code>Factory</code>/<code>MembersInjector</code>
constructors have changed from public to private. This shouldn’t affect
most users since these classes are only meant to be called by Dagger’s
other generated code. If you do happen to be broken by this change, you
should avoid calling Dagger’s generated
<code>Factory</code>/<code>MembersInjector</code> classes directly. For
a temporary solution, you can also switch to using the public static
methods to create an instance. (165cf20ee)</p>
<h1>Bug fixes</h1>
<p>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4779">#4779</a>.
Unshades the Kotlinx Metadata to support Kotlin 2.2.0 (bfa88b962)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="370c1b8363"><code>370c1b8</code></a>
2.57 release</li>
<li><a
href="3e66fdf163"><code>3e66fdf</code></a>
Add developer information to the Hilt Gradle Plugin POM</li>
<li><a
href="07c2d73938"><code>07c2d73</code></a>
Internal changes</li>
<li><a
href="e966c5c981"><code>e966c5c</code></a>
Internal codegen</li>
<li><a
href="78a530cc3b"><code>78a530c</code></a>
Internal changes</li>
<li><a
href="18d0bf32fe"><code>18d0bf3</code></a>
Automated Code Change</li>
<li><a
href="b5901d3cce"><code>b5901d3</code></a>
Internal change</li>
<li><a
href="e716cbe163"><code>e716cbe</code></a>
Automated Code Change</li>
<li><a
href="2e940c0a84"><code>2e940c0</code></a>
Automated Code Change</li>
<li><a
href="93c342a676"><code>93c342a</code></a>
Automated Code Change</li>
<li>Additional commits viewable in <a
href="https://github.com/google/dagger/compare/dagger-2.56.2...dagger-2.57">compare
view</a></li>
</ul>
</details>
<br />
Updates `com.google.dagger:hilt-android-compiler` from 2.56.2 to 2.57
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/dagger/releases">com.google.dagger:hilt-android-compiler's
releases</a>.</em></p>
<blockquote>
<h2>Dagger 2.57</h2>
<h1>Potential breaking changes</h1>
<p>The generated <code>Factory</code>/<code>MembersInjector</code>
constructors have changed from public to private. This shouldn’t affect
most users since these classes are only meant to be called by Dagger’s
other generated code. If you do happen to be broken by this change, you
should avoid calling Dagger’s generated
<code>Factory</code>/<code>MembersInjector</code> classes directly. For
a temporary solution, you can also switch to using the public static
methods to create an instance. (165cf20ee)</p>
<h1>Bug fixes</h1>
<p>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4779">#4779</a>.
Unshades the Kotlinx Metadata to support Kotlin 2.2.0 (bfa88b962)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="370c1b8363"><code>370c1b8</code></a>
2.57 release</li>
<li><a
href="3e66fdf163"><code>3e66fdf</code></a>
Add developer information to the Hilt Gradle Plugin POM</li>
<li><a
href="07c2d73938"><code>07c2d73</code></a>
Internal changes</li>
<li><a
href="e966c5c981"><code>e966c5c</code></a>
Internal codegen</li>
<li><a
href="78a530cc3b"><code>78a530c</code></a>
Internal changes</li>
<li><a
href="18d0bf32fe"><code>18d0bf3</code></a>
Automated Code Change</li>
<li><a
href="b5901d3cce"><code>b5901d3</code></a>
Internal change</li>
<li><a
href="e716cbe163"><code>e716cbe</code></a>
Automated Code Change</li>
<li><a
href="2e940c0a84"><code>2e940c0</code></a>
Automated Code Change</li>
<li><a
href="93c342a676"><code>93c342a</code></a>
Automated Code Change</li>
<li>Additional commits viewable in <a
href="https://github.com/google/dagger/compare/dagger-2.56.2...dagger-2.57">compare
view</a></li>
</ul>
</details>
<br />
Updates `com.google.dagger:hilt-android-testing` from 2.56.2 to 2.57
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/dagger/releases">com.google.dagger:hilt-android-testing's
releases</a>.</em></p>
<blockquote>
<h2>Dagger 2.57</h2>
<h1>Potential breaking changes</h1>
<p>The generated <code>Factory</code>/<code>MembersInjector</code>
constructors have changed from public to private. This shouldn’t affect
most users since these classes are only meant to be called by Dagger’s
other generated code. If you do happen to be broken by this change, you
should avoid calling Dagger’s generated
<code>Factory</code>/<code>MembersInjector</code> classes directly. For
a temporary solution, you can also switch to using the public static
methods to create an instance. (165cf20ee)</p>
<h1>Bug fixes</h1>
<p>Fixes <a
href="https://redirect.github.com/google/dagger/issues/4779">#4779</a>.
Unshades the Kotlinx Metadata to support Kotlin 2.2.0 (bfa88b962)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="370c1b8363"><code>370c1b8</code></a>
2.57 release</li>
<li><a
href="3e66fdf163"><code>3e66fdf</code></a>
Add developer information to the Hilt Gradle Plugin POM</li>
<li><a
href="07c2d73938"><code>07c2d73</code></a>
Internal changes</li>
<li><a
href="e966c5c981"><code>e966c5c</code></a>
Internal codegen</li>
<li><a
href="78a530cc3b"><code>78a530c</code></a>
Internal changes</li>
<li><a
href="18d0bf32fe"><code>18d0bf3</code></a>
Automated Code Change</li>
<li><a
href="b5901d3cce"><code>b5901d3</code></a>
Internal change</li>
<li><a
href="e716cbe163"><code>e716cbe</code></a>
Automated Code Change</li>
<li><a
href="2e940c0a84"><code>2e940c0</code></a>
Automated Code Change</li>
<li><a
href="93c342a676"><code>93c342a</code></a>
Automated Code Change</li>
<li>Additional commits viewable in <a
href="https://github.com/google/dagger/compare/dagger-2.56.2...dagger-2.57">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the okhttp group in /kotlin/android with 2 updates:
[com.squareup.okhttp3:okhttp](https://github.com/square/okhttp) and
[com.squareup.okhttp3:logging-interceptor](https://github.com/square/okhttp).
Updates `com.squareup.okhttp3:okhttp` from 4.12.0 to 5.1.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/square/okhttp/blob/master/CHANGELOG.md">com.squareup.okhttp3:okhttp's
changelog</a>.</em></p>
<blockquote>
<h2>Version 5.1.0</h2>
<p><em>2025-07-07</em></p>
<ul>
<li>
<p>New: <code>Response.peekTrailers()</code>. When we changed
<code>Response.trailers()</code> to block instead of
throwing in 5.0.0, we inadvertently removed the ability for callers to
peek the trailers
(by catching the <code>IllegalStateException</code> if they weren't
available). This new API restores that
capability.</p>
</li>
<li>
<p>Fix: Don't crash on <code>trailers()</code> if the response doesn't
have a body. We broke [Retrofit] users
who read the trailers on the <code>raw()</code> OkHttp response, after
its body was decoded.</p>
</li>
</ul>
<h2>Version 5.0.0</h2>
<p><em>2025-07-02</em></p>
<p>This is our first stable release of OkHttp since 2023. Here's the
highlights if you're upgrading
from OkHttp 4.x:</p>
<p><strong>OkHttp is now packaged as separate JVM and Android
artifacts.</strong> This allows us to offer
platform-specific features and optimizations. If your build system
handles [Gradle module metadata],
this change should be automatic.</p>
<p><strong>MockWebServer has a new coordinate and package name.</strong>
We didn’t like that our old artifact
depends on JUnit 4 so the new one doesn’t. It also has a better API
built on immutable values. (We
intend to continue publishing the old <code>okhttp3.mockwebserver</code>
artifact so there’s no urgency to
migrate.)</p>
<table>
<thead>
<tr>
<th align="left">Coordinate</th>
<th align="left">Package Name</th>
<th align="left">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td align="left">com.squareup.okhttp3:mockwebserver3:5.0.0</td>
<td align="left">mockwebserver3</td>
<td align="left">Core module. No JUnit dependency!</td>
</tr>
<tr>
<td align="left">com.squareup.okhttp3:mockwebserver3-junit4:5.0.0</td>
<td align="left">mockwebserver3.junit4</td>
<td align="left">Optional JUnit 4 integration.</td>
</tr>
<tr>
<td align="left">com.squareup.okhttp3:mockwebserver3-junit5:5.0.0</td>
<td align="left">mockwebserver3.junit5</td>
<td align="left">Optional JUnit 5 integration.</td>
</tr>
<tr>
<td align="left">com.squareup.okhttp3:mockwebserver:5.0.0</td>
<td align="left">okhttp3.mockwebserver</td>
<td align="left">Obsolete. Depends on JUnit 4.</td>
</tr>
</tbody>
</table>
<p><strong>OkHttp now supports Happy Eyeballs ([RFC 8305][rfc_8305]) for
IPv4+IPv6 networks.</strong> It attempts
both IPv6 and IPv4 connections concurrently, keeping whichever connects
first.</p>
<p><strong>We’ve improved our Kotlin APIs.</strong> You can skip the
builder:</p>
<pre lang="kotlin"><code>val request = Request(
url = "https://cash.app/".toHttpUrl(),
)
</code></pre>
<p><strong>OkHttp now supports [GraalVM].</strong></p>
<p>Here’s what has changed since 5.0.0-alpha.17:</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d2dd180697"><code>d2dd180</code></a>
Prepare for release 5.1.0.</li>
<li><a
href="61a87359f6"><code>61a8735</code></a>
New Response.peekTrailers() API (<a
href="https://redirect.github.com/square/okhttp/issues/8921">#8921</a>)</li>
<li><a
href="66844010f7"><code>6684401</code></a>
Update dependency gradle to v8.14.3 (<a
href="https://redirect.github.com/square/okhttp/issues/8915">#8915</a>)</li>
<li><a
href="7adb2b637c"><code>7adb2b6</code></a>
Update junit-framework monorepo (<a
href="https://redirect.github.com/square/okhttp/issues/8914">#8914</a>)</li>
<li><a
href="e41ff18df8"><code>e41ff18</code></a>
Link to new mockwebserver artifacts (<a
href="https://redirect.github.com/square/okhttp/issues/8911">#8911</a>)</li>
<li><a
href="0ff87513e2"><code>0ff8751</code></a>
Remove Graal init tracing (<a
href="https://redirect.github.com/square/okhttp/issues/8909">#8909</a>)</li>
<li><a
href="b9a2560e56"><code>b9a2560</code></a>
Run graal on master (<a
href="https://redirect.github.com/square/okhttp/issues/8907">#8907</a>)</li>
<li><a
href="8339524463"><code>8339524</code></a>
Remove ExperimentalOkHttpApi references (<a
href="https://redirect.github.com/square/okhttp/issues/8908">#8908</a>)</li>
<li><a
href="ce29ef6182"><code>ce29ef6</code></a>
Fix graal tests (<a
href="https://redirect.github.com/square/okhttp/issues/8906">#8906</a>)</li>
<li><a
href="85796896c3"><code>8579689</code></a>
Don't force a response body read on all trailers (<a
href="https://redirect.github.com/square/okhttp/issues/8904">#8904</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/square/okhttp/compare/parent-4.12.0...parent-5.1.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `com.squareup.okhttp3:logging-interceptor` from 4.12.0 to 5.1.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/square/okhttp/blob/master/CHANGELOG.md">com.squareup.okhttp3:logging-interceptor's
changelog</a>.</em></p>
<blockquote>
<h2>Version 5.1.0</h2>
<p><em>2025-07-07</em></p>
<ul>
<li>
<p>New: <code>Response.peekTrailers()</code>. When we changed
<code>Response.trailers()</code> to block instead of
throwing in 5.0.0, we inadvertently removed the ability for callers to
peek the trailers
(by catching the <code>IllegalStateException</code> if they weren't
available). This new API restores that
capability.</p>
</li>
<li>
<p>Fix: Don't crash on <code>trailers()</code> if the response doesn't
have a body. We broke [Retrofit] users
who read the trailers on the <code>raw()</code> OkHttp response, after
its body was decoded.</p>
</li>
</ul>
<h2>Version 5.0.0</h2>
<p><em>2025-07-02</em></p>
<p>This is our first stable release of OkHttp since 2023. Here's the
highlights if you're upgrading
from OkHttp 4.x:</p>
<p><strong>OkHttp is now packaged as separate JVM and Android
artifacts.</strong> This allows us to offer
platform-specific features and optimizations. If your build system
handles [Gradle module metadata],
this change should be automatic.</p>
<p><strong>MockWebServer has a new coordinate and package name.</strong>
We didn’t like that our old artifact
depends on JUnit 4 so the new one doesn’t. It also has a better API
built on immutable values. (We
intend to continue publishing the old <code>okhttp3.mockwebserver</code>
artifact so there’s no urgency to
migrate.)</p>
<table>
<thead>
<tr>
<th align="left">Coordinate</th>
<th align="left">Package Name</th>
<th align="left">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td align="left">com.squareup.okhttp3:mockwebserver3:5.0.0</td>
<td align="left">mockwebserver3</td>
<td align="left">Core module. No JUnit dependency!</td>
</tr>
<tr>
<td align="left">com.squareup.okhttp3:mockwebserver3-junit4:5.0.0</td>
<td align="left">mockwebserver3.junit4</td>
<td align="left">Optional JUnit 4 integration.</td>
</tr>
<tr>
<td align="left">com.squareup.okhttp3:mockwebserver3-junit5:5.0.0</td>
<td align="left">mockwebserver3.junit5</td>
<td align="left">Optional JUnit 5 integration.</td>
</tr>
<tr>
<td align="left">com.squareup.okhttp3:mockwebserver:5.0.0</td>
<td align="left">okhttp3.mockwebserver</td>
<td align="left">Obsolete. Depends on JUnit 4.</td>
</tr>
</tbody>
</table>
<p><strong>OkHttp now supports Happy Eyeballs ([RFC 8305][rfc_8305]) for
IPv4+IPv6 networks.</strong> It attempts
both IPv6 and IPv4 connections concurrently, keeping whichever connects
first.</p>
<p><strong>We’ve improved our Kotlin APIs.</strong> You can skip the
builder:</p>
<pre lang="kotlin"><code>val request = Request(
url = "https://cash.app/".toHttpUrl(),
)
</code></pre>
<p><strong>OkHttp now supports [GraalVM].</strong></p>
<p>Here’s what has changed since 5.0.0-alpha.17:</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d2dd180697"><code>d2dd180</code></a>
Prepare for release 5.1.0.</li>
<li><a
href="61a87359f6"><code>61a8735</code></a>
New Response.peekTrailers() API (<a
href="https://redirect.github.com/square/okhttp/issues/8921">#8921</a>)</li>
<li><a
href="66844010f7"><code>6684401</code></a>
Update dependency gradle to v8.14.3 (<a
href="https://redirect.github.com/square/okhttp/issues/8915">#8915</a>)</li>
<li><a
href="7adb2b637c"><code>7adb2b6</code></a>
Update junit-framework monorepo (<a
href="https://redirect.github.com/square/okhttp/issues/8914">#8914</a>)</li>
<li><a
href="e41ff18df8"><code>e41ff18</code></a>
Link to new mockwebserver artifacts (<a
href="https://redirect.github.com/square/okhttp/issues/8911">#8911</a>)</li>
<li><a
href="0ff87513e2"><code>0ff8751</code></a>
Remove Graal init tracing (<a
href="https://redirect.github.com/square/okhttp/issues/8909">#8909</a>)</li>
<li><a
href="b9a2560e56"><code>b9a2560</code></a>
Run graal on master (<a
href="https://redirect.github.com/square/okhttp/issues/8907">#8907</a>)</li>
<li><a
href="8339524463"><code>8339524</code></a>
Remove ExperimentalOkHttpApi references (<a
href="https://redirect.github.com/square/okhttp/issues/8908">#8908</a>)</li>
<li><a
href="ce29ef6182"><code>ce29ef6</code></a>
Fix graal tests (<a
href="https://redirect.github.com/square/okhttp/issues/8906">#8906</a>)</li>
<li><a
href="85796896c3"><code>8579689</code></a>
Don't force a response body read on all trailers (<a
href="https://redirect.github.com/square/okhttp/issues/8904">#8904</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/square/okhttp/compare/parent-4.12.0...parent-5.1.0">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
When being presented an invalid peer certificate, there is no reason why
we should retry the connection, it is unlikely to fix itself. Plus, the
certificate may get / be cached and a restart of the application is
necessary.
Resolves: #9944
Jamil