github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-28 02:18:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,426 Commits 1 Branch 0 Tags
da85408e27fcbbf3dc147f2cf929d8fd6e08efdd
Commit Graph

952 Commits

Author SHA1 Message Date
Reactor Scram
da85408e27 refactor(gui-client): move known_dirs module into headless-client (#4908) 
This should make it easier for the IPC services on both Linux and
Windows to write logs to well-known dirs that the GUI can read for
exporting zips.
 2024-05-08 20:26:02 +00:00
dependabot[bot]
7f577a4635 build(deps): Bump libc from 0.2.153 to 0.2.154 in /rust (#4894) 
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.153 to 0.2.154.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/libc/releases">libc's
releases</a>.</em></p>
<blockquote>
<h2>0.2.154</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix CI on v0.2 by <a
href="https://github.com/JohnTitor"><code>@​JohnTitor</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3589">rust-lang/libc#3589</a></li>
<li>[Backport <a
href="https://redirect.github.com/rust-lang/libc/issues/3547">#3547</a>]
Add ioctl FS_IOC_{G,S}{ETVERSION,ETFLAGS} for CSKY by <a
href="https://github.com/Dirreke"><code>@​Dirreke</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3572">rust-lang/libc#3572</a></li>
<li>Add Linux riscv64 HWCAP defines (libc-0.2) by <a
href="https://github.com/Xeonacid"><code>@​Xeonacid</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3580">rust-lang/libc#3580</a></li>
<li>Add missing MIPS R6 FS_IOC_* definitions by <a
href="https://github.com/chenx97"><code>@​chenx97</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3591">rust-lang/libc#3591</a></li>
<li>Support posix_spawn on Android by <a
href="https://github.com/pcc"><code>@​pcc</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3602">rust-lang/libc#3602</a></li>
<li>[0.2] Fix libc-tests for loongarch64 by <a
href="https://github.com/heiher"><code>@​heiher</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3607">rust-lang/libc#3607</a></li>
<li>visionOS Support by <a
href="https://github.com/agg23"><code>@​agg23</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3568">rust-lang/libc#3568</a></li>
<li>[0.2] linux/musl: Add support for LoongArch64 by <a
href="https://github.com/heiher"><code>@​heiher</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3606">rust-lang/libc#3606</a></li>
<li>v0.2: Fix c_char on AIX by <a
href="https://github.com/taiki-e"><code>@​taiki-e</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3662">rust-lang/libc#3662</a></li>
<li>solarish adding SO_EXCLBIND constant. by <a
href="https://github.com/devnexen"><code>@​devnexen</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3651">rust-lang/libc#3651</a></li>
<li>[0.2] Add SIG constants to espidf by <a
href="https://github.com/Tevz-Beskovnik"><code>@​Tevz-Beskovnik</code></a>
in <a
href="https://redirect.github.com/rust-lang/libc/pull/3658">rust-lang/libc#3658</a></li>
<li>add all android sysconf constants by <a
href="https://github.com/fkm3"><code>@​fkm3</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3656">rust-lang/libc#3656</a></li>
<li>feat: more _PC_XXX constants for apple targets by <a
href="https://github.com/SteveLauC"><code>@​SteveLauC</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3649">rust-lang/libc#3649</a></li>
<li>feat: O_EXEC/O_SEARCH for apple platforms by <a
href="https://github.com/SteveLauC"><code>@​SteveLauC</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3668">rust-lang/libc#3668</a></li>
<li>[0.2] Add constant AT_MINSIGSTKSZ by <a
href="https://github.com/ur4t"><code>@​ur4t</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3637">rust-lang/libc#3637</a></li>
<li>Haiku: synchronize with post R1-beta 4 changes in libc by <a
href="https://github.com/nielx"><code>@​nielx</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3638">rust-lang/libc#3638</a></li>
<li>adding getentropy/getrandom to dragonflybsd. by <a
href="https://github.com/devnexen"><code>@​devnexen</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3618">rust-lang/libc#3618</a></li>
<li>Move strftime, strftime_l, strptime to linux_like by <a
href="https://github.com/pcc"><code>@​pcc</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3600">rust-lang/libc#3600</a></li>
<li>update crate version to 0.2.154 by <a
href="https://github.com/Dirreke"><code>@​Dirreke</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3573">rust-lang/libc#3573</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/pcc"><code>@​pcc</code></a> made their
first contribution in <a
href="https://redirect.github.com/rust-lang/libc/pull/3602">rust-lang/libc#3602</a></li>
<li><a href="https://github.com/agg23"><code>@​agg23</code></a> made
their first contribution in <a
href="https://redirect.github.com/rust-lang/libc/pull/3568">rust-lang/libc#3568</a></li>
<li><a
href="https://github.com/Tevz-Beskovnik"><code>@​Tevz-Beskovnik</code></a>
made their first contribution in <a
href="https://redirect.github.com/rust-lang/libc/pull/3658">rust-lang/libc#3658</a></li>
<li><a href="https://github.com/ur4t"><code>@​ur4t</code></a> made their
first contribution in <a
href="https://redirect.github.com/rust-lang/libc/pull/3637">rust-lang/libc#3637</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/rust-lang/libc/compare/0.2.153...0.2.154">https://github.com/rust-lang/libc/compare/0.2.153...0.2.154</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b78d6a3d27"><code>b78d6a3</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/libc/issues/3573">#3573</a>
from Dirreke/update-libc0.2</li>
<li><a
href="3111f6fe3f"><code>3111f6f</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/libc/issues/3600">#3600</a>
from pcc/strtime</li>
<li><a
href="4d836cceb6"><code>4d836cc</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/libc/issues/3618">#3618</a>
from devnexen/dfbsd_gtrandom</li>
<li><a
href="23a1b4c889"><code>23a1b4c</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/libc/issues/3638">#3638</a>
from nielx/haiku-hrev57593-0.2</li>
<li><a
href="f4ab3e77d3"><code>f4ab3e7</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/libc/issues/3637">#3637</a>
from ur4t/libc-0.2</li>
<li><a
href="4d6fe50954"><code>4d6fe50</code></a>
Move strftime, strftime_l, strptime to linux_like</li>
<li><a
href="e79e95f790"><code>e79e95f</code></a>
adding getentropy/getrandom to dragonflybsd.</li>
<li><a
href="82206836f7"><code>8220683</code></a>
Double quote variables in shell scripts</li>
<li><a
href="c0a693644c"><code>c0a6936</code></a>
Add constant AT_MINSIGSTKSZ introduced by glibc 2.35</li>
<li><a
href="1c7f8fcd8a"><code>1c7f8fc</code></a>
Haiku: synchronize with post R1-beta 4 changes in libc</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-lang/libc/compare/0.2.153...0.2.154">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=libc&package-manager=cargo&previous-version=0.2.153&new-version=0.2.154)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-08 16:14:24 +00:00
Gabi
d22719da0c fix(connlib): add_resource multiple times with same resource id (#4914) 
Similar to #4911 if multiple times add_resource was called with the same
resource id the previous one will be overriden.

This happens when multiple subdomain resources exists this could
override the ip of a previously resolved subdomain and disallow access.

The solution is to simply keep track of every resolved subdomain.
Furthermore with the new method each subdomain could have different
expiration(nothing actually prohibit this from happening in the control
protocol and until this commit we simply discarded the latest
expiration)
 2024-05-08 05:50:29 +00:00
Gabi
645bb1743e fix(connlib): filters for resoruces with multiple ips (#4911) 
Fixes a bug, wherein a resource with multiple ip, would get a single
allowed ip since each time `add_resource` was called it was replacing
the previous one.

For the fix we add all the resource ips with a single call, and then use
those multiple ips to calculate the filters.

The edge-case here is if there are 2 DNS resources with some overlapping
ips but some not overlapping: In that case, overlapping ips would get
both filters non-overlapping would only get those corresponding to its
ips.

Note that only dns resources can get multiple ips for now.
 2024-05-08 02:27:59 +00:00
Gabi
c46967e1d6 fix(connlib): resource filter deserialization (#4910) 
There was an error on how resource filters were deserialized in the
gateway:

* we always assumed that there would be the ports included but the
portal sends no port down when the "all" range is allowed
* also we didn't support the resource_updated message, this fixes it,
and resources allow-list can be changes in-flight
 2024-05-08 00:16:06 +00:00
Gabi
0c7c96dd07 chore(connlib): pass to client new fields (#4900) 
Fixes #4885
 2024-05-07 21:14:29 +00:00
Gabi
68ece0a940 feat(connlib): traffic filtering (#4779) 
This implements traffic filtering on the gateway. Filters are set on the
portal, per-resource, in an allow-list manner.

If no filters exist for a given resource all packets are allowed,
otherwise only packets that matches port/protocol for the filters are
allowed, otherwise they are dropped.

Filters can be either TCP, UDP or ICMP. For the first 2 multiple ports
can be given. Furthermore, multiple filters can exists for the same
resource.

To be able to add and remove filters with the same IP/CIDR we keep
around the whole list of filters for any given peer using an ID map and
recalculate the IP each time something is added is removed.

This allows us to remove filters and simply recalculate the allowlist
for each IP.

Furthermore, for any IP, all rules apply, meaning if there are multiple
IPs that apply for a resource all port/protocol combinations for that IP
will apply.

This works well right now for DNS resources, since access is requested
by DNS name, then the resource for that DNS name will arrive at the
gateway, and the port filtering will apply given that resource(and any
other resource with the same IP).

However, since the client has no idea of the filters, it can't request
the resource access based on the port/protocol combination and we are
still using the most specific("longest match") IP. This will mean that
for overlapping CIDR resources, only the rules for the most specific
will be used, even if the gateway supports applying them all, since it
will not have the other resources. This will be solved in #4789.

It can also lead to some weirdness, let's say that you have 10.0.0.0/24
-> TCP/80 and 10.0.0.0/16 -> TCP/443 for your user.

The user tries to access 10.0.0.1, and will then only be allowed port
80. At some point the user might access 10.1.0.1 and it will be allowed
port 443. But from that point on, the user will be allowed to access 80
and 443 in 10.0.0.1 because the rules correctly work on the gateway, the
problem is the client side. Again, #4789 will fix this.

Left for next PRs (in tentative order!):

- #4792 
- #4789 

Depends on: #4773.
Resolves #2030.
Resolves #4791.

---------

Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
 2024-05-07 19:47:49 +00:00
Gabi
94000bf5df chore(docker): local dev docker-compose (#4748) 
simple name change fix
 2024-05-06 23:43:00 +00:00
dependabot[bot]
1c7409be52 build(deps): Bump reqwest from 0.12.2 to 0.12.4 in /rust (#4895) 
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.2 to
0.12.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/releases">reqwest's
releases</a>.</em></p>
<blockquote>
<h2>v0.12.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Add <code>zstd</code> support, enabled with <code>zstd</code> Cargo
feature (thanks <a
href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a>!)</li>
<li>Add <code>ClientBuilder::read_timeout(Duration)</code>, which
applies the duration for each read operation. The timeout resets after a
successful read.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/SamuelMarks"><code>@​SamuelMarks</code></a>
made their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2245">seanmonstar/reqwest#2245</a></li>
</ul>
<h2>v0.12.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Add <code>FromStr</code> for <code>dns::Name</code>.</li>
<li>Add <code>ClientBuilder::built_in_webpki_certs(bool)</code> to
enable them separately.</li>
<li>Add <code>ClientBuilder::built_in_native_certs(bool)</code> to
enable them separately.</li>
<li>Fix sending <code>content-length: 0</code> for GET requests.</li>
<li>Fix response body <code>content_length()</code> to return value when
timeout is configured.</li>
<li>Fix <code>ClientBuilder::resolve()</code> to use lowercase domain
names.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/zuisong"><code>@​zuisong</code></a> made
their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2207">seanmonstar/reqwest#2207</a></li>
<li><a href="https://github.com/djc"><code>@​djc</code></a> made their
first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2222">seanmonstar/reqwest#2222</a></li>
<li><a href="https://github.com/krant"><code>@​krant</code></a> made
their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2226">seanmonstar/reqwest#2226</a></li>
<li><a
href="https://github.com/Kriskras99"><code>@​Kriskras99</code></a> made
their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2236">seanmonstar/reqwest#2236</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/seanmonstar/reqwest/compare/v0.12.2...v0.12.3">https://github.com/seanmonstar/reqwest/compare/v0.12.2...v0.12.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's
changelog</a>.</em></p>
<blockquote>
<h2>v0.12.4</h2>
<ul>
<li>Add <code>zstd</code> support, enabled with <code>zstd</code> Cargo
feature.</li>
<li>Add <code>ClientBuilder::read_timeout(Duration)</code>, which
applies the duration for each read operation. The timeout resets after a
successful read.</li>
</ul>
<h2>v0.12.3</h2>
<ul>
<li>Add <code>FromStr</code> for <code>dns::Name</code>.</li>
<li>Add <code>ClientBuilder::built_in_webpki_certs(bool)</code> to
enable them separately.</li>
<li>Add <code>ClientBuilder::built_in_native_certs(bool)</code> to
enable them separately.</li>
<li>Fix sending <code>content-length: 0</code> for GET requests.</li>
<li>Fix response body <code>content_length()</code> to return value when
timeout is configured.</li>
<li>Fix <code>ClientBuilder::resolve()</code> to use lowercase domain
names.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="de5dbb1ab8"><code>de5dbb1</code></a>
v0.12.4</li>
<li><a
href="0f126f57ab"><code>0f126f5</code></a>
tests: fix blocking test about empty bodies and content-length</li>
<li><a
href="107388134b"><code>1073881</code></a>
feat: add zstd support (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1866">#1866</a>)</li>
<li><a
href="1af8945143"><code>1af8945</code></a>
feat: add ClientBuilder::read_timeout(dur) (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2241">#2241</a>)</li>
<li><a
href="e99da854a1"><code>e99da85</code></a>
refactor: fix warnings related to mutability of <code>self</code> (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2245">#2245</a>)</li>
<li><a
href="0720159f63"><code>0720159</code></a>
v0.12.3</li>
<li><a
href="92096952b7"><code>9209695</code></a>
Remove duplicate example for ClientBuilder::default_headers (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2236">#2236</a>)</li>
<li><a
href="e3a15650d6"><code>e3a1565</code></a>
fix: use lower case domain string when using <code>resolve</code> and
<code>resolve_to_addrs</code>...</li>
<li><a
href="b4c491a6ff"><code>b4c491a</code></a>
feat: allow fine-grained root certs for rustls (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2232">#2232</a>)</li>
<li><a
href="cf4295d59d"><code>cf4295d</code></a>
chore: update winreg to 0.52.0 (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2226">#2226</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/seanmonstar/reqwest/compare/v0.12.2...v0.12.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=reqwest&package-manager=cargo&previous-version=0.12.2&new-version=0.12.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Reactor Scram <ReactorScram@users.noreply.github.com>
 2024-05-06 20:49:07 +00:00
Reactor Scram
99b684b620 chore(gui-client/linux): fix single-instance (#4890) 
Closes #4888

It turns out clicking on a notification in Ubuntu can cause it to call
the application, so I had to add back single-instance protection.

Windows' named pipes do this easily. For Unix domain sockets, we allow
the 2nd instance to connect to us, and then when the connection
succeeds, the 2nd instance bails out and the 1st instance bails out of
the deep link handler because it sees a 0-byte-long deep link.

So clicking on the notification does result in a 2nd instance warning
dialog, but it's better than before. I guess it makes sense why Ubuntu
does that, in case any app wants to raise their window when clicked, but
I wish they passed a well-known subcommand or something. Or just used a
normal click action.

<img width="609" alt="image"
src="https://github.com/firezone/firezone/assets/13400041/37467f57-22b0-4a38-9e74-e4863fd331b1">

---------

Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
 2024-05-06 16:31:33 +00:00
Reactor Scram
cdebfa6901 chore(gui-client/linux): fix group name, firezone should be firezone-client (#4889) 
Also improved the manual testing checklist a little
 2024-05-06 14:09:30 +00:00
dependabot[bot]
785b829c7a build(deps): Bump socket2 from 0.5.6 to 0.5.7 in /rust (#4863) 
Bumps [socket2](https://github.com/rust-lang/socket2) from 0.5.6 to
0.5.7.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md">socket2's
changelog</a>.</em></p>
<blockquote>
<h1>0.5.7</h1>
<ul>
<li>Added <code>Socket::(set_)passcred</code>
(<a
href="https://redirect.github.com/rust-lang/socket2/pull/506">rust-lang/socket2#506</a>).</li>
<li>Added <code>RecvFlags::is_confirm</code> and
<code>RecvFlags::is_dontroute</code>
(<a
href="https://redirect.github.com/rust-lang/socket2/pull/499">rust-lang/socket2#499</a>).</li>
<li>Added <code>MsgHdrMut::control_len</code>
(<a
href="https://redirect.github.com/rust-lang/socket2/pull/505">rust-lang/socket2#505</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c8146aa5bb"><code>c8146aa</code></a>
Release v0.5.7</li>
<li><a
href="8685db561c"><code>8685db5</code></a>
Use consistent language in change log</li>
<li><a
href="6923954ce0"><code>6923954</code></a>
Add test for Socket::passcred/set_passcred and fix formatting.</li>
<li><a
href="630c8a7370"><code>630c8a7</code></a>
Add Socket::passcred/set_passcred for working with SO_PASSCRED.</li>
<li><a
href="21ba6609ef"><code>21ba660</code></a>
Add MsgHdrMut::control_len to get how much of control buffer was
filled.</li>
<li><a
href="c93cdcc25f"><code>c93cdcc</code></a>
Add MSG_CONFIRM and MSG_DONTROUTE to RecvFlags</li>
<li>See full diff in <a
href="https://github.com/rust-lang/socket2/compare/v0.5.6...v0.5.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket2&package-manager=cargo&previous-version=0.5.6&new-version=0.5.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-05 14:08:29 +00:00
dependabot[bot]
740aebc831 build(deps): Bump anyhow from 1.0.81 to 1.0.82 in /rust (#4810) 
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.81 to 1.0.82.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/anyhow/releases">anyhow's
releases</a>.</em></p>
<blockquote>
<h2>1.0.82</h2>
<ul>
<li>Documentation improvements</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="074bdea1c7"><code>074bdea</code></a>
Release 1.0.82</li>
<li><a
href="47a4fbfa36"><code>47a4fbf</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/anyhow/issues/360">#360</a>
from dtolnay/docensure</li>
<li><a
href="c5af1db020"><code>c5af1db</code></a>
Make ensure's doc comment apply to the cfg(not(doc)) macro too</li>
<li><a
href="bebc7a2fe4"><code>bebc7a2</code></a>
Revert &quot;Temporarily disable miri on doctests&quot;</li>
<li><a
href="f2c4db9b47"><code>f2c4db9</code></a>
Update ui test suite to nightly-2024-03-31</li>
<li><a
href="028cbeedf5"><code>028cbee</code></a>
Explicitly install a Rust toolchain for cargo-outdated job</li>
<li><a
href="7a4cac5192"><code>7a4cac5</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/anyhow/issues/358">#358</a>
from dtolnay/workspacewrapper</li>
<li><a
href="939db012c2"><code>939db01</code></a>
Apply RUSTC_WORKSPACE_WRAPPER</li>
<li><a
href="9f84a37551"><code>9f84a37</code></a>
Temporarily disable miri on doctests</li>
<li><a
href="45e5a589e9"><code>45e5a58</code></a>
Ignore dead code lint in test</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/anyhow/compare/1.0.81...1.0.82">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anyhow&package-manager=cargo&previous-version=1.0.81&new-version=1.0.82)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
 2024-05-03 23:35:02 +00:00
Gabi
b45a302749 chore(connlib): remove unused parking_lot (#4886) 
Supersedes #4812
 2024-05-03 20:58:56 +00:00
Reactor Scram
2f235ebd42 chore(gui-client/linux): export all logs, not just app logs (#4830) 
17ac1ebe79 looks good on both Linux and Windows

```[tasklist]
### Before merging
- [x] Allow GUI to delete IPC service logs
- [x] Test Linux
- [x] Test Windows
```
 2024-05-03 19:13:45 +00:00
Reactor Scram
e8b1736cb0 chore(gui-client/linux): show an error if the user doesn't belong to the firezone group (#4822) 
Ran into this during testing. For some reason Ubuntu 20.04, maybe
others, requires a reboot to add the desktop user to a group. I thought
logging out and back in should be enough but it's not.

<img width="527" alt="image"
src="https://github.com/firezone/firezone/assets/13400041/4f7c2551-c7aa-4ecc-be55-66c6e6ac32a0">

---------

Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
 2024-05-03 14:04:21 +00:00
Reactor Scram
93f7c86f55 chore(gui-client/linux): add smoke test checklist (#4882) 
This is what I've been doing on the testing VMs to exercise the
first-run behavior.

---------

Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
 2024-05-02 19:33:14 +00:00
Reactor Scram
782e140db9 chore(gui-client/linux): fix deep links on Ubuntu 22.04 (#4881) 
Closes #4880
 2024-05-02 18:31:15 +00:00
Reactor Scram
35a802d6d9 chore(gui-client/linux): add install script and change group to firezone-client (#4879) 
Closes #4873
 2024-05-02 17:51:28 +00:00
Reactor Scram
3eec350325 chore(gui-client/linux): poll for DNS changes every 5 seconds (#4875) 
Closes #4819

There is a way to get them async with D-Bus. We can invest time in that
if we want. Polling works for now, it's just gonna be a slight battery
waste on laptops.
 2024-05-01 21:20:13 +00:00
dependabot[bot]
127cdc3377 build(deps): Bump @tauri-apps/cli from 1.5.11 to 1.5.12 in /rust/gui-client (#4846) 
Bumps [@tauri-apps/cli](https://github.com/tauri-apps/tauri) from 1.5.11
to 1.5.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/cli</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/cli</code> v1.5.12</h2>
<h2>[1.5.12]</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="1675e41f05"><code>1675e41f0</code></a>(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9481">#9481</a>)
Fixed an issue with the CLI renaming the main executable in kebab-case
when building for Windows on a non-Windows system which caused the
bundler step to fail.</li>
<li><a
href="9dd67abd93"><code>9dd67abd9</code></a>(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9298">#9298</a>)
Upgrade <code>heck</code> to v0.5 to better support Chinese and Japanese
product name, because Chinese do not have word separation.</li>
<li><a
href="f9638b6315"><code>f9638b631</code></a>(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9491">#9491</a>)
Fixed an issue that caused the CLI to rename app binaries incorrectly if
the product name contained a <code>.</code> which resulted in the
bundling step to fail.</li>
<li><a
href="77cc49ac3c"><code>77cc49ac3</code></a>(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9188">#9188</a>)
Fixed an issue causing the <code>build.runner</code> and
<code>build.features</code> configs to not take effect.</li>
<li><a
href="aeddc40b9e"><code>aeddc40b9</code></a>(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9411">#9411</a>)
Fix <code>tauri info</code> crashing when Node.js is not installed.</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>tauri-cli@1.5.12</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="caddd5bdd8"><code>caddd5b</code></a>
Apply Version Updates From Current Changes (v1) (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9544">#9544</a>)</li>
<li><a
href="72c2636527"><code>72c2636</code></a>
chore(ci): fix MSRV downgrade (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9543">#9543</a>)</li>
<li><a
href="83e024c670"><code>83e024c</code></a>
chore(ci): downgrade home crate (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9542">#9542</a>)</li>
<li><a
href="07c9e352df"><code>07c9e35</code></a>
fix(ci): downgrade cc crate for MSRV compatibility (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9541">#9541</a>)</li>
<li><a
href="d00178d60c"><code>d00178d</code></a>
ci: Fix package downgrades in covector workflow (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9538">#9538</a>)</li>
<li><a
href="705da977a9"><code>705da97</code></a>
fix: optional chaining is not supported on older webviews (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9529">#9529</a>)</li>
<li><a
href="1675e41f05"><code>1675e41</code></a>
fix(bundler): don't convert product name to snake case when cross
compiling (...</li>
<li><a
href="f9638b6315"><code>f9638b6</code></a>
fix(cli): append extension to app binary manually on rename (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9491">#9491</a>)</li>
<li><a
href="aeddc40b9e"><code>aeddc40</code></a>
fix(cli/info): fix crash when checking node version (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9411">#9411</a>)</li>
<li><a
href="fe6f81fa88"><code>fe6f81f</code></a>
chore: fix clippy false positive (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9329">#9329</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/cli-v1.5.11...@tauri-apps/cli-v1.5.12">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@tauri-apps/cli&package-manager=npm_and_yarn&previous-version=1.5.11&new-version=1.5.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-01 16:08:04 +00:00
dependabot[bot]
85da7778f8 build(deps): Bump @tauri-apps/api from 1.5.3 to 1.5.4 in /rust/gui-client (#4847) 
Bumps [@tauri-apps/api](https://github.com/tauri-apps/tauri) from 1.5.3
to 1.5.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/api</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/api</code> v1.5.4</h2>
<!-- raw HTML omitted -->
<pre><code>yarn audit v1.22.22
info No lockfile found.
0 vulnerabilities found - Packages audited: 148
Done in 1.53s.
</code></pre>
<!-- raw HTML omitted -->
<h2>[1.5.4]</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="e3b6d38d26"><code>e3b6d38d2</code></a>(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9166">#9166</a>)
Fix <code>basename(path, 'ext')</code> JS API when removing all
occurances of <code>ext</code> where it should only remove the last
one.</li>
<li><a
href="705da977a9"><code>705da977a</code></a>(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9529">#9529</a>)
Do not use JS optional chaining to prevent script errors on older
webviews such as macOS 10.14.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>yarn run v1.22.22
$ yarn build &amp;&amp; cd ./dist &amp;&amp; yarn publish --access
public --loglevel silly
$ rollup -c --configPlugin typescript

./src/app.ts, ./src/cli.ts, ./src/clipboard.ts, ./src/dialog.ts,
./src/event.ts, ./src/fs.ts, ./src/globalShortcut.ts, ./src/http.ts,
./src/index.ts, ./src/mocks.ts, ./src/notification.ts, ./src/os.ts,
./src/path.ts, ./src/process.ts, ./src/shell.ts, ./src/tauri.ts,
./src/updater.ts, ./src/window.ts → ./dist, ./dist...
created ./dist, ./dist in 1.6s

src/index.ts →
../../core/tauri/scripts/bundle.global.js...
created ../../core/tauri/scripts/bundle.global.js in
1.8s
[1/4] Bumping version...
info Current version: 1.5.4
[2/4] Logging in...
[3/4] Publishing...
success Published.
[4/4] Revoking token...
info Not revoking login token, specified via config file.
Done in 9.52s.
</code></pre>
<!-- raw HTML omitted -->
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="caddd5bdd8"><code>caddd5b</code></a>
Apply Version Updates From Current Changes (v1) (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9544">#9544</a>)</li>
<li><a
href="72c2636527"><code>72c2636</code></a>
chore(ci): fix MSRV downgrade (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9543">#9543</a>)</li>
<li><a
href="83e024c670"><code>83e024c</code></a>
chore(ci): downgrade home crate (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9542">#9542</a>)</li>
<li><a
href="07c9e352df"><code>07c9e35</code></a>
fix(ci): downgrade cc crate for MSRV compatibility (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9541">#9541</a>)</li>
<li><a
href="d00178d60c"><code>d00178d</code></a>
ci: Fix package downgrades in covector workflow (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9538">#9538</a>)</li>
<li><a
href="705da977a9"><code>705da97</code></a>
fix: optional chaining is not supported on older webviews (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9529">#9529</a>)</li>
<li><a
href="1675e41f05"><code>1675e41</code></a>
fix(bundler): don't convert product name to snake case when cross
compiling (...</li>
<li><a
href="f9638b6315"><code>f9638b6</code></a>
fix(cli): append extension to app binary manually on rename (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9491">#9491</a>)</li>
<li><a
href="aeddc40b9e"><code>aeddc40</code></a>
fix(cli/info): fix crash when checking node version (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9411">#9411</a>)</li>
<li><a
href="fe6f81fa88"><code>fe6f81f</code></a>
chore: fix clippy false positive (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9329">#9329</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/api-v1.5.3...@tauri-apps/api-v1.5.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@tauri-apps/api&package-manager=npm_and_yarn&previous-version=1.5.3&new-version=1.5.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-01 16:07:10 +00:00
Reactor Scram
2721df26b5 chore(gui-client): cleanup (#4836) 
I noticed a few things were unused or incorrect, this fixes those
 2024-05-01 15:34:25 +00:00
Reactor Scram
438469f3ac chore(linux-client): make headless client / IPC service logs group-readable (#4825) 
```[tasklist]
# Before merging
- [x] Add CI test to check that the Unix domain socket is owned by `root:firezone` (#4832 will do this)
```

This allows the GUI (running as a normal user who belongs to the
`firezone` group) to read back the connlib logs and export them in the
zip file.

<img width="716" alt="image"
src="https://github.com/firezone/firezone/assets/13400041/59cb7cc5-fd6a-4b27-a311-1b9c56b7b23e">
 2024-05-01 15:06:25 +00:00
Jamil
dee9883054 chore(firezone-tunnel): Remove unused SIOCGIFMTU in tun_android (#4869) 
https://github.com/firezone/firezone/actions/runs/8821060629/job/24216095183?pr=4178#step:9:2150
 2024-05-01 14:58:47 +00:00
dependabot[bot]
fc165f9a61 build(deps): Bump swift-bridge from 0.1.53 to 0.1.55 in /rust (#4862) 
Bumps [swift-bridge](https://github.com/chinedufn/swift-bridge) from
0.1.53 to 0.1.55.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/chinedufn/swift-bridge/releases">swift-bridge's
releases</a>.</em></p>
<blockquote>
<h2>0.1.55</h2>
<ul>
<li>Fix memory leak when passing <code>Option&lt;SwiftType&gt;</code>
from Swift to Rust. <a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/273">#273</a>
<ul>
<li>It is very unlikely that users were impacted by this leak
<code>Option&lt;SwiftType&gt;</code> support was introduced about 10
hours ago</li>
<li>Full explanation of the leak can be found in
87dbea3c28d4a96d9195bd3a70fdecfd85fd8f5c</li>
</ul>
<pre lang="rust"><code>#[swift_bridge::bridge]
mod ffi {
    extern &quot;Swift&quot; {
        type SomeSwiftType;
    }
<pre><code>extern &amp;quot;Rust&amp;quot; {
    // Calling with would leak memory in &amp;quot;0.1.54&amp;quot;.
    // This no longer leaks as of &amp;quot;0.1.55&amp;quot;.
    fn option_arg(arg: Option&amp;lt;SomeSwiftType&amp;gt;);
}
</code></pre>
<p>}
</code></pre></p>
</li>
</ul>
<p><a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/273">#273</a>:
<a
href="https://redirect.github.com/chinedufn/swift-bridge/pull/273">chinedufn/swift-bridge#273</a></p>
<h2>0.1.54</h2>
<ul>
<li>Add support for bridging <code>Option&lt;SwiftType&gt;</code> in
Rust function arguments and returns. <a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/272">#272</a>
(thanks <a
href="https://github.com/Bright-Shard"><code>@​Bright-Shard</code></a>)
<pre lang="rust"><code>#[swift_bridge::bridge]
mod ffi {
    extern &quot;Swift&quot; {
        type SomeSwiftType;
    }
<pre><code>extern &amp;quot;Rust&amp;quot; {
    fn option_arg(arg: Option&amp;lt;SomeSwiftType&amp;gt;);
    fn returns_option() -&amp;gt; Option&amp;lt;SomeSwiftType&amp;gt;;
}
</code></pre>
<p>}
</code></pre></p>
</li>
</ul>
<p><a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/272">#272</a>:
<a
href="https://redirect.github.com/chinedufn/swift-bridge/pull/272">chinedufn/swift-bridge#272</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="87dbea3c28"><code>87dbea3</code></a>
Fix memory leak for <code>Option\&lt;SwiftType&gt;</code> (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/273">#273</a>)</li>
<li><a
href="b4ba1a72a6"><code>b4ba1a7</code></a>
Use explicit pointer casting</li>
<li><a
href="9d02d8f4e8"><code>9d02d8f</code></a>
0.1.54</li>
<li><a
href="636fa27748"><code>636fa27</code></a>
Support Option&lt;OpaqueSwiftType&gt; (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/272">#272</a>)</li>
<li><a
href="c3c950c908"><code>c3c950c</code></a>
Inline example code in book</li>
<li><a
href="75a1077f16"><code>75a1077</code></a>
Improve signature support docs (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/267">#267</a>)</li>
<li><a
href="7fc3d3ccca"><code>7fc3d3c</code></a>
Document the ToRustStr protocol (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/266">#266</a>)</li>
<li>See full diff in <a
href="https://github.com/chinedufn/swift-bridge/compare/0.1.53...0.1.55">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=swift-bridge&package-manager=cargo&previous-version=0.1.53&new-version=0.1.55)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-01 14:40:29 +00:00
dependabot[bot]
3625fa2b3d build(deps-dev): Bump typescript from 5.4.3 to 5.4.5 in /rust/gui-client (#4844) 
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.4.3
to 5.4.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Microsoft/TypeScript/releases">typescript's
releases</a>.</em></p>
<blockquote>
<h2>TypeScript 5.4.5</h2>
<p>For release notes, check out the <a
href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-4/">release
announcement</a>.</p>
<p>For the complete list of fixed issues, check out the</p>
<ul>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.4.0%22+is%3Aclosed+">fixed
issues query for Typescript 5.4.0 (Beta)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.4.1%22+is%3Aclosed+">fixed
issues query for Typescript 5.4.1 (RC)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.4.2%22+is%3Aclosed+">fixed
issues query for Typescript 5.4.2 (Stable)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.4.3%22+is%3Aclosed+">fixed
issues query for Typescript 5.4.3 (Stable)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.4.4%22+is%3Aclosed+">fixed
issues query for Typescript 5.4.4 (Stable)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.4.5%22+is%3Aclosed+">fixed
issues query for Typescript 5.4.5 (Stable)</a>.</li>
</ul>
<p>Downloads are available on:</p>
<ul>
<li><a
href="https://www.nuget.org/packages/Microsoft.TypeScript.MSBuild">NuGet
package</a></li>
</ul>
<h2>TypeScript 5.4.4</h2>
<p>For release notes, check out the <a
href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-4/">release
announcement</a>.</p>
<p>For the complete list of fixed issues, check out the</p>
<ul>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.4.0%22+is%3Aclosed+">fixed
issues query for Typescript 5.4.0 (Beta)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.4.1%22+is%3Aclosed+">fixed
issues query for Typescript 5.4.1 (RC)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.4.2%22+is%3Aclosed+">fixed
issues query for Typescript 5.4.2 (Stable)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.4.3%22+is%3Aclosed+">fixed
issues query for Typescript 5.4.3 (Stable)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.4.4%22+is%3Aclosed+">fixed
issues query for Typescript 5.4.4 (Stable)</a>.</li>
</ul>
<p>Downloads are available on:</p>
<ul>
<li><a
href="https://www.nuget.org/packages/Microsoft.TypeScript.MSBuild">NuGet
package</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="27bcd4cb5a"><code>27bcd4c</code></a>
Update LKG</li>
<li><a
href="9f33bf1cd5"><code>9f33bf1</code></a>
🤖 Pick PR <a
href="https://redirect.github.com/Microsoft/TypeScript/issues/58098">#58098</a>
(Fix constraints of nested homomorph...) into release-5.4 (#...</li>
<li><a
href="71b2f84741"><code>71b2f84</code></a>
Bump version to 5.4.5 and LKG</li>
<li><a
href="892936f4a1"><code>892936f</code></a>
🤖 Pick PR <a
href="https://redirect.github.com/Microsoft/TypeScript/issues/58083">#58083</a>
(Don't propagate partial union/inter...) into release-5.4 (#...</li>
<li><a
href="38a7c0587d"><code>38a7c05</code></a>
release-5.4: Always set node-version for setup-node (<a
href="https://redirect.github.com/Microsoft/TypeScript/issues/58117">#58117</a>)</li>
<li><a
href="b754fc3937"><code>b754fc3</code></a>
🤖 Pick PR <a
href="https://redirect.github.com/Microsoft/TypeScript/issues/57778">#57778</a>
(fix type import check for default-i...) into release-5.4 (#...</li>
<li><a
href="8eb3367164"><code>8eb3367</code></a>
Bump version to 5.4.4 and LKG</li>
<li><a
href="de9096b42b"><code>de9096b</code></a>
🤖 Pick PR <a
href="https://redirect.github.com/Microsoft/TypeScript/issues/57871">#57871</a>
(Divide-and-conquer strategy for int...) into release-5.4 (#...</li>
<li><a
href="06aae9839d"><code>06aae98</code></a>
🤖 Pick PR <a
href="https://redirect.github.com/Microsoft/TypeScript/issues/57973">#57973</a>
(Compare package.json paths with cor...) into release-5.4 (#...</li>
<li><a
href="6d8134e5af"><code>6d8134e</code></a>
🤖 Pick PR <a
href="https://redirect.github.com/Microsoft/TypeScript/issues/57637">#57637</a>
(Fixed a regression related to deter...) into release-5.4 (#...</li>
<li>Additional commits viewable in <a
href="https://github.com/Microsoft/TypeScript/compare/v5.4.3...v5.4.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript&package-manager=npm_and_yarn&previous-version=5.4.3&new-version=5.4.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-01 14:07:01 +00:00
Reactor Scram
be4053f4f5 refactor(gui-client/linux): use the same systemd service file in CI as in production (#4832) 
This will keep the files from going out of sync.

This PR also checks that the IPC service creates the IPC socket with
`root:firezone` as the owner and group, when running under systemd.
 2024-05-01 14:05:50 +00:00
dependabot[bot]
54fb64c6a7 build(deps-dev): Bump @types/node from 20.12.2 to 20.12.7 in /rust/gui-client (#4845) 
Bumps
[@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)
from 20.12.2 to 20.12.7.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/node&package-manager=npm_and_yarn&previous-version=20.12.2&new-version=20.12.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-01 14:01:03 +00:00
Jamil
4dc656c90a chore(ci): bump versions (#4840) 2024-04-30 16:31:20 -07:00
Gabi
52f1f841fd fix(connlib): remove ice candidate on invalidate candidate message (#4837) 2024-04-30 22:38:58 +00:00
Jamil
f322a4e11c revert: "fix(snownet): don't nominate discarded candidates" (#4838) 
Reverts firezone/firezone#4806

refs #4826
 2024-04-30 14:43:04 -07:00
Reactor Scram
9e2e7d2b6b chore(gui-client/linux): have systemd direct our connlib logs to /var/log/dev.firezone.client (#4823) 2024-04-29 22:37:51 +00:00
Jamil
b79ce96bc6 chore(website): Bump versions (#4821) 
- Bump versions to point to latest binaries
- Stage versions for next release
 2024-04-29 22:06:00 +00:00
Reactor Scram
dde62f887e chore(linux GUI): enable update notifications (#4820) 
Closes #4815 

<img width="402" alt="image"
src="https://github.com/firezone/firezone/assets/13400041/ff8f3b7a-f7b1-4cae-a3e4-1d1311054b69">

You can copy-paste the URL, which is better than nothing. We could also
put an update nag in the tray menu if we really wanted, it would be easy
to catch the click from that.
 2024-04-29 21:20:36 +00:00
Reactor Scram
d0155bc786 fix(windows-client): package name should be "Firezone" not "firezone-client-gui" (#4814) 
Closes #4813 

After PR, the installer, UAC dialog, and notifications all say
"Firezone" again

<img width="494" alt="image"
src="https://github.com/firezone/firezone/assets/13400041/69a4fe0b-78fa-4945-b17f-625e68ac09db">
 2024-04-29 17:34:25 +00:00
Reactor Scram
28423e92aa chore(gui-client): use new download links (#4754) 
ae67064121 works on the live site.

However if you click the notification while the tunnel is coming up,
there's a chance that the download will fail because Firezone isn't
fully up yet. Oops. That will probably only affect us since we have
github.com as a resource. If real customers are okay with their Firezone
updates coming through normal Internet it'll probably be fine.

---------

Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
 2024-04-29 17:21:18 +00:00
Reactor Scram
9cf72f2e3f chore(gui-client/linux): fix notifications (#4803) 
The clickable "Firezone 1.x is ready to download" notification still
isn't there. Tauri doesn't seem to have cross-platform clickable
notifications.
 2024-04-29 14:32:31 +00:00
dependabot[bot]
c20ff5add6 build(deps): Bump tracing-panic from 0.1.1 to 0.1.2 in /rust (#4811) 
Bumps [tracing-panic](https://github.com/LukeMathWalker/tracing-panic)
from 0.1.1 to 0.1.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/LukeMathWalker/tracing-panic/blob/main/CHANGELOG.md">tracing-panic's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a
href="https://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>,
and this project adheres to <a
href="https://semver.org/spec/v2.0.0.html">Semantic Versioning</a>.</p>
<h2>[Unreleased]</h2>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e27729b9d7"><code>e27729b</code></a>
chore: Release tracing-panic version 0.1.2</li>
<li><a
href="dc8b3bc3b6"><code>dc8b3bc</code></a>
Update docs</li>
<li><a
href="678ac5ca39"><code>678ac5c</code></a>
Add backtrace to panic log entry, make it opt-out (<a
href="https://redirect.github.com/LukeMathWalker/tracing-panic/issues/4">#4</a>)</li>
<li>See full diff in <a
href="https://github.com/LukeMathWalker/tracing-panic/compare/v0.1.1...v0.1.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-panic&package-manager=cargo&previous-version=0.1.1&new-version=0.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-29 14:21:59 +00:00
dependabot[bot]
bca71fbb0a build(deps): Bump tauri from 1.6.1 to 1.6.2 in /rust (#4809) 
Bumps [tauri](https://github.com/tauri-apps/tauri) from 1.6.1 to 1.6.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri's
releases</a>.</em></p>
<blockquote>
<h2>tauri v1.6.2</h2>
<p>Updating crates.io index</p>
<!-- raw HTML omitted -->
<pre><code>Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 621 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (577 crate dependencies)
Crate:     atty
Version:   0.2.14
Warning:   unsound
Title:     Potential unaligned read
Date:      2021-07-04
ID:        RUSTSEC-2021-0145
URL:       https://rustsec.org/advisories/RUSTSEC-2021-0145
Dependency tree:
atty 0.2.14
└── clap 3.2.25
    └── tauri 1.6.2
        ├── tauri 1.6.2
        ├── restart 0.1.0
        └── app-updater 0.1.0
<p>warning: 1 allowed warning found
</code></pre></p>
<!-- raw HTML omitted -->
<h2>[1.6.2]</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="e3b6d38d26"><code>e3b6d38d2</code></a>(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9166">#9166</a>)
Fix <code>basename(path, 'ext')</code> JS API when removing all
occurances of <code>ext</code> where it should only remove the last
one.</li>
<li><a
href="705da977a9"><code>705da977a</code></a>(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9529">#9529</a>)
Do not use JS optional chaining to prevent script errors on older
webviews such as macOS 10.14.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>Updating crates.io index
   Packaging tauri v1.6.2 (/home/runner/work/tauri/tauri/core/tauri)
    Updating crates.io index
   Verifying tauri v1.6.2 (/home/runner/work/tauri/tauri/core/tauri)
 Downloading crates ...
  Downloaded alloc-stdlib v0.2.2
  Downloaded cairo-sys-rs v0.15.1
  Downloaded atk-sys v0.15.1
  Downloaded cairo-rs v0.15.12
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="caddd5bdd8"><code>caddd5b</code></a>
Apply Version Updates From Current Changes (v1) (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9544">#9544</a>)</li>
<li><a
href="72c2636527"><code>72c2636</code></a>
chore(ci): fix MSRV downgrade (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9543">#9543</a>)</li>
<li><a
href="83e024c670"><code>83e024c</code></a>
chore(ci): downgrade home crate (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9542">#9542</a>)</li>
<li><a
href="07c9e352df"><code>07c9e35</code></a>
fix(ci): downgrade cc crate for MSRV compatibility (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9541">#9541</a>)</li>
<li><a
href="d00178d60c"><code>d00178d</code></a>
ci: Fix package downgrades in covector workflow (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9538">#9538</a>)</li>
<li><a
href="705da977a9"><code>705da97</code></a>
fix: optional chaining is not supported on older webviews (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9529">#9529</a>)</li>
<li><a
href="1675e41f05"><code>1675e41</code></a>
fix(bundler): don't convert product name to snake case when cross
compiling (...</li>
<li><a
href="f9638b6315"><code>f9638b6</code></a>
fix(cli): append extension to app binary manually on rename (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9491">#9491</a>)</li>
<li><a
href="aeddc40b9e"><code>aeddc40</code></a>
fix(cli/info): fix crash when checking node version (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9411">#9411</a>)</li>
<li><a
href="fe6f81fa88"><code>fe6f81f</code></a>
chore: fix clippy false positive (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9329">#9329</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-v1.6.1...tauri-v1.6.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tauri&package-manager=cargo&previous-version=1.6.1&new-version=1.6.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-29 14:16:13 +00:00
Thomas Eizinger
e35ff07c6c fix(snownet): don't nominate discarded candidates (#4806) 
When candidates are being invalidated in str0m, they internally set a
`discarded` flag. This flag was not considered when a candidate that was
previously discarded was added again. This can happen when a client
roams back to their old network, i.e. going from Ethernet to WiFi and
back.

In that case, str0m would still form new pairs using the old discarded
candidate which would also eventually get nominated as part of a pair.
This would lead to a panic in snownet when we try to find the nominated
local candidate as we filter by non-discarded candidates there.

Related: https://github.com/algesten/str0m/pull/508.
Resolves: #4736.

Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
 2024-04-29 00:55:12 +00:00
Reactor Scram
2314b3a128 chore(gui-client/linux): fix DNS (#4802) 
Make the GUI use systemd-resolved to retrieve the system's resolvers.
This allows the IPC service to set up sentinels for those resolvers and
control the system's DNS.

Closes #3812
 2024-04-26 23:28:47 +00:00
Reactor Scram
b93e8870c3 refactor(linux-client): package systemd unit for IPC service (#4752) 
This aligns some of the internal names with #4531, but it shouldn't
break the externally-visible things like package names or permalinks.

---------

Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
 2024-04-26 23:07:02 +00:00
Gabi
a4d4b4fbfc chore(connlib): make peer pure by taking utc time from parameters (#4773) 
This came up while working on #2030 and thinking about testing `Peer`.

Not entirely convinced of taking both `Instant` and `DateTime<Utc>` but
unless we convert the expiration to an instant, which would bring a
bunch of new problems, I don't see another way to do this.
 2024-04-26 21:05:38 +00:00
Reactor Scram
0e4ec7e75c chore(gui-client): enable keyring for Linux (#4799) 
```[tasklist]
- [ ] Maybe change that "dev.firezone.client/token" name to something friendlier
```


![image](https://github.com/firezone/firezone/assets/13400041/2630e447-4223-4cf5-8ada-47091a5907db)

But it does work, survives reboots as expected, etc.
I can't test it easily in CI, I just disabled the keyring test for now.
It works manually, and the keyring-rs crate seems pretty stable, and our
use of it hasn't changed in a couple months at least.
 2024-04-26 20:12:41 +00:00
Reactor Scram
c8d989a34d chore(gui-client): proof of concept for process splitting (#4788) 
Closes #4270

Refs #3713 
Refs #3782 

It sort-of works, but many features are missing and it needs a refactor.

```[tasklist]
- [ ] Break `imp_linux.rs` into modules
- [ ] Get rid of `try_send` and panics where possible
```

---------

Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
 2024-04-26 19:58:12 +00:00
Jamil
52e8138644 refactor: Remove multiqueue flag for tun on Linux (#4798) 
We aren't using this.
 2024-04-26 18:41:23 +00:00
dependabot[bot]
d8c882690f build(deps): Bump serde_json from 1.0.115 to 1.0.116 in /rust (#4731) 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.115 to
1.0.116.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/json/releases">serde_json's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.116</h2>
<ul>
<li>Make module structure comprehensible to static analysis (<a
href="https://redirect.github.com/serde-rs/json/issues/1124">#1124</a>,
thanks <a
href="https://github.com/mleonhard"><code>@​mleonhard</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a3f62bb10e"><code>a3f62bb</code></a>
Release 1.0.116</li>
<li><a
href="12c8ee0ce6"><code>12c8ee0</code></a>
Hide &quot;non-exhaustive patterns&quot; errors when crate fails to
compile</li>
<li><a
href="051ce970fe"><code>051ce97</code></a>
Merge pull request 1124 from mleonhard/master</li>
<li><a
href="25dc75050a"><code>25dc750</code></a>
Replace <code>features_check</code> mod with a call to
<code>std::compile_error!</code>. Fixes htt...</li>
<li><a
href="2e15e3d7d5"><code>2e15e3d</code></a>
Revert &quot;Temporarily disable miri on doctests&quot;</li>
<li><a
href="0baba28775"><code>0baba28</code></a>
Resolve legacy_numeric_constants clippy lints</li>
<li>See full diff in <a
href="https://github.com/serde-rs/json/compare/v1.0.115...v1.0.116">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.115&new-version=1.0.116)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
 2024-04-26 17:12:46 +00:00
dependabot[bot]
5034919c5f build(deps): Bump async-trait from 0.1.79 to 0.1.80 in /rust (#4732) 
Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.79
to 0.1.80.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/async-trait/releases">async-trait's
releases</a>.</em></p>
<blockquote>
<h2>0.1.80</h2>
<ul>
<li>Fix unreachable code warning for async functions that return
<code>!</code> (<a
href="https://redirect.github.com/dtolnay/async-trait/issues/265">#265</a>,
thanks <a
href="https://github.com/de-vri-es"><code>@​de-vri-es</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d528b5a816"><code>d528b5a</code></a>
Release 0.1.80</li>
<li><a
href="10b5c9951a"><code>10b5c99</code></a>
Drop support for compilers older than 1.47</li>
<li><a
href="83a542268d"><code>83a5422</code></a>
Drop support for compilers older than 1.45</li>
<li><a
href="22d017e941"><code>22d017e</code></a>
Build script no longer looks at $DOCS_RS</li>
<li><a
href="b64d041c65"><code>b64d041</code></a>
Move never_type test under issue266</li>
<li><a
href="b683da826e"><code>b683da8</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/async-trait/issues/265">#265</a>
from de-vri-es/fix-unreachable-code-warning</li>
<li><a
href="c8d958dfde"><code>c8d958d</code></a>
Fix unreachable code warning for functions that return
<code>!</code></li>
<li><a
href="4f0b72eb84"><code>4f0b72e</code></a>
Explicitly install a Rust toolchain for cargo-outdated job</li>
<li>See full diff in <a
href="https://github.com/dtolnay/async-trait/compare/0.1.79...0.1.80">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=async-trait&package-manager=cargo&previous-version=0.1.79&new-version=0.1.80)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
 2024-04-26 17:12:23 +00:00
Reactor Scram
bc940784bd refactor(linux-client): remove FIREZONE_ID from example systemd file (#4714) 
For tests it doesn't hurt, but this will be used as a template for the
systemd service we ship to production, and that can't have the ID there.

So I'm also cleaning up a few other problems I noticed:
- I wanted to split the service files as part of #4531, so that the GUI
Client and headless Client can have separate sandbox rules. e.g, the
headless Client won't be allowed to create Unix domain sockets
- I'm punting more things to systemd, which allows us to tighten down
the sandbox further, e.g. creating `/var/lib/dev.firezone.client` and
`/run/dev.firezone.client` for us
- Closes #4461

---------

Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
 2024-04-25 23:08:06 +00:00