This PR fixes two crashes related to lifetimes on Apple:
- `completionHandler` was being called from within a Task executor
context, which could be different from the one the IPC call was received
on
- The `getLogFolderSize` task could return and attempt to call
`completionHandler` after the PacketTunnelProvider deinit'd
- We were calling the completionHandler from `stopTunnel` manually.
Apple explicitly says not to do this. Instead, we must call
`cancelTunnelWithError(nil)` when we want to stop the tunnel from e.g.
the `onDisconnect`. Apple with then call our `stopTunnel` override. The
downside is that we have no control over the `NEProviderStopReason`
received in this callback, but we don't use it anyway. Instead, we write
the reason to a temporary file and read it from the GUI process when we
detect a status change to `disconnected`. When that occurs, we're able
to show a UI notification (macOS only - iOS can show this notification
from the PacketTunnelProvider itself).
Bumps [framer-motion](https://github.com/motiondivision/motion) from
12.9.4 to 12.14.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/motiondivision/motion/blob/main/CHANGELOG.md">framer-motion's
changelog</a>.</em></p>
<blockquote>
<h2>[12.14.0] 2025-05-26</h2>
<h3>Added</h3>
<ul>
<li>Support for <code>originX</code>/<code>Y</code>/<code>Z</code> in
<code>styleEffect</code>.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Added markers for pure function calls with effects.</li>
</ul>
<h2>[12.13.0] 2025-05-26</h2>
<h3>Added</h3>
<ul>
<li><code>svgEffect</code>, <code>propEffect</code> and
<code>attrEffect</code>.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fixed a jump in layout animations in select circumstances.</li>
</ul>
<h2>[12.12.2] 2025-05-23</h2>
<h3>Fixed</h3>
<ul>
<li>Ensure scroll updates are only triggered after a scroll read.</li>
</ul>
<h2>[12.12.1] 2025-05-16</h2>
<h3>Fixed</h3>
<ul>
<li>Checks for <code>instanceof HTMLElement</code> made compatible with
dynamically generated <code>iframe</code>s.</li>
</ul>
<h2>[12.12.0] 2025-05-16</h2>
<h3>Added</h3>
<ul>
<li><code>springValue</code></li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fixed various typos in the type definitions along with a stale
documentation link.</li>
</ul>
<h2>[12.11.4] 2025-05-15</h2>
<h3>Fixed</h3>
<ul>
<li>Only read <code>transform</code> from the DOM for initial
independent transforms when there's no active projection.</li>
</ul>
<h2>[12.11.3] 2025-05-14</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f0d5139625"><code>f0d5139</code></a>
v12.14.0</li>
<li><a
href="4bb70f3e24"><code>4bb70f3</code></a>
Updating changelog</li>
<li><a
href="a463a27d1b"><code>a463a27</code></a>
Merge pull request <a
href="https://redirect.github.com/motiondivision/motion/issues/3230">#3230</a>
from motiondivision/feature/transform-origin-effect</li>
<li><a
href="96578cd24f"><code>96578cd</code></a>
Latest</li>
<li><a
href="ee0e0dfcc2"><code>ee0e0df</code></a>
Adding support for transform-origin</li>
<li><a
href="6aa294fb70"><code>6aa294f</code></a>
v12.13.0</li>
<li><a
href="d6ce30707b"><code>d6ce307</code></a>
Updated changelog</li>
<li><a
href="d70b94ce55"><code>d70b94c</code></a>
Merge pull request <a
href="https://redirect.github.com/motiondivision/motion/issues/3223">#3223</a>
from rick-hup/fix/layout-jump</li>
<li><a
href="009d4f1497"><code>009d4f1</code></a>
Merge pull request <a
href="https://redirect.github.com/motiondivision/motion/issues/3229">#3229</a>
from motiondivision/feature/effects</li>
<li><a
href="e2725e99d9"><code>e2725e9</code></a>
Updating effect tests</li>
<li>Additional commits viewable in <a
href="https://github.com/motiondivision/motion/compare/v12.9.4...v12.14.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [mixpanel-browser](https://github.com/mixpanel/mixpanel-js) and
[@types/mixpanel-browser](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mixpanel-browser).
These dependencies needed to be updated together.
Updates `mixpanel-browser` from 2.64.0 to 2.65.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mixpanel/mixpanel-js/releases">mixpanel-browser's
releases</a>.</em></p>
<blockquote>
<h2>Updates to revenue, session recording, autocapture, etc</h2>
<p>This release packages up changes and improvements to several
subsystems:</p>
<ul>
<li>The long-deprecated <code>mixpanel.people.track_charge()</code>
method now only prints a console error and no longer sets a profile
property or produces any other change. The old version of Mixpanel's
Revenue analysis UI has been replaced by a newer suite of analysis tools
which don't depend on profile properties (see <a
href="https://docs.mixpanel.com/docs/features/revenue_analytics">https://docs.mixpanel.com/docs/features/revenue_analytics</a>).</li>
<li>Autocapture click tracking properties now include page height and
width.</li>
<li>Session recording now stops when <code>mixpanel.reset()</code> is
called.</li>
<li>New init option<code>api_extra_query_params</code> adds support for
appending arbitrary query string params to tracking requests (useful for
non-standard proxy setups)</li>
<li>The API of the Feature Flagging system (under development) has been
revised</li>
<li>Whale Browser is now detected automatically</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mixpanel/mixpanel-js/blob/master/CHANGELOG.md">mixpanel-browser's
changelog</a>.</em></p>
<blockquote>
<p><strong>2.65.0</strong> (20 May 2025)</p>
<ul>
<li><code>mixpanel.people.track_charge()</code> (deprecated) no longer
sets profile property</li>
<li>Adds page height and width tracking to autocapture click
tracking</li>
<li>Session recording now stops when mixpanel.reset() is called</li>
<li>Support for adding arbitrary query string params to tracking
requests (thanks <a
href="https://github.com/dylan-asos"><code>@dylan-asos</code></a>)</li>
<li>Feature flagging API revisions</li>
<li>Whale Browser detection</li>
</ul>
<p><strong>2.64.0</strong> (15 Apr 2025)</p>
<ul>
<li>Add <code>record_heatmap_data</code> init option for Session
Recording to ensure click events are captured for Heat Maps</li>
<li>Initial support for feature flagging</li>
</ul>
<p><strong>2.63.0</strong> (1 Apr 2025)</p>
<ul>
<li>Update rrweb to latest alpha version</li>
<li>Refactor SDK build process to rely mainly on Rollup</li>
</ul>
<p><strong>2.62.0</strong> (26 Mar 2025)</p>
<ul>
<li>Replace UUID generator with UUIDv4 (using native API when
available)</li>
<li>Consistently use native JSON serialization when available</li>
<li>Fix for session recording idle timeout race condition</li>
</ul>
<p><strong>2.61.2</strong> (14 Mar 2025)</p>
<ul>
<li>Revert 10ms throttle on enqueueing events to improve tracking
reliability on page unload</li>
</ul>
<p><strong>2.61.1</strong> (11 Mar 2025)</p>
<ul>
<li>Session recording stops if initial DOM snapshot fails</li>
<li>Errors triggered by rrweb's record function are now caught</li>
<li>Fix for issue causing opt-out check error messages in
<code>debug</code> mode</li>
</ul>
<p><strong>2.61.0</strong> (6 Mar 2025)</p>
<ul>
<li>Session recordings now continue across page loads within the same
tab, using IndexedDB for persistence</li>
</ul>
<p><strong>2.60.0</strong> (31 Jan 2025)</p>
<ul>
<li>Expanded Autocapture configs</li>
<li>Prevent duplicate values in persistence when using people.union
(thanks <a
href="https://github.com/chrisdeely"><code>@chrisdeely</code></a>)</li>
</ul>
<p><strong>2.59.0</strong> (21 Jan 2025)</p>
<ul>
<li>Initial Autocapture support</li>
<li>Block more crawlers (AmazonBot, more Yandex bots)</li>
</ul>
<p><strong>2.58.0</strong> (16 Dec 2024)</p>
<ul>
<li>Added canvas recording option</li>
<li>Session Replay checkpoint events now include a starting URL</li>
</ul>
<p><strong>2.57.1</strong> (12 Dec 2024)</p>
<ul>
<li>Asynchronous abstractions (primarily Promise support) introduced in
internal refactor of batch/queue/retry system</li>
</ul>
<p><strong>2.57.0</strong> (Dec 2024)
REDACTED</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bb9a0053b8"><code>bb9a005</code></a>
2.65.0</li>
<li><a
href="409a7aae9e"><code>409a7aa</code></a>
changelog for 2.65.0</li>
<li><a
href="b8ed533587"><code>b8ed533</code></a>
rebuild 2.65.0</li>
<li><a
href="2538584c46"><code>2538584</code></a>
lint fix</li>
<li><a
href="6fda746356"><code>6fda746</code></a>
rebuild 2.65.0-rc1</li>
<li><a
href="13348c6d78"><code>13348c6</code></a>
try to work around global recorder object test issue</li>
<li><a
href="340e9cf921"><code>340e9cf</code></a>
make track_charge a NOOP</li>
<li><a
href="7d9d3a5e91"><code>7d9d3a5</code></a>
fix tests</li>
<li><a
href="37c1f3de1b"><code>37c1f3d</code></a>
add back get_feature_data temporarily</li>
<li><a
href="0c3ab8bd73"><code>0c3ab8b</code></a>
[Session Replay] Stop session recording when SDK calls reset()</li>
<li>Additional commits viewable in <a
href="https://github.com/mixpanel/mixpanel-js/compare/v2.64.0...v2.65.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `@types/mixpanel-browser` from 2.54.0 to 2.60.0
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/mixpanel-browser">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This PR adds the equivalent MDM configuration that we already have for
MacOS & iOS for the GUI client on Windows. These options are retrieved
from the Windows registry when the Client is started. Specifically, the
key for these is: `HKEY_CURRENT_USER\Software\Policies\Firezone`.
At moment, these cannot be configured or seen by the user. They are also
not "watched" for whilst the Client is running. If an admin pushes a new
MDM configuration, the Client will have to be restarted in order for
that new config to take effect.
Windows Policy templates are structured into two files:
- An `.admx` file that defines the structure of the policy, like the
kinds of values it has, where it is stored, which versions it is
supported on and which category it belongs to.
- An `.adml` file that defines defines all strings and presentation
logic, like the actual text of the policies and how the values are
presented in the GUI in e.g. Intune.
Internally, we differentiate between `MdmSettings` and
`AdvancedSettings`. The `MdmSettings` are cross-platform, however on
Linux, we always fallback to the defaults and therefore, they are always
"unset". Eventually, it might make sense to wrap both of these into a
more general `Settings` struct that acts as as a proxy for the two.
Related: #4505
When pulling IPs from system resolvers, it's possible the IPv6 addresses
may contain scopes which will cause connlib to barf when parsing.
To fix these, we first convert to the Swift-native type `IPv4Address` or
`IPv6Address` and then use the string representation of those types,
which normalizes them to plain addresses.
Fixes#9055
Having defaults in here is confusing, because they are actually all
unset by default which means the user settings won't be overridden.
This is the final version submitted at
https://github.com/profilemanifests/profilemanifests
The GUI client currently has a bug that resets the favourites and the
status of the Internet Resource every time the advanced settings are
saved. This happens because those fields are annotated with
`#[serde(default)]` and are thus initialised to their default value when
the struct is deserialised from the frontend.
To mitigate this, we introduce a new `GeneralSettings` struct that holds
the status of the Internet Resource and the list of favourites. When a
client starts up, it will try to migrate the existing advanced settings
into the new split of general and advanced settings.
On macOS, we need to use `mobileconfig` files to configure the client.
These are cumbersome to generate by hand and so a number of popular
tools exist to aid in generating these.
One of the more popular options is [iMazing Profile
Editor](https://imazing.com/profile-editor), which maintains a
[repository](https://github.com/ProfileManifests/ProfileManifests) of
popular "Profile Manifests" for various enterprise-managed applications
on Apple.
In addition to opening the PR for the Firezone client in this repo,
we'll want to open one there too so we can be added to the in-app list
of support applications to generate `mobileconfig` files for.
Tauri's `deb` and `rpm` bundler have support for configuring maintainer
scripts. We can therefore just use those instead of tearing apart the
`deb` file that it creates and rebuilding it ourselves.
Our `rpm` packaging is currently completely broken as well. I couldn't
get it to work on CentOS 9 at all due to missing dependencies, likely
introduced by our move to Tauri v2. It installs fine on CentOS 10
though, assuming that the user has the EPEL repository installed which
provides the WebView dependency. I extended the docs to reflect this.
Hence, with this PR, we drop support for CentOS 9 and now require CentOS
10. This allows us to remove a lot of cruft from our bundling process
and instead entirely rely on the Tauri provided bundler.
Lastly, for consistency with other platforms, the name of the
application in places like app drawers has been changed from "Firezone
Client" to just "Firezone".
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
The name IPC service is not very descriptive. By nature of being
separate processes, we need to use IPC to communicate between them. The
important thing is that the service process has control over the tunnel.
Therefore, we rename everything to "Tunnel service".
The only part that is not changed are historic changelog entries.
Resolves: #9048
Currently, one machines that have multiple routable egress interfaces,
`connlib` may bounce between the two instead of settling on one. This
happens because we have a dedicated `CandidateSet` that we use to filter
out "duplicate" candidates of the same type. Doing that is important
because if the other party is behind a symmetric NAT, they will send us
many server-reflexive candidates that all only differ by their port,
none of them will actually be routable though.
To prevent sending many of these candidates to the remote, we first
gather them locally in our `CandidateSet` and de-duplicate them.
This link repeatedly returns a 403 in our CI link checker, despite being
available.
Fixes: #9140Fixes: #9120
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Now that configuration is persisted in a more reasonable fashion, we can
expose a new `General` section to the Settings, allowing the user to
configure an account slug.
This field will automatically be populated upon the first sign in, so
that subsequent sign-ins will take the user directly to the account sign
in page.
Fixes#5119
Related #8919
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
As part of going through the changes since the last Client and Gateway
relies, I noticed that for several of the things we fixed, it might be
worth adding changelog entries.
As part of launching the Tauri GUI client, we need to observe a specific
initialisation order. In particular, we need to wait until Tauri sends
us a `RunEvent::Ready` before we can initialise things like the tray
menu.
To make this more convenient, Tauri offers a so-called "setup hook" that
can be set on the app builder. Unfortunately, Tauri internally panics if
this provided setup-hook returns an `Err`. Removing this is tracked
upstream: https://github.com/tauri-apps/tauri/issues/12815.
Until this is fixed, we stop using this "setup hook" and instead spawn
our own task that performs this work. This task needs to wait until
Tauri is ready. To achieve that, we introduce an additional mpsc channel
that sends a notification every time we receive a `RunEvent::Ready`.
That should only happen once. We only read from the receiver once, which
is why we ignore the error on the sending side in case the receiver has
already been dropped.
Resolves: #9101
Currently, the Gateway reads all nameservers from `/etc/resolv.conf` on
startup and evaluates the fastest one to use for SRV and TXT DNS queries
that are forwarded by the Client. If the machine just booted and we do
not have Internet connectivity just yet, this fails which leaves the
Gateway in state where it cannot fulfill those queries.
In order to ensure we always use the fastest one and to self-heal from
such situations, we add a 60s timer that refreshes this state.
Currently, this will **not** re-read the nameservers from
`/etc/resolv.conf` but still use the same IPs read on startup.
When the Gateway is handed an IP packet for a DNS resource that it
cannot route, it sends back an ICMP unreachable error. According to RFC
792 [0] (for ICMPv4) and RFC 4443 [1] (for ICMPv6), parts of the
original packet should be included in the ICMP error payload to allow
the sending party to correlate, what could not be sent.
For ICMPv4, the RFC says:
```
Internet Header + 64 bits of Data Datagram
The internet header plus the first 64 bits of the original
datagram's data. This data is used by the host to match the
message to the appropriate process. If a higher level protocol
uses port numbers, they are assumed to be in the first 64 data
bits of the original datagram's data.
```
For ICMPv6, the RFC says:
```
As much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPv6 MTU
```
[0]: https://datatracker.ietf.org/doc/html/rfc792
[1]: https://datatracker.ietf.org/doc/html/rfc4443#section-3.1
Presently, the network change detection on Windows is very naive and
simply emits a change event everytime _anything_ changes. We can
optimise this and therefore improve the start-up time of Firezone by:
- Filtering out duplicate events
- Filtering out network change events for our own network adapter
This reduces the number of network change events to 1 during startup. As
far as I can tell from the code comments in this area, we explicitly
send this one to ensure we don't run into a race condition whilst we are
starting up.
Resolves: #8905
ECN information is helpful to allow the congestion controllers to more
easily fine-tune their send and receive windows. When a Firezone Client
receives an IP packet where the ECN bits signal an ECN capable
transport, we mirror this bit on the UDP datagram that carries the
encrypted IP packet.
When receiving a datagram with ECN bits set, the Gateway will then apply
these bits to the decrypted IP packet and pass it along towards its
destination.
This implementation is unfortunately a bit too naive. Not all devices on
the Internet support ECN and therefore, we may receive a datagram that
has its ECN bits cleared when the ECN bits on the inner IP packet still
signal an ECN capable transport. In this case, we should _not_ override
the ECN bits and instead pass the IP packet along as is. Network devices
along the path between Gateway and Resource may still use these ECN bits
to signal congestion.
We fix this by making the `with_ecn` function on `IpPacket` private. It
is not meant to be used outside of the module. We supersede it with a
`with_ecn_from_transport` function that implements the above logic.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Bumps [framer-motion](https://github.com/motiondivision/motion) from
12.7.4 to 12.9.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/motiondivision/motion/blob/main/CHANGELOG.md">framer-motion's
changelog</a>.</em></p>
<blockquote>
<h2>[12.9.4] 2025-05-01</h2>
<h3>Fixed</h3>
<ul>
<li>Remove version check for <code>MotionValue</code>.</li>
</ul>
<h2>[12.9.3] 2025-05-01</h2>
<h3>Fixed</h3>
<ul>
<li>Fixed memory leak when unmounting <code>motion</code>
components.</li>
</ul>
<h2>[12.9.2] 2025-04-25</h2>
<h3>Fixed</h3>
<ul>
<li>Fixed scroll timeline cache when defining <code>offset</code>.</li>
<li>Detect when page scroll is attached to <code>document.body</code>
and use this instead of <code>document.documentElement</code>.</li>
</ul>
<h2>[12.9.1] 2025-04-24</h2>
<h3>Fixed</h3>
<ul>
<li>Restarting a finished main thread animation with a negative
<code>.speed</code> now works as expected.</li>
</ul>
<h2>[12.9.0] 2025-04-24</h2>
<h3>Added</h3>
<ul>
<li><code>styleEffect</code></li>
</ul>
<h2>[12.8.3] 2025-04-24</h2>
<h3>Changed</h3>
<ul>
<li>Animating a <code>MotionValue</code> to its current value will skip
creating the animation.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Ensure <code>.then()</code> fires when <code>.stop()</code> or
<code>.cancel()</code> are called. This is undesired but reverts the
behaviour to before <code>12.7.5</code>.</li>
</ul>
<h2>[12.8.2] 2025-04-24</h2>
<h3>Changed</h3>
<ul>
<li>Unifying <code>transform</code> behaviour for SVG and CSS switched
from element measurements for <code>transform-box: fill-box</code>.</li>
</ul>
<h2>[12.8.1] 2025-04-23</h2>
<h3>Fixed</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3edb39e9d4"><code>3edb39e</code></a>
v12.9.4</li>
<li><a
href="4efee1e8b8"><code>4efee1e</code></a>
Removing version check for motion values</li>
<li><a
href="0b38e02fad"><code>0b38e02</code></a>
v12.9.3</li>
<li><a
href="3d2c631d90"><code>3d2c631</code></a>
Updating changelog</li>
<li><a
href="5e7d5b5db3"><code>5e7d5b5</code></a>
Merge pull request <a
href="https://redirect.github.com/motiondivision/motion/issues/3178">#3178</a>
from motiondivision/fix/release-visual-element</li>
<li><a
href="3eb2de69e4"><code>3eb2de6</code></a>
Fixing memory leak</li>
<li><a
href="0de2c3e9ba"><code>0de2c3e</code></a>
Updating</li>
<li><a
href="02fcf86f80"><code>02fcf86</code></a>
Updating changelog</li>
<li><a
href="af6e9feffd"><code>af6e9fe</code></a>
Updating default scroll element</li>
<li><a
href="15befa76f6"><code>15befa7</code></a>
Updating funding address</li>
<li>Additional commits viewable in <a
href="https://github.com/motiondivision/motion/compare/v12.7.4...v12.9.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser)
from 5.2.0 to 5.2.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md">fast-xml-parser's
changelog</a>.</em></p>
<blockquote>
<p><!-- raw HTML omitted -->Note: If you find missing information about
particular minor version, that version must have been changed without
any functional change in this library.<!-- raw HTML omitted --></p>
<p><strong>5.2.1 / 2025-04-22</strong></p>
<ul>
<li>fix: read DOCTYPE entity value correctly</li>
<li>read DOCTYPE NOTATION, ELEMENT exp but not using read values</li>
</ul>
<p><strong>5.2.0 / 2025-04-03</strong></p>
<ul>
<li>feat: support metadata on nodes (<a
href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/593">#593</a>)
(By <a href="https://github.com/srl295">Steven R. Loomis</a>)</li>
</ul>
<p><strong>5.1.0 / 2025-04-02</strong></p>
<ul>
<li>feat: declare package as side-effect free (<a
href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/738">#738</a>)
(By <a href="https://github.com/tbouffard">Thomas Bouffard</a>)</li>
<li>fix cjs build mode</li>
<li>fix builder return type to string</li>
<li></li>
</ul>
<p><strong>5.0.9 / 2025-03-14</strong></p>
<ul>
<li>fix: support numeric entities with values over 0xFFFF (<a
href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/726">#726</a>)
(By <a href="https://github.com/mcdurdin">Marc Durdin</a>)</li>
<li>fix: update strnum to fix parsing 0 if skiplike option is used</li>
</ul>
<p><strong>5.0.8 / 2025-02-27</strong></p>
<ul>
<li>fix parsing 0 if skiplike option is used.
<ul>
<li>updating strnum dependency</li>
</ul>
</li>
</ul>
<p><strong>5.0.7 / 2025-02-25</strong></p>
<ul>
<li>fix (<a
href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/724">#724</a>)
typings for cjs.</li>
</ul>
<p><strong>5.0.6 / 2025-02-20</strong></p>
<ul>
<li>fix cli output (By <a href="https://github.com/angeld7">Angel
Delgado</a>)
<ul>
<li>remove multiple JSON parsing</li>
</ul>
</li>
</ul>
<p><strong>5.0.5 / 2025-02-20</strong></p>
<ul>
<li>fix parsing of string starting with 'e' or 'E' by updating
strnum</li>
</ul>
<p><strong>5.0.4 / 2025-02-20</strong></p>
<ul>
<li>fix CLI to support all the versions of node js when displaying
library version.</li>
<li>fix CJS import in v5
<ul>
<li>by fixing webpack config</li>
</ul>
</li>
</ul>
<p><strong>5.0.3 / 2025-02-20</strong></p>
<ul>
<li>Using strnum ESM module
<ul>
<li>new fixes in strum may break your experience</li>
</ul>
</li>
</ul>
<p><strong>5.0.2 / 2025-02-20</strong></p>
<ul>
<li>fix: include CommonJS resources in the npm package <a
href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/714">#714</a>
(By <a href="https://github.com/tbouffard">Thomas Bouffard</a>)</li>
<li>fix: move babel deps to dev deps</li>
</ul>
<p><strong>5.0.1 / 2025-02-19</strong></p>
<ul>
<li>fix syntax error for CLI command</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="62365df401"><code>62365df</code></a>
update docs and package info</li>
<li><a
href="0c0b3673bf"><code>0c0b367</code></a>
feat: read DOCTYPE ELEMENT exp</li>
<li><a
href="38d023473f"><code>38d0234</code></a>
refactored code of DOCTYPE</li>
<li><a
href="7c6cba497c"><code>7c6cba4</code></a>
feat read DOCTYPE NOTATION exp</li>
<li><a
href="7589705052"><code>7589705</code></a>
fix: DOCTYPE entity value should be read correctly</li>
<li><a
href="02eb4a7539"><code>02eb4a7</code></a>
Update SECURITY.md</li>
<li><a
href="bfeb50432e"><code>bfeb504</code></a>
fix typo in CHANGELOG.md (<a
href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/743">#743</a>)</li>
<li>See full diff in <a
href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.2.0...v5.2.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)
from 22.14.0 to 22.15.3.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [rehype-highlight](https://github.com/rehypejs/rehype-highlight)
from 7.0.1 to 7.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rehypejs/rehype-highlight/releases">rehype-highlight's
releases</a>.</em></p>
<blockquote>
<h2>7.0.2</h2>
<h4>Fix</h4>
<ul>
<li>5c3b277 Fix multiple <code>code</code>s in a <code>pre</code></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/rehypejs/rehype-highlight/compare/7.0.1...7.0.2">https://github.com/rehypejs/rehype-highlight/compare/7.0.1...7.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="86a5e9b1a5"><code>86a5e9b</code></a>
7.0.2</li>
<li><a
href="ff5d9df3ca"><code>ff5d9df</code></a>
Refactor tests</li>
<li><a
href="5c3b27763d"><code>5c3b277</code></a>
Fix multiple <code>code</code>s in a <code>pre</code></li>
<li><a
href="093fed2853"><code>093fed2</code></a>
Refactor example</li>
<li><a
href="62755288fa"><code>6275528</code></a>
Refactor <code>package.json</code></li>
<li><a
href="6a63f71624"><code>6a63f71</code></a>
Update tests for changes in <code>lowlight</code></li>
<li><a
href="36727b6df4"><code>36727b6</code></a>
Update dev-dependencies</li>
<li><a
href="241ced97b2"><code>241ced9</code></a>
Update Actions</li>
<li>See full diff in <a
href="https://github.com/rehypejs/rehype-highlight/compare/7.0.1...7.0.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
