github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,743 Commits 1 Branch 0 Tags
eb6830daa24258023c75e90199efd1441b0b714f
Commit Graph

7743 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
eb6830daa2 build(deps): bump flowbite-react from 0.11.7 to 0.11.8 in /rust/gui-client in the flowbite group (#9754) 
Bumps the flowbite group in /rust/gui-client with 1 update:
[flowbite-react](https://github.com/themesberg/flowbite-react/tree/HEAD/packages/ui).

Updates `flowbite-react` from 0.11.7 to 0.11.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/themesberg/flowbite-react/releases">flowbite-react's
releases</a>.</em></p>
<blockquote>
<h2>flowbite-react@0.11.8</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/themesberg/flowbite-react/pull/1579">#1579</a>
<a
href="d44648d0ab"><code>d44648d</code></a>
Thanks <a
href="https://github.com/SutuSebastian"><code>@​SutuSebastian</code></a>!
- fix(Datepicker): switch hardcoded color <code>cyan</code> -&gt;
<code>primary</code></li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Improve table pagination by <a
href="https://github.com/jfacoustic"><code>@​jfacoustic</code></a> in <a
href="https://redirect.github.com/themesberg/flowbite-react/pull/1567">themesberg/flowbite-react#1567</a></li>
<li>fix(Datepicker): switch hardcoded color <code>cyan</code> -&gt;
<code>primary</code> by <a
href="https://github.com/SutuSebastian"><code>@​SutuSebastian</code></a>
in <a
href="https://redirect.github.com/themesberg/flowbite-react/pull/1579">themesberg/flowbite-react#1579</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/jfacoustic"><code>@​jfacoustic</code></a> made
their first contribution in <a
href="https://redirect.github.com/themesberg/flowbite-react/pull/1567">themesberg/flowbite-react#1567</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/themesberg/flowbite-react/compare/flowbite-react@0.11.7...flowbite-react@0.11.8">https://github.com/themesberg/flowbite-react/compare/flowbite-react@0.11.7...flowbite-react@0.11.8</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/themesberg/flowbite-react/blob/main/packages/ui/CHANGELOG.md">flowbite-react's
changelog</a>.</em></p>
<blockquote>
<h2>0.11.8</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/themesberg/flowbite-react/pull/1579">#1579</a>
<a
href="d44648d0ab"><code>d44648d</code></a>
Thanks <a
href="https://github.com/SutuSebastian"><code>@​SutuSebastian</code></a>!
- fix(Datepicker): switch hardcoded color <code>cyan</code> -&gt;
<code>primary</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="557d2336b6"><code>557d233</code></a>
Version Packages (<a
href="https://github.com/themesberg/flowbite-react/tree/HEAD/packages/ui/issues/1580">#1580</a>)</li>
<li><a
href="d44648d0ab"><code>d44648d</code></a>
fix(Datepicker): switch hardcoded color <code>cyan</code> -&gt;
<code>primary</code> (<a
href="https://github.com/themesberg/flowbite-react/tree/HEAD/packages/ui/issues/1579">#1579</a>)</li>
<li><a
href="c6f235cc97"><code>c6f235c</code></a>
Improve table pagination (<a
href="https://github.com/themesberg/flowbite-react/tree/HEAD/packages/ui/issues/1567">#1567</a>)</li>
<li>See full diff in <a
href="https://github.com/themesberg/flowbite-react/commits/flowbite-react@0.11.8/packages/ui">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=flowbite-react&package-manager=npm_and_yarn&previous-version=0.11.7&new-version=0.11.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-10 16:57:12 +00:00
Thomas Eizinger
7689402c50 chore(snownet): print packets of unknown format (#9818) 
When receiving UDP packets that we cannot decode we log an error. In
order to identify, whether we might have bugs in our decoding logic, we
now also print the hex-encoding of the packet for further analysis on
DEBUG.
 2025-07-10 15:11:54 +00:00
Thomas Eizinger
b4b50b5615 fix(gui-client): move tslink metadata (#9817) 
A recent release of `tslink` now supports configuration via the
`package.metadata` table which resolved a warning about "unknown key"
that we have seeing for a while.
 2025-07-10 14:54:50 +00:00
Thomas Eizinger
0c151a2a96 chore(gateway): include ID of unknown peer in error message (#9819) 
This will help with diagnosing issues in Sentry.
 2025-07-10 14:32:05 +00:00
Thomas Eizinger
f98fcca542 refactor(connlib): directly implement async fn (#9806) 
At present, and as a result of how `connlib` evolved, we still implement
a `Poll`-based function for receiving data on our UDP socket. Ever since
we moved to dedicated threads for the UDP socket, we can directly block
on "block" on receiving datagrams and don't have to poll the socket.

This simplifies the implementation a fair bit. Additionally, it made me
reailise that we currently don't expose any errors on the UDP socket.
Likely, those will be ephemeral but it is still better than completely
silencing them.
 2025-07-10 13:54:44 +00:00
Thomas Eizinger
f659ee2c00 refactor(windows): move valueName to text in .admx (#9796) 
With a real AD (and not Intune), it seems the `valueName` attribute is
required for text elements.

Supersedes: #9419
Co-authored-by: Antoine Labarussias <antoinelabarussias@gmail.com>
 2025-07-10 13:52:07 +00:00
Thomas Eizinger
d4ba045eec chore(gui-client): move log about existing session (#9813) 
This log is misplaced within the current `try_connect` function because
that will also be called when we didn't have Internet while we tried to
first connect and then witnessed a network change (in which case the
token is cached in the `WaitingForNetwork` session state).

Thus, we move the log to the `Connect` msg handler where we shouldn't
have any existing session.
 2025-07-10 13:41:23 +00:00
dependabot[bot]
32151b6b0d build(deps): bump tslink from 0.3.0 to 0.4.2 in /rust (#9485) 
Bumps [tslink](https://github.com/icsmw/tslink) from 0.3.0 to 0.4.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/icsmw/tslink/blob/master/changelog.md">tslink's
changelog</a>.</em></p>
<blockquote>
<h1>0.4.2 (08.06.2025)</h1>
<h2>Changes</h2>
<ul>
<li>Migrate settings to <code>package.metadata.tslink</code></li>
</ul>
<h1>0.4.1 (08.06.2025)</h1>
<h2>Changes</h2>
<ul>
<li>Add support arrays in the context of <code>const</code></li>
</ul>
<h1>0.4.0 (08.06.2025)</h1>
<h2>Features</h2>
<ul>
<li>Add support of <code>const</code> for primitive types</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/icsmw/tslink/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tslink&package-manager=cargo&previous-version=0.3.0&new-version=0.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-10 09:57:07 +00:00
Thomas Eizinger
55aef6ae11 chore: publish gui-client 1.5.5 (#9811) 2025-07-09 12:44:38 +00:00
Thomas Eizinger
df57e6c3da docs(website): add changelog entries (#9794) 
We've not added changelog entries for several of the PRs that went in
recently. This adds some for the more user-facing changes and fixes that
we are shipping.
 2025-07-08 22:36:04 +02:00
Thomas Eizinger
a87485a4e0 chore(connlib): silence EHOSTDOWN errors (#9797) 
Certain UNIX systems such as macOS also use the EHOSTDOWN error to
signal that a packet cannot be sent to a certain IP. There is nothing we
can do about this error so we downgrade it from a WARN to a DEBUG like
we do for other kinds of "unreachable" errors.
 2025-07-07 22:52:39 +00:00
Thomas Eizinger
237bd62b20 fix(snownet): don't generate candidates of mixed IP version (#9804) 
When we shipped the feature of optimistc server-reflexive candidates, we
failed to add a check to only combine address and base such that they
are the same IP version. This is not harmful but unnecessary noise.
 2025-07-07 22:47:40 +00:00
Thomas Eizinger
e5fb6adbb4 fix(connlib): always signal server-reflexive candidates (#9802) 
When we create a new connection, we seed the local ICE agent with all
known local candidates, i.e. host addresses and allocations on relays.
Server-reflexive candidates are never added to the local agent because
you cannot send directly from a server-reflexive addresses. Instead, an
agent sends from the _base_ of a server-reflexive candidate which in
turn is known as a host candidate.

The server-reflexive candidate is however signaled to the remote so it
can try and send packets to it. Those will then be mapped by the NAT to
our host candidate.

In case we have just performed a network reset, our own server-reflexive
candidate may not be known yet and therefore the seeding doesn't add an
candidates. With no candidates being seeded, we also can't signal them
to the remote.

For candidates discovered later in this process, the signalling happens
as part of adding them to the local agent. Because server-reflexive
candidates are not added to the local agent, we currently miss out on
signaling those to the remote IF they weren't already present when the
ICE agent got created.

This scenario can happen right after a network reset. In practice, it
shouldn't be much of an issue though. As soon as we start sending from
our host candidate, the remote will create a peer-reflexive candidate
for it. It is however cleaner to directly send the server-reflexive
candidate once we discover it.
 2025-07-07 22:46:46 +00:00
dependabot[bot]
5a5843bfa7 build(deps): bump reqwest from 0.12.20 to 0.12.22 in /rust (#9799) 
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.20 to
0.12.22.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/releases">reqwest's
releases</a>.</em></p>
<blockquote>
<h2>v0.12.22</h2>
<h2>tl;dr</h2>
<ul>
<li>Fix socks proxies when resolving IPv6 destinations.</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>fix(socks): bracket IPv6 addresses when formatting destination host
by <a href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in
<a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2753">seanmonstar/reqwest#2753</a></li>
<li>Prepare v0.12.22 by <a
href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in
<a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2754">seanmonstar/reqwest#2754</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/seanmonstar/reqwest/compare/v0.12.21...v0.12.22">https://github.com/seanmonstar/reqwest/compare/v0.12.21...v0.12.22</a></p>
<h2>v0.12.21</h2>
<h2>tl;dr</h2>
<ul>
<li>Fix socks proxy to use <code>socks4a://</code> instead of
<code>socks4h://</code>.</li>
<li>Fix <code>Error::is_timeout()</code> to check for hyper and IO
timeouts too.</li>
<li>Fix request <code>Error</code> to again include URLs when
possible.</li>
<li>Fix socks connect error to include more context.</li>
<li>(wasm) implement <code>Default</code> for <code>Body</code>.</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>chore: remove unused slab dep by <a
href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in
<a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2729">seanmonstar/reqwest#2729</a></li>
<li>docs: mention requiring Tokio by <a
href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in
<a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2731">seanmonstar/reqwest#2731</a></li>
<li>Fix Typos in Comments for Multipart and Redirect Tests by <a
href="https://github.com/leopardracer"><code>@​leopardracer</code></a>
in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2738">seanmonstar/reqwest#2738</a></li>
<li>fix: request errors should include url by <a
href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in
<a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2741">seanmonstar/reqwest#2741</a></li>
<li>fix: consider timeout from hyper::Error by <a
href="https://github.com/flisky"><code>@​flisky</code></a> in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2742">seanmonstar/reqwest#2742</a></li>
<li>feat: add Default impl for wasm::Body by <a
href="https://github.com/jpopesculian"><code>@​jpopesculian</code></a>
in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2746">seanmonstar/reqwest#2746</a></li>
<li>fix: Fix SOCKS4a proxy protocol matching by <a
href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2732">seanmonstar/reqwest#2732</a></li>
<li>fix: add more context and description to SOCKS errors by <a
href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in
<a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2750">seanmonstar/reqwest#2750</a></li>
<li>Prepare v0.12.21 by <a
href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in
<a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2751">seanmonstar/reqwest#2751</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/leopardracer"><code>@​leopardracer</code></a>
made their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2738">seanmonstar/reqwest#2738</a></li>
<li><a
href="https://github.com/jpopesculian"><code>@​jpopesculian</code></a>
made their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2746">seanmonstar/reqwest#2746</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/seanmonstar/reqwest/compare/v0.12.20...v0.12.21">https://github.com/seanmonstar/reqwest/compare/v0.12.20...v0.12.21</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's
changelog</a>.</em></p>
<blockquote>
<h2>v0.12.22</h2>
<ul>
<li>Fix socks proxies when resolving IPv6 destinations.</li>
</ul>
<h2>v0.12.21</h2>
<ul>
<li>Fix socks proxy to use <code>socks4a://</code> instead of
<code>socks4h://</code>.</li>
<li>Fix <code>Error::is_timeout()</code> to check for hyper and IO
timeouts too.</li>
<li>Fix request <code>Error</code> to again include URLs when
possible.</li>
<li>Fix socks connect error to include more context.</li>
<li>(wasm) implement <code>Default</code> for <code>Body</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e6e2d8a25d"><code>e6e2d8a</code></a>
v0.12.22</li>
<li><a
href="a9ab0fae3f"><code>a9ab0fa</code></a>
fix(socks): bracket IPv6 addresses when formatting destination host (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2753">#2753</a>)</li>
<li><a
href="b739726c4a"><code>b739726</code></a>
v0.12.21</li>
<li><a
href="d9ecdc19b3"><code>d9ecdc1</code></a>
fix: add more context and description to SOCKS errors (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2750">#2750</a>)</li>
<li><a
href="d4c9eec3c2"><code>d4c9eec</code></a>
fix: look for socks4a instead of socks4h (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2732">#2732</a>)</li>
<li><a
href="d793ed2623"><code>d793ed2</code></a>
(wasm) feat: add Default impl for wasm::Body (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2746">#2746</a>)</li>
<li><a
href="4cb2866cd4"><code>4cb2866</code></a>
fix: Error::is_timeout() checks for hyper::Error::is_timeout() (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2742">#2742</a>)</li>
<li><a
href="1794d99737"><code>1794d99</code></a>
fix: request errors should include url (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2741">#2741</a>)</li>
<li><a
href="9edbd2e00b"><code>9edbd2e</code></a>
tests: fix typos in multipart and redirect tests (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2738">#2738</a>)</li>
<li><a
href="e03d6f4ec4"><code>e03d6f4</code></a>
docs: mention requiring Tokio (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2731">#2731</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/seanmonstar/reqwest/compare/v0.12.20...v0.12.22">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=reqwest&package-manager=cargo&previous-version=0.12.20&new-version=0.12.22)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 12:16:11 +00:00
dependabot[bot]
b3372370e8 build(deps): bump tokio from 1.45.1 to 1.46.1 in /rust (#9800) 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.45.1 to 1.46.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tokio-rs/tokio/releases">tokio's
releases</a>.</em></p>
<blockquote>
<h2>Tokio v1.46.1</h2>
<h1>1.46.1 (July 4th, 2025)</h1>
<p>This release fixes incorrect spawn locations in runtime task hooks
for tasks spawned using <code>tokio::spawn</code> rather than
<code>Runtime::spawn</code>. This issue only effected the spawn location
in <code>TaskMeta::spawned_at</code>, and did not effect task locations
in Tracing events.</p>
<h2>Unstable</h2>
<ul>
<li>runtime: add <code>TaskMeta::spawn_location</code> tracking where a
task was spawned (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7440">#7440</a>)</li>
</ul>
<p><a
href="https://redirect.github.com/tokio-rs/tokio/issues/7440">#7440</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7440">tokio-rs/tokio#7440</a></p>
<h2>Tokio v1.46.0</h2>
<h1>1.46.0 (July 2nd, 2025)</h1>
<h3>Fixed</h3>
<ul>
<li>net: fixed <code>TcpStream::shutdown</code> incorrectly returning an
error on macOS (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7290">#7290</a>)</li>
</ul>
<h2>Added</h2>
<ul>
<li>sync: <code>mpsc::OwnedPermit::{same_channel,
same_channel_as_sender}</code> methods (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7389">#7389</a>)</li>
<li>macros: <code>biased</code> option for <code>join!</code> and
<code>try_join!</code>, similar to <code>select!</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7307">#7307</a>)</li>
<li>net: support for cygwin (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7393">#7393</a>)</li>
<li>net: support <code>pope::OpenOptions::read_write</code> on Android
(<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7426">#7426</a>)</li>
<li>net: add <code>Clone</code> implementation for
<code>net::unix::SocketAddr</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7422">#7422</a>)</li>
</ul>
<h2>Changed</h2>
<ul>
<li>runtime: eliminate unnecessary lfence while operating on
<code>queue::Local&lt;T&gt;</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7340">#7340</a>)</li>
<li>task: disallow blocking in <code>LocalSet::{poll,drop}</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7372">#7372</a>)</li>
</ul>
<h2>Unstable</h2>
<ul>
<li>runtime: add <code>TaskMeta::spawn_location</code> tracking where a
task was spawned (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7417">#7417</a>)</li>
<li>runtime: removed borrow from <code>LocalOptions</code> parameter to
<code>runtime::Builder::build_local</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7346">#7346</a>)</li>
</ul>
<h2>Documented</h2>
<ul>
<li>io: clarify behavior of seeking when <code>start_seek</code> is not
used (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7366">#7366</a>)</li>
<li>io: document cancellation safety of
<code>AsyncWriteExt::flush</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7364">#7364</a>)</li>
<li>net: fix docs for <code>recv_buffer_size</code> method (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7336">#7336</a>)</li>
<li>net: fix broken link of <code>RawFd</code> in <code>TcpSocket</code>
docs (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7416">#7416</a>)</li>
<li>net: update <code>AsRawFd</code> doc link to current Rust stdlib
location (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7429">#7429</a>)</li>
<li>readme: fix double period in reactor description (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7363">#7363</a>)</li>
<li>runtime: add doc note that <code>on_*_task_poll</code> is unstable
(<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7311">#7311</a>)</li>
<li>sync: update broadcast docs on allocation failure (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7352">#7352</a>)</li>
<li>time: add a missing panic scenario of <code>time::advance</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7394">#7394</a>)</li>
</ul>
<p><a
href="https://redirect.github.com/tokio-rs/tokio/issues/7290">#7290</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7290">tokio-rs/tokio#7290</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7307">#7307</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7307">tokio-rs/tokio#7307</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ab3ff69cf2"><code>ab3ff69</code></a>
chore: prepare to release v1.46.1 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7444">#7444</a>)</li>
<li><a
href="a0d5b8ab30"><code>a0d5b8a</code></a>
runtime(unstable): fix task hook spawn locations for
<code>tokio::spawn</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7440">#7440</a>)</li>
<li><a
href="a1ee3ef218"><code>a1ee3ef</code></a>
chore: fix some minor typos in the comments (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7442">#7442</a>)</li>
<li><a
href="171cd148a3"><code>171cd14</code></a>
changelog: fix typo in <code>pipe::OpenOptions</code> for 1.46.0 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7439">#7439</a>)</li>
<li><a
href="3f1f268583"><code>3f1f268</code></a>
chore: prepare Tokio v1.46.0 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7437">#7437</a>)</li>
<li><a
href="3e890cc017"><code>3e890cc</code></a>
rt(unstable): add spawn <code>Location</code> to <code>TaskMeta</code>
(<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7417">#7417</a>)</li>
<li><a
href="69290a6432"><code>69290a6</code></a>
net: derive <code>Clone</code> for <code>net::unix::SocketAddr</code>
(<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7422">#7422</a>)</li>
<li><a
href="e2b175848b"><code>e2b1758</code></a>
fuzz: cfg fuzz tests under cfg(test) (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7428">#7428</a>)</li>
<li><a
href="b7a75b5be3"><code>b7a75b5</code></a>
net: update <code>AsRawFd</code> doc link to current Rust stdlib
location (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7429">#7429</a>)</li>
<li><a
href="6b705b3053"><code>6b705b3</code></a>
net: allow <code>pipe::OpenOptions::read_write</code> on Android (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7426">#7426</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tokio-rs/tokio/compare/tokio-1.45.1...tokio-1.46.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio&package-manager=cargo&previous-version=1.45.1&new-version=1.46.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 12:15:23 +00:00
Thomas Eizinger
ced0579f93 fix(ci): use outcome instead of conclusion (#9792) 
According to the documentation [0]:

> When a `continue-on-error step` fails, the `outcome` is `failure`, but
the final `conclusion` is `success`.

We update the action accordingly to make our retry mechanism work.

[0]:
https://docs.github.com/es/actions/reference/contexts-reference#steps-context

Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
 2025-07-06 08:44:31 +00:00
Jamil
b20c141759 feat(portal): add batch-insert to change logs (#9733) 
Inserting a change log incurs some minor overhead for sending query over
the network and reacting to its response. In many cases, this makes up
the bulk of the actual time it takes to run the change log insert.

To reduce this overhead and avoid any kind of processing delay in the
WAL consumers, we introduce batch insert functionality with size `500`
and timeout `30` seconds. If either of those two are hit, we flush the
batch using `insert_all`.

`insert_all` does not use `Ecto.Changeset`, so we need to be a bit more
careful about the data we insert, and check the inserted LSNs to
determine what to update the acknowledged LSN pointer to.

The functionality to determine when to call the new `on_flush/1`
callback lives in the replication_connection module, but the actual
behavior of `on_flush/1` is left to the child modules to implement. The
`Events.ReplicationConnection` module does not use flush behavior, and
so does not override the defaults, which is not to use a flush
mechanism.

Related: #949
 2025-07-05 19:03:28 +00:00
Thomas Eizinger
c48ed2a1a0 feat(connlib): introduce 2s grace-period upon ICE disconnect (#9793) 
When Firezone detects that the user is switching networks, we perform an
internal reset where we clear all connections and also all local
candidates. As part of the reset, we then send STUN requests to our
relays to re-discover our host and server-reflexive candidates. In this
scenario, the Gateway is still connected to its network and is therefore
able to send its candidates as soon as it receives the connection intent
from the portal.

This opens us up to the following race condition which leads to a
false-positive "ICE timeout":

1. Client roams network and clears all local state.
2. Client sends STUN binding requests to relays.
3. Client initiates a new connection.
4. Gateway acknowledges connection.
5. Client creates new ICE agent and attempts to seed it with local
candidates. We don't have a response from the relays yet and therefore
don't have any local candidates.
6. Client receives remote candidates and adds them to the agent.
7. ICE agent is unable to form pairs and therefore concludes that it is
disconnected.
8. We treat the disconnected event as a connection failure and clear the
connection.
9. Relays respond to STUN binding requests but we cannot add the new
candidates to the connection because it is already cleared.

The ICE spec states that after an agent transitions into the
"disconnected" state, it may transition back to "connected" if e.g. new
candidates are added as those allow the forming of new pairs. In
general, it is recommended to not treat "disconnected" as a permanent
state. To honor this recommendation, we introduce a 2s grace-period in
which we can recover from such a "disconnected" state.
 2025-07-05 18:52:59 +00:00
Jamil
4a02e89b43 ci: publish headless 1.5.1 (#9791) 2025-07-05 08:18:14 +00:00
Jamil
c869bcfe13 chore(portal): tag Relay WAL todos (#9767) 
These aren't a priority to clean up right now, but I wanted to tag them
so I don't forget to do it later on.
 2025-07-04 22:30:06 +00:00
Jamil
2a38c532af chore(portal): remove gateway masquerade option (#9790) 
AFAIK these are ignored by connlib. Instead, we configure masquerading
on the host.
 2025-07-04 21:08:11 +00:00
Thomas Eizinger
f04c23c8d9 ci: retry authentication with GCP (#9786) 
At present, it appears that `actions/toolkit` has a bug where it isn't
always able to correctly fetch an ID token. See
https://github.com/actions/toolkit/issues/2098 for the upstream issue.
As a result, our CI often fails relatively often. A simple restart
usually fixes the issue. This however is annoying because it means PRs
get de-queued from the merge-queue or don't queue in the first place and
therefore require baby-sitting.

To fix this, we attempt to build a retry-mechanism from within the
action. Using `continue-on-error`, we tell the "auth" step to continue,
even if it fails. Following that, we try to authenticate again but only
if the previous one failed. We do this up to 3 times before actually
giving up.

---------

Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
 2025-07-04 18:29:17 +00:00
Thomas Eizinger
a6796fe8b2 fix(telemetry): always use hex-encoded ID as user ID (#9781) 
We are currently in the process of transitioning the Firezone Clients
away from always hashing the ID before sending it to the portal. This
will make lookups and correlation of data between our systems much
easier.

The way we are performing this migration is that new installations of
Firezone will directly generate a 64 char hex-string as the Firezone ID.
If the ID looks like a UUID (which is the old format), we still hash it
and send it to the portal, otherwise we send it as-is.

Presently, the telemetry integration with Sentry and PostHog do the
opposite. They always sets the Firezone ID as-is and includes an
`external_id` that is the hashed form if it detects that it is a UUID
(or in the case of PostHog, create an alias). It is much better to flip
this around and always set the hex-string as the user id. That way, we
can simply always filter by the `user.id` attribute in Sentry and always
refer to the ID that we are seeing in the portal.
 2025-07-04 16:55:44 +00:00
Thomas Eizinger
8b001b3e8b refactor(telemetry): use atomics for feature-flags (#9783) 
Feature flags may be accessed _very_ often such as on every log
statement with #9780. To make sure this is as performant as possible, we
move from an `RwLock` to atomic booleans with relaxed ordering.
 2025-07-04 14:55:45 +00:00
Thomas Eizinger
ec2599d545 chore(rust): simplify stream logs feature (#9780) 
Instead of conditionally enabling the `logs` feature in the Sentry
client, we always enable it and control via the `tracing` integration,
which events should get forwarded to Sentry. The feature-flag check
accesses only shared-memory and is therefore really fast.

We already re-evaluate feature flags on a timer which means this boolean
will flip over automatically and logs will be streamed to Sentry.
 2025-07-04 14:51:53 +00:00
Thomas Eizinger
0617c96b69 chore(nix): follow system release channel (#9784) 
In order to avoid glibc mismatches, the dev-shell started by the nix
flake should follow the system channel instead of pinning a version by
itself.
 2025-07-04 14:27:53 +00:00
Thomas Eizinger
abfdda18d8 fix(gui-client): allow disabling telemetry (#9785) 
Resolves: #9778
 2025-07-04 14:27:28 +00:00
Thomas Eizinger
a556b39136 chore: remove duplicate labels from actionlint configuration (#9789) 2025-07-04 14:25:47 +00:00
Thomas Eizinger
cb9b087bf3 refactor(ci): reuse gcp-docker-login action (#9787) 
It appears the code for authenticating with GCP is duplicated in some of
our workflows.
 2025-07-04 14:06:21 +00:00
Thomas Eizinger
01e3fea0ac fix(gui-client): don't panic on existing session (#9779) 
Customer hit what seems to be a rare race condition where we try to
connect whilst we already have a session. I don't know which state it is
in so I am replacing it with a WARN log to learn more about this in
Sentry in case it gets hit again.
 2025-07-04 07:44:53 +00:00
Thomas Eizinger
4be8e5458a chore(telemetry): don't fmt fields from the log crate (#9774) 
Those are internal to `tracing` and don't need to be formatted into the
message we send to Sentry.
 2025-07-04 00:03:18 +00:00
Thomas Eizinger
e0c607dd57 chore(gui-client): remove unnecessary identify call (#9775) 
It is unnecessary to call this in the GUI client because the tunnel
service will already do this _and_ supply the `account_slug` with it as
well.
 2025-07-03 23:17:28 +00:00
dependabot[bot]
fc256d7e37 build(deps): bump phoenix_ecto from 4.6.4 to 4.6.5 in /elixir (#9755) 
Bumps [phoenix_ecto](https://github.com/phoenixframework/phoenix_ecto)
from 4.6.4 to 4.6.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/phoenix_ecto/blob/main/CHANGELOG.md">phoenix_ecto's
changelog</a>.</em></p>
<blockquote>
<h2>v4.6.5</h2>
<ul>
<li>Bug fixes
<ul>
<li>Unallow existing allowances when attempting to allow a Plug to
access a connection</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/phoenixframework/phoenix_ecto/commits/v4.6.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=phoenix_ecto&package-manager=hex&previous-version=4.6.4&new-version=4.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 23:05:48 +00:00
Thomas Eizinger
17a1d36eae fix(gui-client): set IO error type for missing non-tunnel routes (#9777) 
On Windows - in order to prevent routing loops - we resolve the best
"non-tunnel" route to a particular host for each IP address. The
resulting source IP is then used as source for packets leaving our
interface. In case the system doesn't have IPv6 connectivity or are
simply no routes available, we fail this "source IP resolver" with an IO
error.

Presently, this uses the "other" IO error type which causes this to be
logged on a WARN level in the event-loop. The IO error types
`HostUnreachable` and `NetworkUnreachable` are expected during normal
operation of Firezone and are therefore only logged on DEBUG.

By changing this IO error type, we fix the WARN log spam on Windows for
machines without IPv6 connectivity.
 2025-07-03 21:45:06 +00:00
Brian Manifold
83e71f45b8 fix(portal): catch all errors when sending welcome email (#9776) 
Why:

* We were previously only catching the `:rate_limited` error when
sending welcome emails. This update adds a catch-all case to gracefully
handle the error and alert us.

---------

Signed-off-by: Brian Manifold <bmanifold@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
 2025-07-03 21:41:12 +00:00
Thomas Eizinger
94660cbb2c chore(gui-smoke-test): wait for tunnel service to boot (#9766) 
The tunnel service creates the Firezone ID upon start-up. With recent
changes to the GUI client, we now require reading the ID file when
starting the GUI client.

This exposes a race condition in our smoke-tests where we start them
both at roughly the same time.

To fix this, we sleep for 500ms after starting the tunnel process.
 2025-07-02 05:16:15 +00:00
Thomas Eizinger
7e25027c73 ci: fix automated PR creation on publish (#9739) 2025-07-02 05:14:32 +00:00
dependabot[bot]
29eb16393a build(deps): bump gradle/actions from 4.4.0 to 4.4.1 in /.github/actions/setup-android (#9741) 
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.4.0 to
4.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.1</h2>
<p>This patch release fixes a bug in Develocity Injection with a custom
plugin repository.
The <code>gradle-plugin-repository-*</code> action parameters were not
being correctly mapped to environment variables that are read by the
Develocity Injection init script.</p>
<p>This issue has been fixed by setting the correct environment
variables:</p>
<ul>
<li><code>gradle-plugin-repository-url</code> is mapped to
<code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_URL</code></li>
<li><code>gradle-plugin-repository-username</code> is mapped to
<code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_USERNAME</code></li>
<li><code>gradle-plugin-repository-password</code> is mapped to
<code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_PASSWORD</code></li>
</ul>
<p>Additionally, these parameters can now be used to configure a custom
plugin repository for the GitHub Dependency Graph Gradle Plugin,
required for dependency submission.</p>
<h2>What's Changed</h2>
<ul>
<li>Dependency updates by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/667">gradle/actions#667</a></li>
<li>Fix plugin repository env vars by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/669">gradle/actions#669</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.4.0...v4.4.1">https://github.com/gradle/actions/compare/v4.4.0...v4.4.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ac638b010c"><code>ac638b0</code></a>
[bot] Update dist directory</li>
<li><a
href="fd888822a4"><code>fd88882</code></a>
Fix setting env vars for plugin repository (<a
href="https://redirect.github.com/gradle/actions/issues/669">#669</a>)</li>
<li><a
href="3af3dd3475"><code>3af3dd3</code></a>
[bot] Update dist directory</li>
<li><a
href="bf78bf9f10"><code>bf78bf9</code></a>
Dependency updates (<a
href="https://redirect.github.com/gradle/actions/issues/667">#667</a>)</li>
<li><a
href="ca92106195"><code>ca92106</code></a>
Use Java 17 for toolchain build</li>
<li><a
href="f7d1903e6c"><code>f7d1903</code></a>
Update known wrapper checksums</li>
<li><a
href="eb0816ba44"><code>eb0816b</code></a>
Fix update-wrapper-checksums workflow</li>
<li><a
href="d408d6219d"><code>d408d62</code></a>
Bump the npm-dependencies group across 1 directory with 5 updates</li>
<li><a
href="306df22de3"><code>306df22</code></a>
Bump the github-actions group across 1 directory with 3 updates</li>
<li><a
href="05baf32a7f"><code>05baf32</code></a>
Bump org.gradle.toolchains.foojay-resolver-convention</li>
<li>Additional commits viewable in <a
href="8379f6a132...ac638b010c">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.4.0&new-version=4.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 17:18:36 +00:00
dependabot[bot]
0c274d3e36 build(deps): bump the tauri group in /rust/gui-client with 2 updates (#9740) 
Bumps the tauri group in /rust/gui-client with 2 updates:
[@tauri-apps/api](https://github.com/tauri-apps/tauri) and
[@tauri-apps/cli](https://github.com/tauri-apps/tauri).

Updates `@tauri-apps/api` from 2.5.0 to 2.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/api</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/api</code> v2.6.0</h2>
<!-- raw HTML omitted -->
<pre><code>No known vulnerabilities found
</code></pre>
<!-- raw HTML omitted -->
<h2>[2.6.0]</h2>
<h3>New Features</h3>
<ul>
<li><a
href="50ebddaa2d"><code>50ebddaa2</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13319">#13319</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../kingsword09"><code>@​kingsword09</code></a>)
Expose the <code>setAutoResize</code> API for webviews in
<code>@tauri-apps/api</code>.</li>
<li><a
href="267368fd4f"><code>267368fd4</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13276">#13276</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../amrbashir"><code>@​amrbashir</code></a>)
Add <code>Monitor.workArea</code> field.</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="23b9da75b9"><code>23b9da75b</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13324">#13324</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../kingsword09"><code>@​kingsword09</code></a>)
Fixed path joining behavior where <code>path.join('', 'a')</code>
incorrectly returns &quot;/a&quot; instead of &quot;a&quot;.</li>
<li><a
href="b985eaf0a2"><code>b985eaf0a</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13306">#13306</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Immediately unregister event listener when the unlisten function is
called.</li>
</ul>
<h3>What's Changed</h3>
<ul>
<li><a
href="b5c549d189"><code>b5c549d18</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13325">#13325</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>)
<code>transformCallback</code> now registers the callbacks inside
<code>window.__TAURI_INTERNALS__.callbacks</code> instead of directly on
<code>window['_{id}']</code></li>
</ul>
<!-- raw HTML omitted -->
<pre><code>&gt; @tauri-apps/api@2.6.0 npm-publish
/home/runner/work/tauri/tauri/packages/api
&gt; pnpm build &amp;&amp; cd ./dist &amp;&amp; pnpm publish --access
public --loglevel silly --no-git-checks
<p>&gt; <code>@​tauri-apps/api</code><a
href="https://github.com/2"><code>@​2</code></a>.6.0 build
/home/runner/work/tauri/tauri/packages/api
&gt; rollup -c --configPlugin typescript</p>
<p>
./src/app.ts, ./src/core.ts, ./src/dpi.ts, ./src/event.ts,
./src/image.ts, ./src/index.ts, ./src/menu.ts, ./src/mocks.ts,
./src/path.ts, ./src/tray.ts, ./src/webview.ts, ./src/webviewWindow.ts,
./src/window.ts → ./dist, ./dist...
created ./dist, ./dist in 1.7s

src/index.ts →
../../crates/tauri/scripts/bundle.global.js...
created ../../crates/tauri/scripts/bundle.global.js in
1.8s
npm verbose cli /opt/hostedtoolcache/node/20.19.2/x64/bin/node
/opt/hostedtoolcache/node/20.19.2/x64/bin/npm
npm info using npm@10.8.2
npm info using node@v20.19.2
npm silly config
load:file:/opt/hostedtoolcache/node/20.19.2/x64/lib/node_modules/npm/npmrc
npm silly config load:file:/tmp/2b52e4eba4f2f6fee26c87fa0c50d004/.npmrc
npm silly config load:file:/home/runner/work/_temp/.npmrc
npm silly config
load:file:/opt/hostedtoolcache/node/20.19.2/x64/etc/npmrc
&lt;/tr&gt;&lt;/table&gt;
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="594822aa55"><code>594822a</code></a>
Apply Version Updates From Current Changes (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13282">#13282</a>)</li>
<li><a
href="e4aa35e083"><code>e4aa35e</code></a>
fix(cli): init tests</li>
<li><a
href="9c16eefa31"><code>9c16eef</code></a>
Update kuchikiki, html5ever, tao, wry, webview2-com (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13629">#13629</a>)</li>
<li><a
href="3242e1c946"><code>3242e1c</code></a>
feat(cli): allow passing Cargo commands to mobile dev/build commands (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13659">#13659</a>)</li>
<li><a
href="4a880ca697"><code>4a880ca</code></a>
feat(cli): synchronize productName changes with iOS Xcode project (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13658">#13658</a>)</li>
<li><a
href="d1ce9af628"><code>d1ce9af</code></a>
feat(cli): add <code>--config</code> arg to the mobile init cmds, closes
<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13284">#13284</a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13660">#13660</a>)</li>
<li><a
href="ec6065fa4a"><code>ec6065f</code></a>
fix(cli): use original identifier to fix mobile options reading (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13625">#13625</a>)</li>
<li><a
href="18b5299952"><code>18b5299</code></a>
docs: where does resource dir resolve to (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13640">#13640</a>)</li>
<li><a
href="eb3f0248c2"><code>eb3f024</code></a>
fix: write default permission words if not empty (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13646">#13646</a>)</li>
<li><a
href="c03cc586e3"><code>c03cc58</code></a>
chore: check generated file on package lock change (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13641">#13641</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/api-v2.5.0...@tauri-apps/api-v2.6.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `@tauri-apps/cli` from 2.5.0 to 2.6.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/cli</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/cli</code> v2.6.2</h2>
<h2>[2.6.2]</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="cbd9629729"><code>cbd962972</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13730">#13730</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Load <code>--config</code> arguments when running the Xcode and Android
Studio build scripts.</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>tauri-cli@2.6.2</code></li>
</ul>
<h2><code>@​tauri-apps/cli</code> v2.6.1</h2>
<h2>[2.6.1]</h2>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>tauri-cli@2.6.1</code></li>
</ul>
<h2><code>@​tauri-apps/cli</code> v2.6.0</h2>
<h2>[2.6.0]</h2>
<h3>New Features</h3>
<ul>
<li><a
href="414619c36e"><code>414619c36</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13536">#13536</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../Tunglies"><code>@​Tunglies</code></a>)
Added support for the <code>bundleName</code> property in the macOS
bundler configuration. This allows specifying the
<code>CFBundleName</code> value for generated macOS bundles.</li>
<li><a
href="3242e1c946"><code>3242e1c94</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13659">#13659</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Allow passing Cargo arguments to mobile dev and build commands.</li>
<li><a
href="d1ce9af628"><code>d1ce9af62</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13660">#13660</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Allow passing <code>--config</code> arguments to the <code>ios
init</code> and <code>android init</code> commands to tweak the
configuration used to initialize the mobile projects.</li>
<li><a
href="7322f05792"><code>7322f0579</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13502">#13502</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../amrbashir"><code>@​amrbashir</code></a>)
Allow using <code>CheckIfAppIsRunning</code> macro inside NSIS hooks,
for example <code>!insertmacro CheckIfAppIsRunning
&quot;another-executable.exe&quot; &quot;Another
Executable&quot;</code>.</li>
<li><a
href="4a880ca697"><code>4a880ca69</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13658">#13658</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Synchronize Tauri config productName changes with the iOS Xcode
project.</li>
<li><a
href="8ee14a8648"><code>8ee14a864</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13618">#13618</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../Sky-walkerX"><code>@​Sky-walkerX</code></a>)
Warn the user that the app id shouldn't end in <code>.app</code> because
it conflicts with the application bundle extension on macOS</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="35aa7e1218"><code>35aa7e121</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13294">#13294</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../kingsword09"><code>@​kingsword09</code></a>)
fix: allow the target directory to be inside frontendDir as long as it
is not the Rust target directory inside frontendDir.</li>
<li><a
href="ec6065fa4a"><code>ec6065fa4</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13625">#13625</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Fixes Android and iOS dev/build commands not working when the app
identifier is being modified by the <code>--config</code> option.</li>
<li><a
href="5a5291d66c"><code>5a5291d66</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13483">#13483</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Fix simulator build detection on Xcode.</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>tauri-cli@2.6.0</code></li>
<li><a
href="9c16eefa31"><code>9c16eefa3</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13629">#13629</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../sftse"><code>@​sftse</code></a>)
Update html5ever to 0.29 and kuchikiki to version
0.8.8-speedreader.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0277596341"><code>0277596</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13731">#13731</a>)</li>
<li><a
href="cbd9629729"><code>cbd9629</code></a>
fix(cli): load --config values on xcode and android-studio scripts (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13730">#13730</a>)</li>
<li><a
href="0079d08ba9"><code>0079d08</code></a>
chore(worker): Enable observability</li>
<li><a
href="effd106adf"><code>effd106</code></a>
fix(worker): Fix route syntax</li>
<li><a
href="4053ad1b58"><code>4053ad1</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13724">#13724</a>)</li>
<li><a
href="f010ca5e91"><code>f010ca5</code></a>
fix(core): compile error without common-controls-v6 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13719">#13719</a>)</li>
<li><a
href="6b2b9d6cbf"><code>6b2b9d6</code></a>
chore: clippy 1.88 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13720">#13720</a>)</li>
<li><a
href="b6de1c89c2"><code>b6de1c8</code></a>
chore(deps): update rust crate md5 to 0.8 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13712">#13712</a>)</li>
<li><a
href="a3ae2cebbf"><code>a3ae2ce</code></a>
chore(deps): update rust crate rand to 0.9 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13700">#13700</a>)</li>
<li><a
href="a3f11b4f3b"><code>a3f11b4</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13693">#13693</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/cli-v2.5.0...@tauri-apps/cli-v2.6.2">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 17:18:01 +00:00
dependabot[bot]
8ed950fcc0 build(deps): bump docker/setup-buildx-action from 3.10.0 to 3.11.1 (#9745) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.10.0 to 3.11.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.11.1</h2>
<ul>
<li>Fix <code>keep-state</code> not being respected by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/429">docker/setup-buildx-action#429</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1">https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1</a></p>
<h2>v3.11.0</h2>
<ul>
<li>Keep BuildKit state support by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/427">docker/setup-buildx-action#427</a></li>
<li>Remove aliases created when installing by default by <a
href="https://github.com/hashhar"><code>@​hashhar</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/139">docker/setup-buildx-action#139</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.56.0 to 0.62.1 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/422">docker/setup-buildx-action#422</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/425">docker/setup-buildx-action#425</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0">https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e468171a9d"><code>e468171</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/429">#429</a>
from crazy-max/fix-keep-state</li>
<li><a
href="a3e7502fd0"><code>a3e7502</code></a>
chore: update generated content</li>
<li><a
href="b145473295"><code>b145473</code></a>
fix keep-state not being respected</li>
<li><a
href="18ce135bb5"><code>18ce135</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/425">#425</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="0e198e93af"><code>0e198e9</code></a>
chore: update generated content</li>
<li><a
href="05f3f3ac10"><code>05f3f3a</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.61.0 to
0.62.1</li>
<li><a
href="622913496d"><code>6229134</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/427">#427</a>
from crazy-max/keep-state</li>
<li><a
href="c6f6a07025"><code>c6f6a07</code></a>
chore: update generated content</li>
<li><a
href="6c5e29d848"><code>6c5e29d</code></a>
skip builder creation if one already exists with the same name</li>
<li><a
href="548b297749"><code>548b297</code></a>
ci: keep-state check</li>
<li>Additional commits viewable in <a
href="b5ca514318...e468171a9d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.10.0&new-version=3.11.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 17:17:55 +00:00
dependabot[bot]
5440235d3e build(deps): bump actions/cache from 4.2.0 to 4.2.3 in /.github/actions/setup-elixir (#9742) 
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.0 to
4.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use <code>@​actions/cache</code> 4.0.3 package &amp;
prepare for new release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a>
(SAS tokens for cache entries are now masked in debug logs)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.2...v4.2.3">https://github.com/actions/cache/compare/v4.2.2...v4.2.3</a></p>
<h2>v4.2.2</h2>
<h2>What's Changed</h2>
<blockquote>
<p>[!IMPORTANT]
As a reminder, there were important backend changes to release v4.2.0,
see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those
release notes</a> and <a
href="https://github.com/actions/cache/discussions/1510">the
announcement</a> for more details.</p>
</blockquote>
<ul>
<li>Bump <code>@​actions/cache</code> to v4.0.2 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1560">actions/cache#1560</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.1...v4.2.2">https://github.com/actions/cache/compare/v4.2.1...v4.2.2</a></p>
<h2>v4.2.1</h2>
<h2>What's Changed</h2>
<blockquote>
<p>[!IMPORTANT]
As a reminder, there were important backend changes to release v4.2.0,
see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those
release notes</a> and <a
href="https://github.com/actions/cache/discussions/1510">the
announcement</a> for more details.</p>
</blockquote>
<ul>
<li>docs: GitHub is spelled incorrectly in caching-strategies.md by <a
href="https://github.com/janco-absa"><code>@​janco-absa</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li>
<li>docs: Make the &quot;always save prime numbers&quot; example more
clear by <a href="https://github.com/Tobbe"><code>@​Tobbe</code></a> in
<a
href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li>
<li>Update force deletion docs due a recent deprecation by <a
href="https://github.com/sebbalex"><code>@​sebbalex</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li>
<li>Bump <code>@​actions/cache</code> to v4.0.1 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1554">actions/cache#1554</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/janco-absa"><code>@​janco-absa</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li>
<li><a href="https://github.com/Tobbe"><code>@​Tobbe</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li>
<li><a href="https://github.com/sebbalex"><code>@​sebbalex</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.0...v4.2.1">https://github.com/actions/cache/compare/v4.2.0...v4.2.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.2.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in
debug logs for cache entries)</li>
</ul>
<h3>4.2.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.2</li>
</ul>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5a3ec84eff"><code>5a3ec84</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1577">#1577</a>
from salmanmkc/salmanmkc/4-test</li>
<li><a
href="7de21022a7"><code>7de2102</code></a>
Update releases.md</li>
<li><a
href="76d40dd347"><code>76d40dd</code></a>
Update to use the latest version of the cache package to obfuscate the
SAS</li>
<li><a
href="76dd5eb692"><code>76dd5eb</code></a>
update cache with main</li>
<li><a
href="8c80c27c5e"><code>8c80c27</code></a>
new package</li>
<li><a
href="45cfd0e7ff"><code>45cfd0e</code></a>
updates</li>
<li><a
href="edd449b9cf"><code>edd449b</code></a>
updated cache with latest changes</li>
<li><a
href="0576707e37"><code>0576707</code></a>
latest test before pr</li>
<li><a
href="3105dc9754"><code>3105dc9</code></a>
update</li>
<li><a
href="9450d42d15"><code>9450d42</code></a>
mask</li>
<li>Additional commits viewable in <a
href="1bd1e32a3b...5a3ec84eff">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=4.2.0&new-version=4.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 17:17:25 +00:00
dependabot[bot]
78a2c4dcef build(deps): bump the sentry group in /rust/gui-client with 2 updates (#9744) 
Bumps the sentry group in /rust/gui-client with 2 updates:
[@sentry/core](https://github.com/getsentry/sentry-javascript) and
[@sentry/react](https://github.com/getsentry/sentry-javascript).

Updates `@sentry/core` from 9.27.0 to 9.33.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/releases"><code>@​sentry/core</code>'s
releases</a>.</em></p>
<blockquote>
<h2>9.33.0</h2>
<h3>Important Changes</h3>
<ul>
<li><strong>feat: Add opt-in <code>vercelAiIntegration</code> to
cloudflare &amp; vercel-edge (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16732">#16732</a>)</strong></li>
</ul>
<p>The <code>vercelAiIntegration</code> is now available as opt-in for
the Cloudflare and the Next.js SDK for Vercel Edge.
To use it, add the integration in <code>Sentry.init</code></p>
<pre lang="js"><code>Sentry.init({
  tracesSampleRate: 1.0,
  integrations: [Sentry.vercelAIIntegration()],
});
</code></pre>
<p>And enable telemetry for Vercel AI calls</p>
<pre lang="js"><code>const result = await generateText({
  model: openai('gpt-4o'),
  experimental_telemetry: {
    isEnabled: true,
  },
});
</code></pre>
<ul>
<li><strong>feat(node): Add postgresjs instrumentation (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16665">#16665</a>)</strong></li>
</ul>
<p>The Node.js SDK now includes instrumentation for <a
href="https://www.npmjs.com/package/postgres">Postgres.js</a>.</p>
<ul>
<li><strong>feat(node): Use diagnostics channel for Fastify v5 error
handling (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16715">#16715</a>)</strong></li>
</ul>
<p>If you're on Fastify v5, you no longer need to call
<code>setupFastifyErrorHandler</code>. It is done automatically by the
node SDK. Older versions still rely on calling
<code>setupFastifyErrorHandler</code>.</p>
<h3>Other Changes</h3>
<ul>
<li>feat(cloudflare): Allow interop with OpenTelemetry emitted spans (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16714">#16714</a>)</li>
<li>feat(cloudflare): Flush after <code>waitUntil</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16681">#16681</a>)</li>
<li>fix(nextjs): Remove <code>ai</code> from default server external
packages (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16736">#16736</a>)</li>
</ul>
<p>Work in this release was contributed by <a
href="https://github.com/0xbad0c0d3"><code>@​0xbad0c0d3</code></a>.
Thank you for your contribution!</p>
<h2>Bundle size 📦</h2>
<table>
<thead>
<tr>
<th>Path</th>
<th>Size</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>@​sentry/browser</code></td>
<td>23.42 KB</td>
</tr>
<tr>
<td><code>@​sentry/browser</code> - with treeshaking flags</td>
<td>23.2 KB</td>
</tr>
<tr>
<td><code>@​sentry/browser</code> (incl. Tracing)</td>
<td>37.93 KB</td>
</tr>
<tr>
<td><code>@​sentry/browser</code> (incl. Tracing, Replay)</td>
<td>75.18 KB</td>
</tr>
</tbody>
</table>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md"><code>@​sentry/core</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>9.33.0</h2>
<h3>Important Changes</h3>
<ul>
<li><strong>feat: Add opt-in <code>vercelAiIntegration</code> to
cloudflare &amp; vercel-edge (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16732">#16732</a>)</strong></li>
</ul>
<p>The <code>vercelAiIntegration</code> is now available as opt-in for
the Cloudflare and the Next.js SDK for Vercel Edge.
To use it, add the integration in <code>Sentry.init</code></p>
<pre lang="js"><code>Sentry.init({
  tracesSampleRate: 1.0,
  integrations: [Sentry.vercelAIIntegration()],
});
</code></pre>
<p>And enable telemetry for Vercel AI calls</p>
<pre lang="js"><code>const result = await generateText({
  model: openai('gpt-4o'),
  experimental_telemetry: {
    isEnabled: true,
  },
});
</code></pre>
<ul>
<li><strong>feat(node): Add postgresjs instrumentation (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16665">#16665</a>)</strong></li>
</ul>
<p>The Node.js SDK now includes instrumentation for <a
href="https://www.npmjs.com/package/postgres">Postgres.js</a>.</p>
<ul>
<li><strong>feat(node): Use diagnostics channel for Fastify v5 error
handling (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16715">#16715</a>)</strong></li>
</ul>
<p>If you're on Fastify v5, you no longer need to call
<code>setupFastifyErrorHandler</code>. It is done automatically by the
node SDK. Older versions still rely on calling
<code>setupFastifyErrorHandler</code>.</p>
<h3>Other Changes</h3>
<ul>
<li>feat(cloudflare): Allow interop with OpenTelemetry emitted spans (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16714">#16714</a>)</li>
<li>feat(cloudflare): Flush after <code>waitUntil</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16681">#16681</a>)</li>
<li>fix(nextjs): Remove <code>ai</code> from default server external
packages (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16736">#16736</a>)</li>
</ul>
<p>Work in this release was contributed by <a
href="https://github.com/0xbad0c0d3"><code>@​0xbad0c0d3</code></a>.
Thank you for your contribution!</p>
<h2>9.32.0</h2>
<h3>Important Changes</h3>
<ul>
<li>feat(browser): Add CLS sources to span attributes (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16710">#16710</a>)</li>
</ul>
<p>Enhances CLS (Cumulative Layout Shift) spans by adding attributes
detailing the elements that caused layout shifts.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="70e425f9bf"><code>70e425f</code></a>
release: 9.33.0</li>
<li><a
href="c07f2a21f3"><code>c07f2a2</code></a>
Merge pull request <a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16750">#16750</a>
from getsentry/prepare-release/9.33.0</li>
<li><a
href="e8eb291938"><code>e8eb291</code></a>
meta(changelog): Update changelog for 9.33.0</li>
<li><a
href="e7891f749f"><code>e7891f7</code></a>
chore: Add external contributor to CHANGELOG.md (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16747">#16747</a>)</li>
<li><a
href="c20a3c4b20"><code>c20a3c4</code></a>
feat(cloudflare): Flush after <code>waitUntil</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16681">#16681</a>)</li>
<li><a
href="510ba3eba9"><code>510ba3e</code></a>
feat(node): Add postgresjs instrumentation (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16665">#16665</a>)</li>
<li><a
href="f916be14ac"><code>f916be1</code></a>
feat(node): Use diagnostics channel for Fastify v5 error handling (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16715">#16715</a>)</li>
<li><a
href="40f04bc671"><code>40f04bc</code></a>
feat: Add opt-in <code>vercelAiIntegration</code> to cloudflare &amp;
vercel-edge (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16732">#16732</a>)</li>
<li><a
href="ae30471893"><code>ae30471</code></a>
test(nuxt): Add fake module and composable to E2E test (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16731">#16731</a>)</li>
<li><a
href="43403dc2dc"><code>43403dc</code></a>
fix(nextjs): Remove <code>ai</code> from default server external
packages (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16736">#16736</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-javascript/compare/9.27.0...9.33.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `@sentry/react` from 9.27.0 to 9.33.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/releases"><code>@​sentry/react</code>'s
releases</a>.</em></p>
<blockquote>
<h2>9.33.0</h2>
<h3>Important Changes</h3>
<ul>
<li><strong>feat: Add opt-in <code>vercelAiIntegration</code> to
cloudflare &amp; vercel-edge (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16732">#16732</a>)</strong></li>
</ul>
<p>The <code>vercelAiIntegration</code> is now available as opt-in for
the Cloudflare and the Next.js SDK for Vercel Edge.
To use it, add the integration in <code>Sentry.init</code></p>
<pre lang="js"><code>Sentry.init({
  tracesSampleRate: 1.0,
  integrations: [Sentry.vercelAIIntegration()],
});
</code></pre>
<p>And enable telemetry for Vercel AI calls</p>
<pre lang="js"><code>const result = await generateText({
  model: openai('gpt-4o'),
  experimental_telemetry: {
    isEnabled: true,
  },
});
</code></pre>
<ul>
<li><strong>feat(node): Add postgresjs instrumentation (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16665">#16665</a>)</strong></li>
</ul>
<p>The Node.js SDK now includes instrumentation for <a
href="https://www.npmjs.com/package/postgres">Postgres.js</a>.</p>
<ul>
<li><strong>feat(node): Use diagnostics channel for Fastify v5 error
handling (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16715">#16715</a>)</strong></li>
</ul>
<p>If you're on Fastify v5, you no longer need to call
<code>setupFastifyErrorHandler</code>. It is done automatically by the
node SDK. Older versions still rely on calling
<code>setupFastifyErrorHandler</code>.</p>
<h3>Other Changes</h3>
<ul>
<li>feat(cloudflare): Allow interop with OpenTelemetry emitted spans (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16714">#16714</a>)</li>
<li>feat(cloudflare): Flush after <code>waitUntil</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16681">#16681</a>)</li>
<li>fix(nextjs): Remove <code>ai</code> from default server external
packages (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16736">#16736</a>)</li>
</ul>
<p>Work in this release was contributed by <a
href="https://github.com/0xbad0c0d3"><code>@​0xbad0c0d3</code></a>.
Thank you for your contribution!</p>
<h2>Bundle size 📦</h2>
<table>
<thead>
<tr>
<th>Path</th>
<th>Size</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>@​sentry/browser</code></td>
<td>23.42 KB</td>
</tr>
<tr>
<td><code>@​sentry/browser</code> - with treeshaking flags</td>
<td>23.2 KB</td>
</tr>
<tr>
<td><code>@​sentry/browser</code> (incl. Tracing)</td>
<td>37.93 KB</td>
</tr>
<tr>
<td><code>@​sentry/browser</code> (incl. Tracing, Replay)</td>
<td>75.18 KB</td>
</tr>
</tbody>
</table>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md"><code>@​sentry/react</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>9.33.0</h2>
<h3>Important Changes</h3>
<ul>
<li><strong>feat: Add opt-in <code>vercelAiIntegration</code> to
cloudflare &amp; vercel-edge (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16732">#16732</a>)</strong></li>
</ul>
<p>The <code>vercelAiIntegration</code> is now available as opt-in for
the Cloudflare and the Next.js SDK for Vercel Edge.
To use it, add the integration in <code>Sentry.init</code></p>
<pre lang="js"><code>Sentry.init({
  tracesSampleRate: 1.0,
  integrations: [Sentry.vercelAIIntegration()],
});
</code></pre>
<p>And enable telemetry for Vercel AI calls</p>
<pre lang="js"><code>const result = await generateText({
  model: openai('gpt-4o'),
  experimental_telemetry: {
    isEnabled: true,
  },
});
</code></pre>
<ul>
<li><strong>feat(node): Add postgresjs instrumentation (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16665">#16665</a>)</strong></li>
</ul>
<p>The Node.js SDK now includes instrumentation for <a
href="https://www.npmjs.com/package/postgres">Postgres.js</a>.</p>
<ul>
<li><strong>feat(node): Use diagnostics channel for Fastify v5 error
handling (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16715">#16715</a>)</strong></li>
</ul>
<p>If you're on Fastify v5, you no longer need to call
<code>setupFastifyErrorHandler</code>. It is done automatically by the
node SDK. Older versions still rely on calling
<code>setupFastifyErrorHandler</code>.</p>
<h3>Other Changes</h3>
<ul>
<li>feat(cloudflare): Allow interop with OpenTelemetry emitted spans (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16714">#16714</a>)</li>
<li>feat(cloudflare): Flush after <code>waitUntil</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16681">#16681</a>)</li>
<li>fix(nextjs): Remove <code>ai</code> from default server external
packages (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16736">#16736</a>)</li>
</ul>
<p>Work in this release was contributed by <a
href="https://github.com/0xbad0c0d3"><code>@​0xbad0c0d3</code></a>.
Thank you for your contribution!</p>
<h2>9.32.0</h2>
<h3>Important Changes</h3>
<ul>
<li>feat(browser): Add CLS sources to span attributes (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/16710">#16710</a>)</li>
</ul>
<p>Enhances CLS (Cumulative Layout Shift) spans by adding attributes
detailing the elements that caused layout shifts.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="70e425f9bf"><code>70e425f</code></a>
release: 9.33.0</li>
<li><a
href="c07f2a21f3"><code>c07f2a2</code></a>
Merge pull request <a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16750">#16750</a>
from getsentry/prepare-release/9.33.0</li>
<li><a
href="e8eb291938"><code>e8eb291</code></a>
meta(changelog): Update changelog for 9.33.0</li>
<li><a
href="e7891f749f"><code>e7891f7</code></a>
chore: Add external contributor to CHANGELOG.md (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16747">#16747</a>)</li>
<li><a
href="c20a3c4b20"><code>c20a3c4</code></a>
feat(cloudflare): Flush after <code>waitUntil</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16681">#16681</a>)</li>
<li><a
href="510ba3eba9"><code>510ba3e</code></a>
feat(node): Add postgresjs instrumentation (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16665">#16665</a>)</li>
<li><a
href="f916be14ac"><code>f916be1</code></a>
feat(node): Use diagnostics channel for Fastify v5 error handling (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16715">#16715</a>)</li>
<li><a
href="40f04bc671"><code>40f04bc</code></a>
feat: Add opt-in <code>vercelAiIntegration</code> to cloudflare &amp;
vercel-edge (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16732">#16732</a>)</li>
<li><a
href="ae30471893"><code>ae30471</code></a>
test(nuxt): Add fake module and composable to E2E test (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16731">#16731</a>)</li>
<li><a
href="43403dc2dc"><code>43403dc</code></a>
fix(nextjs): Remove <code>ai</code> from default server external
packages (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/16736">#16736</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-javascript/compare/9.27.0...9.33.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 17:15:07 +00:00
dependabot[bot]
ad126f72ba build(deps): bump nimble_csv from 1.2.0 to 1.3.0 in /elixir (#9757) 
Bumps [nimble_csv](https://github.com/dashbitco/nimble_csv) from 1.2.0
to 1.3.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/dashbitco/nimble_csv/blob/master/CHANGELOG.md">nimble_csv's
changelog</a>.</em></p>
<blockquote>
<h2>v1.3.0 (2025-06-24)</h2>
<ul>
<li>Require Elixir 1.15+</li>
<li>Add <code>generated: true</code> to <code>newlines_separator</code>
macro</li>
<li>Fix warnings on Elixir 1.20+</li>
<li>Document OWASP official recommendations for CSV injections</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2fc3cbf4b5"><code>2fc3cbf</code></a>
Release v1.3.0</li>
<li><a
href="1c3b383dd9"><code>1c3b383</code></a>
Update ex_doc</li>
<li><a
href="da38c6ac6b"><code>da38c6a</code></a>
Document OWASP official recommendations for CSV injections (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/86">#86</a>)</li>
<li><a
href="2b4a5e0da6"><code>2b4a5e0</code></a>
Support Elixir 1.18 in CI (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/84">#84</a>)</li>
<li><a
href="020ea8297e"><code>020ea82</code></a>
Update docs</li>
<li><a
href="106e298ec7"><code>106e298</code></a>
Fix warnings on Elixir 1.20+ (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/83">#83</a>)</li>
<li><a
href="57e0858100"><code>57e0858</code></a>
CI housekeeping (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/82">#82</a>)</li>
<li><a
href="8cf912e204"><code>8cf912e</code></a>
Add generated to newlines_separator macro (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/81">#81</a>)</li>
<li><a
href="3b2e2f7f2a"><code>3b2e2f7</code></a>
Document parse error, closes <a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/78">#78</a></li>
<li><a
href="0b2390440a"><code>0b23904</code></a>
Add benchmarks using benchee (<a
href="https://redirect.github.com/dashbitco/nimble_csv/issues/76">#76</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/dashbitco/nimble_csv/compare/v1.2.0...v1.3.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=nimble_csv&package-manager=hex&previous-version=1.2.0&new-version=1.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 17:13:03 +00:00
dependabot[bot]
afbadf1acb build(deps-dev): bump mix_audit from 2.1.4 to 2.1.5 in /elixir (#9753) 
Bumps [mix_audit](https://github.com/mirego/mix_audit) from 2.1.4 to
2.1.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mirego/mix_audit/blob/main/CHANGELOG.md">mix_audit's
changelog</a>.</em></p>
<blockquote>
<h2>2.1.5 (2025-06-09)</h2>
<ul>
<li>Update dependencies</li>
<li>Use <code>System.stop/1</code> instead of
<code>System.halt/1</code></li>
<li>Use <code>System.user_home()</code> instead of
<code>System.get_env(&quot;HOME&quot;)</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a3a6c1cbf4"><code>a3a6c1c</code></a>
v2.1.5</li>
<li><a
href="aa630f7e91"><code>aa630f7</code></a>
Update CHANGELOG.md</li>
<li><a
href="14f3511a92"><code>14f3511</code></a>
Bump ex_doc from 0.38.1 to 0.38.2</li>
<li><a
href="14698645b0"><code>1469864</code></a>
refactor: use <code>System.stop/1</code> to enable caller to rescue
tasks</li>
<li><a
href="5b43bcb989"><code>5b43bcb</code></a>
Bump ex_doc from 0.37.3 to 0.38.1</li>
<li><a
href="572a0bfdb3"><code>572a0bf</code></a>
Bump ex_doc from 0.34.2 to 0.37.3</li>
<li><a
href="7247db4543"><code>7247db4</code></a>
Bump jason from 1.4.3 to 1.4.4</li>
<li><a
href="11580d4125"><code>11580d4</code></a>
Change home to platform independent function</li>
<li><a
href="41c96c476a"><code>41c96c4</code></a>
Revert a commit that was temporary to test something locally 🤦‍♂️</li>
<li><a
href="876645af75"><code>876645a</code></a>
Use latest Ubuntu and support Elixir 1.18 and 1.17 in CI</li>
<li>Additional commits viewable in <a
href="https://github.com/mirego/mix_audit/compare/v2.1.4...v2.1.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=mix_audit&package-manager=hex&previous-version=2.1.4&new-version=2.1.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 17:12:43 +00:00
dependabot[bot]
386df2c62b build(deps): bump framer-motion from 12.16.0 to 12.20.2 in /website (#9747) 
Bumps [framer-motion](https://github.com/motiondivision/motion) from
12.16.0 to 12.20.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/motiondivision/motion/blob/main/CHANGELOG.md">framer-motion's
changelog</a>.</em></p>
<blockquote>
<h2>[12.20.2] 2025-07-01</h2>
<h3>Fixed</h3>
<ul>
<li>Updated <code>Transition</code> type to be more permissive.</li>
</ul>
<h2>[12.20.1] 2025-06-30</h2>
<h3>Fixed</h3>
<ul>
<li>Updated <code>Target</code> type to match previous definition.</li>
</ul>
<h2>[12.20.0] 2025-06-30</h2>
<h3>Added</h3>
<ul>
<li>Pass a shadow DOM root element via <code>AnimatePresence</code>
<code>root</code> prop to attach <code>&quot;popLayout&quot;</code>
styles to a different root element.</li>
</ul>
<h2>[12.19.4] 2025-06-30</h2>
<h3>Fixed</h3>
<ul>
<li>Ensure animations are removed from scope when finished.</li>
</ul>
<h2>[12.19.3] 2025-06-27</h2>
<h3>Fixed</h3>
<ul>
<li>Restore some deprecated types.</li>
<li>Add <code>transformPerspective</code> to
<code>TargetAndTransition</code>.</li>
<li>Filter number-indexed and function props from
<code>CSSStyleDeclaration</code>.</li>
</ul>
<h2>[12.19.2] 2025-06-27</h2>
<h3>Fixed</h3>
<ul>
<li>React: Prevent duplicate layout animation commits within Suspense
boundaries.</li>
</ul>
<h2>[12.19.1] 2025-06-23</h2>
<h3>Fixed</h3>
<ul>
<li>React: Fix <code>export *</code> error message in Next.js.</li>
</ul>
<h2>[12.19.0] 2025-06-23</h2>
<h3>Added</h3>
<ul>
<li>React: <code>usePageInView</code> for tracking document
visibility.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="dfc74a0438"><code>dfc74a0</code></a>
v12.20.2</li>
<li><a
href="2c1999c14c"><code>2c1999c</code></a>
Updating changelog</li>
<li><a
href="d613a81077"><code>d613a81</code></a>
Merge pull request <a
href="https://redirect.github.com/motiondivision/motion/issues/3295">#3295</a>
from motiondivision/fix/permissive-transition-type</li>
<li><a
href="44259cacd1"><code>44259ca</code></a>
Fixing types</li>
<li><a
href="3349569edb"><code>3349569</code></a>
Updating types</li>
<li><a
href="a2154e9619"><code>a2154e9</code></a>
v12.20.1</li>
<li><a
href="1816ecf362"><code>1816ecf</code></a>
Updating types</li>
<li><a
href="42f57fc583"><code>42f57fc</code></a>
Updating changelog</li>
<li><a
href="6b74525b52"><code>6b74525</code></a>
v12.20.0</li>
<li><a
href="342bca50f1"><code>342bca5</code></a>
Fixing tests</li>
<li>Additional commits viewable in <a
href="https://github.com/motiondivision/motion/compare/v12.16.0...v12.20.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=framer-motion&package-manager=npm_and_yarn&previous-version=12.16.0&new-version=12.20.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 17:12:32 +00:00
dependabot[bot]
64819e43b8 build(deps): bump postcss from 8.5.4 to 8.5.6 in /website (#9746) 
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.4 to 8.5.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.5.6</h2>
<ul>
<li>Fixed <code>ContainerWithChildren</code> type discriminating (by <a
href="https://github.com/Goodwine"><code>@​Goodwine</code></a>).</li>
</ul>
<h2>8.5.5</h2>
<ul>
<li>Fixed <code>package.json</code>→<code>exports</code> compatibility
with some tools (by <a
href="https://github.com/JounQin"><code>@​JounQin</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.5.6</h2>
<ul>
<li>Fixed <code>ContainerWithChildren</code> type discriminating (by <a
href="https://github.com/Goodwine"><code>@​Goodwine</code></a>).</li>
</ul>
<h2>8.5.5</h2>
<ul>
<li>Fixed <code>package.json</code>→<code>exports</code> compatibility
with some tools (by <a
href="https://github.com/JounQin"><code>@​JounQin</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="91d6eb5c3d"><code>91d6eb5</code></a>
Release 8.5.6 version</li>
<li><a
href="65ffc55117"><code>65ffc55</code></a>
Update dependencies</li>
<li><a
href="ecd20eb7f9"><code>ecd20eb</code></a>
Fix ContainerWithChildren to allow discriminating the node type by
comparing ...</li>
<li><a
href="c18159719e"><code>c181597</code></a>
Release 8.5.5 version</li>
<li><a
href="c5523fbec5"><code>c5523fb</code></a>
Update dependencies</li>
<li><a
href="2e3450c55f"><code>2e3450c</code></a>
refactor: <code>import</code> should be listed before
<code>require</code> (<a
href="https://redirect.github.com/postcss/postcss/issues/2052">#2052</a>)</li>
<li><a
href="4d720bd01a"><code>4d720bd</code></a>
Update EM text</li>
<li>See full diff in <a
href="https://github.com/postcss/postcss/compare/8.5.4...8.5.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=postcss&package-manager=npm_and_yarn&previous-version=8.5.4&new-version=8.5.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 17:11:14 +00:00
dependabot[bot]
c700d30371 build(deps): bump ecto_sql from 3.12.1 to 3.13.2 in /elixir (#9748) 
Bumps [ecto_sql](https://github.com/elixir-ecto/ecto_sql) from 3.12.1 to
3.13.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-ecto/ecto_sql/blob/master/CHANGELOG.md">ecto_sql's
changelog</a>.</em></p>
<blockquote>
<h2>v3.13.2 (2025-06-24)</h2>
<h3>Enhancements</h3>
<ul>
<li>[sandbox] Allow passing through opts in
<code>Ecto.Adapters.SQL.Sandbox.allow/4</code> calls</li>
<li>[sql] Add support for <code>ON DELETE SET DEFAULT</code></li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>[postgres] Fix nested array generated time columns</li>
</ul>
<h2>v3.13.1 (2025-06-20)</h2>
<h3>Bug fixes</h3>
<ul>
<li>[postgres] Fix nested array generated columns</li>
</ul>
<h2>v3.13.0 (2025-06-18)</h2>
<h3>Enhancements</h3>
<ul>
<li>[Ecto.Migration] Add support for index directions</li>
<li>[sql] Support <code>:log_stacktrace_mfa</code> for filtering or
modifying stacktrace-derived info in query logs</li>
<li>[mysql] Support arrays using JSON for MariaDB</li>
<li>[mysql] Allow to specify <code>:prepare</code> per operation</li>
<li>[postgres] Add support for collations in Postgres</li>
<li>[postgres] Allow source fields in
<code>json_extract_path</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cf5080c1a4"><code>cf5080c</code></a>
Release v3.13.2</li>
<li><a
href="b87638180f"><code>b876381</code></a>
Refactor generated handling in column_type</li>
<li><a
href="62603f88b6"><code>62603f8</code></a>
Fix generated nested time array (<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/680">#680</a>)</li>
<li><a
href="701c99e97f"><code>701c99e</code></a>
Add support for <code>ON DELETE SET DEFAULT</code> (<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/677">#677</a>)</li>
<li><a
href="79590224dc"><code>7959022</code></a>
Allow passing through opts in Ecto.Adapters.SQL.Sandbox.allow/4 calls
(<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/678">#678</a>)</li>
<li><a
href="22c71121b7"><code>22c7112</code></a>
Release v3.13.1</li>
<li><a
href="35e27985ec"><code>35e2798</code></a>
Fix nested array generated columns (<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/676">#676</a>)</li>
<li><a
href="955f0fbf8f"><code>955f0fb</code></a>
Release v3.13.0</li>
<li><a
href="aa9a3291f7"><code>aa9a329</code></a>
Remove unused argument from private helper (<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/672">#672</a>)</li>
<li><a
href="3084d7150d"><code>3084d71</code></a>
Better docs for Repos that use <code>Ecto.Adapters.SQL.Adapter</code>
(<a
href="https://redirect.github.com/elixir-ecto/ecto_sql/issues/671">#671</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/elixir-ecto/ecto_sql/compare/v3.12.1...v3.13.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ecto_sql&package-manager=hex&previous-version=3.12.1&new-version=3.13.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 17:10:59 +00:00
dependabot[bot]
c26e1a39f5 build(deps): bump @next/third-parties from 15.3.3 to 15.3.4 in /website (#9762) 
Bumps
[@next/third-parties](https://github.com/vercel/next.js/tree/HEAD/packages/third-parties)
from 15.3.3 to 15.3.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vercel/next.js/releases"><code>@​next/third-parties</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v15.3.4</h2>
<blockquote>
<p>[!NOTE]<br />
This release is backporting bug fixes. It does <strong>not</strong>
include all pending features/changes on canary.</p>
</blockquote>
<h3>Core Changes</h3>
<ul>
<li>[metadata] render streaming metadata on the top level (<a
href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/80566">#80566</a>)</li>
<li>[fix] clone the config module to avoid mutation (<a
href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/80573">#80573</a>)</li>
</ul>
<h3>Credits</h3>
<p>Huge thanks to <a
href="https://github.com/huozhi"><code>@​huozhi</code></a> for
helping!</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f9e98b9ce3"><code>f9e98b9</code></a>
v15.3.4</li>
<li>See full diff in <a
href="https://github.com/vercel/next.js/commits/v15.3.4/packages/third-parties">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@next/third-parties&package-manager=npm_and_yarn&previous-version=15.3.3&new-version=15.3.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 17:10:38 +00:00
dependabot[bot]
306d30271a build(deps): bump actions/cache from 4.2.0 to 4.2.3 in /.github/actions/setup-tauri-v2 (#9761) 
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.0 to
4.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use <code>@​actions/cache</code> 4.0.3 package &amp;
prepare for new release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a>
(SAS tokens for cache entries are now masked in debug logs)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.2...v4.2.3">https://github.com/actions/cache/compare/v4.2.2...v4.2.3</a></p>
<h2>v4.2.2</h2>
<h2>What's Changed</h2>
<blockquote>
<p>[!IMPORTANT]
As a reminder, there were important backend changes to release v4.2.0,
see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those
release notes</a> and <a
href="https://github.com/actions/cache/discussions/1510">the
announcement</a> for more details.</p>
</blockquote>
<ul>
<li>Bump <code>@​actions/cache</code> to v4.0.2 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1560">actions/cache#1560</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.1...v4.2.2">https://github.com/actions/cache/compare/v4.2.1...v4.2.2</a></p>
<h2>v4.2.1</h2>
<h2>What's Changed</h2>
<blockquote>
<p>[!IMPORTANT]
As a reminder, there were important backend changes to release v4.2.0,
see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those
release notes</a> and <a
href="https://github.com/actions/cache/discussions/1510">the
announcement</a> for more details.</p>
</blockquote>
<ul>
<li>docs: GitHub is spelled incorrectly in caching-strategies.md by <a
href="https://github.com/janco-absa"><code>@​janco-absa</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li>
<li>docs: Make the &quot;always save prime numbers&quot; example more
clear by <a href="https://github.com/Tobbe"><code>@​Tobbe</code></a> in
<a
href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li>
<li>Update force deletion docs due a recent deprecation by <a
href="https://github.com/sebbalex"><code>@​sebbalex</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li>
<li>Bump <code>@​actions/cache</code> to v4.0.1 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1554">actions/cache#1554</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/janco-absa"><code>@​janco-absa</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li>
<li><a href="https://github.com/Tobbe"><code>@​Tobbe</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li>
<li><a href="https://github.com/sebbalex"><code>@​sebbalex</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.0...v4.2.1">https://github.com/actions/cache/compare/v4.2.0...v4.2.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.2.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in
debug logs for cache entries)</li>
</ul>
<h3>4.2.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.2</li>
</ul>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5a3ec84eff"><code>5a3ec84</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1577">#1577</a>
from salmanmkc/salmanmkc/4-test</li>
<li><a
href="7de21022a7"><code>7de2102</code></a>
Update releases.md</li>
<li><a
href="76d40dd347"><code>76d40dd</code></a>
Update to use the latest version of the cache package to obfuscate the
SAS</li>
<li><a
href="76dd5eb692"><code>76dd5eb</code></a>
update cache with main</li>
<li><a
href="8c80c27c5e"><code>8c80c27</code></a>
new package</li>
<li><a
href="45cfd0e7ff"><code>45cfd0e</code></a>
updates</li>
<li><a
href="edd449b9cf"><code>edd449b</code></a>
updated cache with latest changes</li>
<li><a
href="0576707e37"><code>0576707</code></a>
latest test before pr</li>
<li><a
href="3105dc9754"><code>3105dc9</code></a>
update</li>
<li><a
href="9450d42d15"><code>9450d42</code></a>
mask</li>
<li>Additional commits viewable in <a
href="1bd1e32a3b...5a3ec84eff">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=4.2.0&new-version=4.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 15:15:43 +00:00
dependabot[bot]
b8b255c79f build(deps): bump taiki-e/install-action from 2.52.6 to 2.55.3 (#9749) 
Bumps
[taiki-e/install-action](https://github.com/taiki-e/install-action) from
2.52.6 to 2.55.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/releases">taiki-e/install-action's
releases</a>.</em></p>
<blockquote>
<h2>2.55.3</h2>
<ul>
<li>Update <code>dprint@latest</code> to 0.50.1.</li>
</ul>
<h2>2.55.2</h2>
<ul>
<li>
<p>Update <code>zizmor@latest</code> to 1.11.0.</p>
</li>
<li>
<p>Update <code>cargo-dinghy@latest</code> to 0.8.1.</p>
</li>
</ul>
<h2>2.55.1</h2>
<ul>
<li>
<p>Update <code>vacuum@latest</code> to 0.17.1.</p>
</li>
<li>
<p>Update <code>typos@latest</code> to 1.34.0.</p>
</li>
</ul>
<h2>2.55.0</h2>
<ul>
<li>
<p>Support <code>vacuum</code>. (<a
href="https://redirect.github.com/taiki-e/install-action/pull/1016">#1016</a>,
thanks <a
href="https://github.com/jayvdb"><code>@​jayvdb</code></a>)</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.3.2.</p>
</li>
</ul>
<h2>2.54.3</h2>
<ul>
<li>Update <code>cargo-careful@latest</code> to 0.4.8.</li>
</ul>
<h2>2.54.2</h2>
<ul>
<li>
<p>Update <code>rclone@latest</code> to 1.70.2.</p>
</li>
<li>
<p>Update <code>zizmor@latest</code> to 1.10.0.</p>
</li>
</ul>
<h2>2.54.1</h2>
<ul>
<li>
<p>Update <code>wasmtime@latest</code> to 34.0.1.</p>
</li>
<li>
<p>Update <code>cargo-tarpaulin@latest</code> to 0.32.8.</p>
</li>
<li>
<p>Update <code>knope@latest</code> to 0.21.0.</p>
</li>
</ul>
<h2>2.54.0</h2>
<ul>
<li>
<p>Add <code>cyclonedx</code> (<a
href="https://redirect.github.com/taiki-e/install-action/pull/1000">#1000</a>,
thanks <a
href="https://github.com/jayvdb"><code>@​jayvdb</code></a>)</p>
</li>
<li>
<p>Update <code>wasmtime@latest</code> to 34.0.0.</p>
</li>
<li>
<p>Update <code>rclone@latest</code> to 1.70.1.</p>
</li>
<li>
<p>Update <code>cargo-binstall@latest</code> to 1.14.1.</p>
</li>
<li>
<p>Update <code>release-plz@latest</code> to 0.3.136.</p>
</li>
</ul>
<h2>2.53.2</h2>
<ul>
<li>
<p>Fix <code>cargo-nextest</code> installation failure on Ubuntu 24.04
due to HTTP 403 error on requests to crates.io. (<a
href="https://redirect.github.com/taiki-e/install-action/pull/1007">#1007</a>)</p>
</li>
<li>
<p>Update <code>rclone@latest</code> to 1.70.0.</p>
</li>
</ul>
<h2>2.53.1</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md">taiki-e/install-action's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>This project adheres to <a href="https://semver.org">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased]</h2>
<ul>
<li>
<p>Update <code>trivy@latest</code> to 0.64.0.</p>
</li>
<li>
<p>Update <code>just@latest</code> to 1.41.0.</p>
</li>
</ul>
<h2>[2.55.3] - 2025-06-30</h2>
<ul>
<li>Update <code>dprint@latest</code> to 0.50.1.</li>
</ul>
<h2>[2.55.2] - 2025-06-30</h2>
<ul>
<li>
<p>Update <code>zizmor@latest</code> to 1.11.0.</p>
</li>
<li>
<p>Update <code>cargo-dinghy@latest</code> to 0.8.1.</p>
</li>
</ul>
<h2>[2.55.1] - 2025-06-30</h2>
<ul>
<li>
<p>Update <code>vacuum@latest</code> to 0.17.1.</p>
</li>
<li>
<p>Update <code>typos@latest</code> to 1.34.0.</p>
</li>
</ul>
<h2>[2.55.0] - 2025-06-30</h2>
<ul>
<li>
<p>Support <code>vacuum</code>. (<a
href="https://redirect.github.com/taiki-e/install-action/pull/1016">#1016</a>,
thanks <a
href="https://github.com/jayvdb"><code>@​jayvdb</code></a>)</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.3.2.</p>
</li>
</ul>
<h2>[2.54.3] - 2025-06-28</h2>
<ul>
<li>Update <code>cargo-careful@latest</code> to 0.4.8.</li>
</ul>
<h2>[2.54.2] - 2025-06-27</h2>
<ul>
<li>
<p>Update <code>rclone@latest</code> to 1.70.2.</p>
</li>
<li>
<p>Update <code>zizmor@latest</code> to 1.10.0.</p>
</li>
</ul>
<h2>[2.54.1] - 2025-06-25</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9ca1734d89"><code>9ca1734</code></a>
Release 2.55.3</li>
<li><a
href="03194083f7"><code>0319408</code></a>
Update <code>dprint@latest</code> to 0.50.1</li>
<li><a
href="078fd1effe"><code>078fd1e</code></a>
Release 2.55.2</li>
<li><a
href="70afd9d53f"><code>70afd9d</code></a>
Update <code>zizmor@latest</code> to 1.11.0</li>
<li><a
href="1e57335387"><code>1e57335</code></a>
Update <code>cargo-dinghy@latest</code> to 0.8.1</li>
<li><a
href="491d37bbaa"><code>491d37b</code></a>
Release 2.55.1</li>
<li><a
href="8d74873246"><code>8d74873</code></a>
Update <code>vacuum@latest</code> to 0.17.1</li>
<li><a
href="d85c2f7865"><code>d85c2f7</code></a>
Update <code>typos@latest</code> to 1.34.0</li>
<li><a
href="e70e8600a5"><code>e70e860</code></a>
Release 2.55.0</li>
<li><a
href="407c37f889"><code>407c37f</code></a>
Update changelog</li>
<li>Additional commits viewable in <a
href="1cefd1553b...9ca1734d89">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=taiki-e/install-action&package-manager=github_actions&previous-version=2.52.6&new-version=2.55.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 15:10:09 +00:00