- [x] make sure that session cookie for client is stored separately from
session cookie for the portal (will close#2647 and #2032)
- [x] #2622
- [ ] #2501
- [ ] show identity tokens and allow rotating/deleting them (#2138)
- [ ] #2042
- [ ] use Tokens context for Relays and Gateways to remove duplication
- [x] #2823
- [ ] Expire LiveView sockets when subject is expired
- [ ] Service Accounts UI is ambiguous now because of token identity and
actual token shown
- [ ] Limit subject permissions based on token type
Closes#2924. Now we extend the lifetime for client tokens, but not for
browsers.
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.11 to 4.4.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.13</h2>
<h2>[4.4.13] - 2024-01-04</h2>
<h3>Documentation</h3>
<ul>
<li>Fix link to structopt migration guide</li>
</ul>
<h2>v4.4.12</h2>
<h2>[4.4.12] - 2023-12-28</h2>
<h3>Performance</h3>
<ul>
<li>Only ask <code>TypedValueParser</code> for possible values if
needed</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.4.13] - 2024-01-04</h2>
<h3>Documentation</h3>
<ul>
<li>Fix link to structopt migration guide</li>
</ul>
<h2>[4.4.12] - 2023-12-28</h2>
<h3>Performance</h3>
<ul>
<li>Only ask <code>TypedValueParser</code> for possible values if
needed</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2ab48b295c"><code>2ab48b2</code></a>
chore: Release</li>
<li><a
href="7a06a8cd61"><code>7a06a8c</code></a>
docs: Update changelog</li>
<li><a
href="cca190efed"><code>cca190e</code></a>
docs: Correct link to StructOpt migration guide</li>
<li><a
href="5c31f453c1"><code>5c31f45</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5281">#5281</a>
from Manishearth/safety-docs</li>
<li><a
href="ddae7e6f41"><code>ddae7e6</code></a>
Correct safety docs</li>
<li><a
href="48d28aa689"><code>48d28aa</code></a>
chore: Release</li>
<li><a
href="748ce18cc2"><code>748ce18</code></a>
docs: Update changelog</li>
<li><a
href="adbe6ec4cb"><code>adbe6ec</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5278">#5278</a>
from henry-hsieh/fix-nosort</li>
<li><a
href="2b48858ba8"><code>2b48858</code></a>
fix: Skip nosort option below bash 4.4</li>
<li><a
href="777b744102"><code>777b744</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5277">#5277</a>
from clap-rs/renovate/actions-setup-python-5.x</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/v4.4.11...v4.4.13">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This PR makes the Apple client use the scheme defined in #2823 so that
the portal can use a consistent scheme for all clients.
It's a draft because it hasn't been integration-tested with the related
portal changes.
---------
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Related to this discussion
https://github.com/firezone/firezone/pull/2990#discussion_r1439629571
Add a dependency on the `tracing-panic` crate. This is about 100 lines
of code that adds a panic handle so app panics get a line number, file
name, etc. in the logs. No backtrace I think since we stripe symbols for
release builds. I _think_ the line numbers are baked into the panic
macro so those might still stay.
@conectado I should remove the debug command before closing it, right?
- Fix permissions and caps on each start
- Fixes incompatibility with some systemd versions that barf at the
inline `ExecStartPre`
- Fixes erroneous error printed by iptables
- Fixes masquerading not working for wireless interfaces
- Single-step systemd copy-paste command
- Fixes#2944
- Fixes#3124
- Fixes#3112
Tested on CentOS 7 and Ubuntu 22.04
Why:
* The previous font being used in the portal (Source Sans Pro) did not
have multiple weights available, which meant that the `font-*` classes
on all html tags were not being used. Switching to Source Sans 3
allows all but 1 (`font-thin` or `100` is not present) of the Tailwind
font sizes to be used.
Closes#2893
Attempt to fix#2881.
I can't reproduce the exact issue anymore, but I'm guessing activating
the app causes the web view window to lose selectedness. So we don't do
that in the PR.
Also, this PR fixes the scenario where the app is quit while the web
view is shown -- we now close the webview window in that case.
This will fix#3114 and save about 13 seconds at startup, compared to
shelling out to Powershell.
I'm not 100% sure it works for IPv6 routes - I'm setting port, flowinfo,
and scope to 0 and just assuming that it's fine.
For some reason Windows wants a socket address in this API even though I
don't think the port is used for anything.
When the tunnel crashes, we won't have a chance to write why the tunnel
disconnected in a file in the tunnel process. In that case too, this PR
makes the app try to reconnect.
Fixes#2898
Fixing a potential race when we update the login status (looking into
the keychain) from the tunnel auth status.
This might have been a cause for #2928 as well.
* Remove PostHog from product
* Remove PostHog from website
* Add Mixpanel to website
Why? PostHog is a bit too much overhead for simple analytics for us for
now, and some of the bugs we hit prevented us from using certain
workflows.
We are still tracking `ping` events from legacy instances in PostHog.
I've also removed the 200 ms sleep I was using for debugging.
This does mean the GUI flashes through a bunch of messages when you
first open the tab. We could use a timer to hide those later on.
Bumps
[@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom)
from 18.2.14 to 18.2.18.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.31 to
8.4.32.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.4.32</h2>
<ul>
<li>Fixed <code>postcss().process()</code> types (by <a
href="https://github.com/ferreira-tb"><code>@ferreira-tb</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.4.32</h2>
<ul>
<li>Fixed <code>postcss().process()</code> types (by Andrew
Ferreira).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a0d9f10324"><code>a0d9f10</code></a>
Release 8.4.32 version</li>
<li><a
href="0146b3e36f"><code>0146b3e</code></a>
Add Node.js 21 to CI</li>
<li><a
href="2398534350"><code>2398534</code></a>
Update dependencies</li>
<li><a
href="1918533810"><code>1918533</code></a>
Merge pull request <a
href="https://redirect.github.com/postcss/postcss/issues/1902">#1902</a>
from ferreira-tb/main</li>
<li><a
href="395e6dc1b9"><code>395e6dc</code></a>
Fix <code>ProcessOptions</code> interface</li>
<li><a
href="fa8cd158fd"><code>fa8cd15</code></a>
Update dependencies</li>
<li><a
href="199a7c4210"><code>199a7c4</code></a>
Typo</li>
<li><a
href="2528047169"><code>2528047</code></a>
Update EM link</li>
<li>See full diff in <a
href="https://github.com/postcss/postcss/compare/8.4.31...8.4.32">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view)
from 0.20.1 to 0.20.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/phoenix_live_view/blob/main/CHANGELOG.md">phoenix_live_view's
changelog</a>.</em></p>
<blockquote>
<h2>0.20.2 (2023-12-18)</h2>
<h3>Bug fixes</h3>
<ul>
<li>Fix javascript error when submitting a form that has in progress
uploads</li>
<li>Fix JS command <code>:target</code> failing to work when used as
phx-submit or phx-change with a selector-based target</li>
<li>Fix <code>JS.focus()</code> failing to focus negative tabindex</li>
<li>Fix <code>LiveViewTest</code> failing to remove items after stream
reset</li>
<li>Fix <code>phx-window-blur</code> and <code>phx-window-focus</code>
events not firing</li>
<li>Fix SVG anchor links throwing errors when clicked</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>Speed up DOM patching performance 3-30x 🔥</li>
<li>Support <code>handle_async</code> Lifecycle callback</li>
<li>Extend visibility checks for phx-click-away to better handle whether
an element is visible in the viewport or not</li>
<li>Allow <code>JS.patch</code> and <code>JS.navigate</code> to be
tested with <code>render_click</code></li>
<li>Support <code>:supervisor</code> option to <code>assign_async</code>
and <code>start_async</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="343911f9d3"><code>343911f</code></a>
Release 0.20.2</li>
<li><a
href="0cb17d6c1d"><code>0cb17d6</code></a>
Bump build</li>
<li><a
href="297a782b05"><code>297a782</code></a>
Optimize maybeHideFeedback for initial page render (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/2953">#2953</a>)</li>
<li><a
href="744a3ab075"><code>744a3ab</code></a>
Fix error on missing child</li>
<li><a
href="db964c5039"><code>db964c5</code></a>
Fix issue with new elements in stream DOM test (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/2677">#2677</a>)</li>
<li><a
href="4ca4885580"><code>4ca4885</code></a>
Bump changelog</li>
<li><a
href="997af5773d"><code>997af57</code></a>
Add async supervised (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/2818">#2818</a>)</li>
<li><a
href="2864bc024a"><code>2864bc0</code></a>
Clarify return values of :external upload functions (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/2821">#2821</a>)</li>
<li><a
href="639daf0add"><code>639daf0</code></a>
Bump build</li>
<li><a
href="067b632fdc"><code>067b632</code></a>
Use moudedown rather than clicks. Fixes <a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/2856">#2856</a>
<a
href="https://redirect.github.com/phoenixframework/phoenix_live_view/issues/2554">#2554</a></li>
<li>Additional commits viewable in <a
href="https://github.com/phoenixframework/phoenix_live_view/compare/v0.20.1...v0.20.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Adds an overview document with a proposed plan and test bed architecture
for e2e testing the clients.
Drivers are available for [each platform using
Appium](https://appium.io/docs/en/2.3/ecosystem/drivers/).
Just a minor cleanup suggestion to consolidate guards in one place.
We could also make `networkSettings` a non-optional type which would
clean things up further (will it always be initialized while the Adapter
is?)
Draft because stacked on #3012
