mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 18:18:55 +00:00
f44fdb7fa307eabaed69af0fb9118d2625f5994b
1960 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Thomas Eizinger
|
f44fdb7fa3 |
refactor(snownet): re-implement backoff to only tick on timeout (#7942)
For all STUN and TURN messages that are being sent from `connlib`, we implement a retransmit strategy with an exponential backoff if we don't hear from the relay within a given amount of time. For this, we are currently using the `backoff` crate. For our purposes, this crate is a bit unergonomic. In particular, it has a mutable `next_backoff` function as well as internal dependency on a "clock". As a consequence, we need to a) always make sure the clock of an `ExponentialBackoff` is pointing to the current time b) only call `next_backoff` when we want to resend a message Within the sans-IO design of `connlib`, time-related functions are handled within `handle_timeout` which is being passed a `now: Instant` parameter. Instead of ticking over to the next backoff, what we need from our backoff module are answers to the questions: - Is the backoff expired? - When should the next retry happen? - What is the current waiting interval? In addition, we want the backoff module to "tick over" to the next trigger when the time passes the current one, i.e. we want to issue the command: "This is the current time, update your internal state." By re-implementing this ourselves, we can avoid this additional state tracking of `last_now`, thus simplifying the implementation. |
||
|
Thomas Eizinger
|
fc7efef94e |
refactor(gateway): don't treat filtered packets as errors (#7954)
Filtering packets is part of a Gateway's day-to-day business. We don't want to treat those as errors further up as those might get reported to Sentry but it is still worth logging them on debug. |
||
|
Thomas Eizinger
|
4db9a9ef98 | chore(gateway): tell users to check their firewall rules (#7953) | ||
|
Thomas Eizinger
|
d6a1966a42 |
refactor(snownet): reduce log noise for unhandled packets (#7952)
When `snownet` originally got developed, its API was designed with the idea in mind that a packet that doesn't get handled is an error. Whilst that is technically true, we don't have any other component that processes packets within Firezone. When a connection is killed by e.g. an ICE timeout, we may still be receiving packets from the other party. Those fill the logs until the other party also runs into a timeout. To prevent this, we don't return errors for these but instead, log them on TRACE. For the case where we are given a packet that doesn't match any known format, we still emit an error. |
||
|
dependabot[bot]
|
91dde1c015 |
build(deps): Bump tokio from 1.42.0 to 1.43.0 in /rust (#7878)
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.42.0 to 1.43.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.43.0</h2> <h1>1.43.0 (Jan 8th, 2025)</h1> <h3>Added</h3> <ul> <li>net: add <code>UdpSocket::peek</code> methods (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7068">#7068</a>)</li> <li>net: add support for Haiku OS (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7042">#7042</a>)</li> <li>process: add <code>Command::into_std()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7014">#7014</a>)</li> <li>signal: add <code>SignalKind::info</code> on illumos (<a href="https://redirect.github.com/tokio-rs/tokio/issues/6995">#6995</a>)</li> <li>signal: add support for realtime signals on illumos (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7029">#7029</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>io: don't call <code>set_len</code> before initializing vector in <code>Blocking</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7054">#7054</a>)</li> <li>macros: suppress <code>clippy::needless_return</code> in <code>#[tokio::main]</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/6874">#6874</a>)</li> <li>runtime: fix thread parking on WebAssembly (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7041">#7041</a>)</li> </ul> <h3>Changes</h3> <ul> <li>chore: use unsync loads for <code>unsync_load</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7073">#7073</a>)</li> <li>io: use <code>Buf::put_bytes</code> in <code>Repeat</code> read impl (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7055">#7055</a>)</li> <li>task: drop the join waker of a task eagerly (<a href="https://redirect.github.com/tokio-rs/tokio/issues/6986">#6986</a>)</li> </ul> <h3>Changes to unstable APIs</h3> <ul> <li>metrics: improve flexibility of H2Histogram Configuration (<a href="https://redirect.github.com/tokio-rs/tokio/issues/6963">#6963</a>)</li> <li>taskdump: add accessor methods for backtrace (<a href="https://redirect.github.com/tokio-rs/tokio/issues/6975">#6975</a>)</li> </ul> <h3>Documented</h3> <ul> <li>io: clarify <code>ReadBuf::uninit</code> allows initialized buffers as well (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7053">#7053</a>)</li> <li>net: fix ambiguity in <code>TcpStream::try_write_vectored</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7067">#7067</a>)</li> <li>runtime: fix <code>LocalRuntime</code> doc links (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7074">#7074</a>)</li> <li>sync: extend documentation for <code>watch::Receiver::wait_for</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7038">#7038</a>)</li> <li>sync: fix typos in <code>OnceCell</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7047">#7047</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/6874">#6874</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/6874">tokio-rs/tokio#6874</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/6963">#6963</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/6963">tokio-rs/tokio#6963</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/6975">#6975</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/6975">tokio-rs/tokio#6975</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/6986">#6986</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/6986">tokio-rs/tokio#6986</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/6995">#6995</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/6995">tokio-rs/tokio#6995</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7014">#7014</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7014">tokio-rs/tokio#7014</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7029">#7029</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7029">tokio-rs/tokio#7029</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7038">#7038</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7038">tokio-rs/tokio#7038</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7041">#7041</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7041">tokio-rs/tokio#7041</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7042">#7042</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7042">tokio-rs/tokio#7042</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7047">#7047</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7047">tokio-rs/tokio#7047</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7053">#7053</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7053">tokio-rs/tokio#7053</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7054">#7054</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7054">tokio-rs/tokio#7054</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7055">#7055</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7055">tokio-rs/tokio#7055</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Jamil
|
6a73406194 | chore: Bump Apple version to 1.4.1 (#7946) | ||
|
dependabot[bot]
|
34b75e82af |
build(deps-dev): bump @tauri-apps/cli from 2.2.1 to 2.2.7 in /rust/gui-client in the tauri group (#7920)
Bumps the tauri group in /rust/gui-client with 1 update: [@tauri-apps/cli](https://github.com/tauri-apps/tauri). Updates `@tauri-apps/cli` from 2.2.1 to 2.2.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases"><code>@tauri-apps/cli</code>'s releases</a>.</em></p> <blockquote> <h2><code>@tauri-apps/cli</code> v2.2.7</h2> <h2>[2.2.7]</h2> <h3>Bug Fixes</h3> <ul> <li><a href=" |
||
|
dependabot[bot]
|
56ee3bbf72 |
build(deps): Bump tauri from 2.2.3 to 2.2.5 in /rust in the tauri group (#7877)
Bumps the tauri group in /rust with 1 update: [tauri](https://github.com/tauri-apps/tauri). Updates `tauri` from 2.2.3 to 2.2.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases">tauri's releases</a>.</em></p> <blockquote> <h2>tauri-cli v2.2.5</h2> <!-- raw HTML omitted --> <pre><code>Updating git repository `https://github.com/tauri-apps/schemars.git` Updating crates.io index Locking 1053 packages to latest compatible versions Adding apple-codesign v0.27.0 (available: v0.29.0) Adding axum v0.7.9 (available: v0.8.1) Adding colored v2.2.0 (available: v3.0.0) Adding dirs v5.0.1 (available: v6.0.0) Adding html5ever v0.26.0 (available: v0.29.0) Adding itertools v0.13.0 (available: v0.14.0) Adding minisign v0.7.3 (available: v0.7.9) Adding oxc_allocator v0.36.0 (available: v0.47.0) Adding oxc_ast v0.36.0 (available: v0.47.0) Adding oxc_parser v0.36.0 (available: v0.47.0) Adding oxc_span v0.36.0 (available: v0.47.0) Adding proc-macro-crate v2.0.0 (available: v2.0.2) Adding serialize-to-javascript v0.1.1 (available: v0.1.2) Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2) Adding tauri-utils v1.6.0 (available: v1.6.2) Adding tiny_http v0.11.0 (available: v0.12.0) Adding webview2-com v0.34.0 (available: v0.35.0) Adding windows v0.58.0 (available: v0.59.0) Adding x509-certificate v0.23.1 (available: v0.24.0) Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 724 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1078 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Dependency tree: atk 0.18.2 └── gtk 0.18.2 ├── wry 0.48.1 │ └── tauri-runtime-wry 2.3.0 │ └── tauri 2.2.3 │ ├── tauri-plugin-sample 0.1.0 │ │ └── api 0.1.0 │ ├── tauri-plugin-log 2.2.0 │ │ └── api 0.1.0 │ ├── tauri-file-associations-demo 0.1.0 │ ├── tauri 2.2.3 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
09f9fe49f4 |
build(deps-dev): bump vite from 6.0.9 to 6.0.11 in /rust/gui-client (#7936)
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 6.0.9 to 6.0.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/releases">vite's releases</a>.</em></p> <blockquote> <h2>v6.0.11</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.0.11/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v6.0.10</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.0.10/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md">vite's changelog</a>.</em></p> <blockquote> <h2><!-- raw HTML omitted -->6.0.11 (2025-01-21)<!-- raw HTML omitted --></h2> <ul> <li>fix: <code>preview.allowedHosts</code> with specific values was not respected (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19246">#19246</a>) (<a href=" |
||
|
Thomas Eizinger
|
8bd8098cab |
refactor(connlib): don't re-implement waker for TUN thread (#7944)
Within `connlib` - on UNIX platforms - we have dedicated threads that read from and write to the TUN device. These threads are connected with `connlib`'s main thread via bounded channels: one in each direction. When these channels are full, `connlib`'s main thread will suspend and not read any network packets from the sockets in order to maintain back-pressure. Reading more packets from the socket would mean most likely sending more packets out the TUN device. When debugging #7763, it became apparent that _something_ must be wrong with these threads and that somehow, we either consider them as full or aren't emptying them and as a result, we don't read _any_ network packets from our sockets. To maintain back-pressure here, we currently use our own `AtomicWaker` construct that is shared with the TUN thread(s). This is unnecessary. We can also directly convert the `flume::Sender` into a `flume::async::SendSink` and therefore directly access a `poll` interface. |
||
|
Thomas Eizinger
|
287ea1e8b2 |
chore(snownet): log ignored candidate (#7943)
Once we've finished ICE and nominated a socket, we ignore future candidates for the same connection (see #6876). To make this log a bit more helpful, we now log the candidate that we are ignoring on this connection. |
||
|
dependabot[bot]
|
2a5683466b |
build(deps-dev): bump @types/node from 22.10.5 to 22.12.0 in /rust/gui-client (#7931)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 22.10.5 to 22.12.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
b8c3728669 |
build(deps-dev): bump typescript from 5.7.2 to 5.7.3 in /rust/gui-client (#7924)
Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.7.2 to 5.7.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/microsoft/TypeScript/releases">typescript's releases</a>.</em></p> <blockquote> <h2>TypeScript 5.7.3</h2> <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/">release announcement</a>.</p> <ul> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.7.0%22+is%3Aclosed+">fixed issues query for Typescript 5.7.0 (Beta)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.7.1%22+is%3Aclosed+">fixed issues query for Typescript 5.7.1 (RC)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.7.2%22+is%3Aclosed+">fixed issues query for Typescript 5.7.2 (Stable)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.7.2%22+is%3Aclosed+">fixed issues query for Typescript 5.7.3 (Stable)</a>.</li> </ul> <p>Downloads are available on <a href="https://www.npmjs.com/package/typescript">npm</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Jamil
|
7e231c6b10 | chore: Release Android 1.4.1 (#7911) | ||
|
Thomas Eizinger
|
f5779ff921 |
chore: release Gateway, headless-client and GUI client (#7903)
This bumps the versions of Gateway, headless-client and the GUI client as well as updates the respective changelogs. These have been released today: - https://github.com/firezone/firezone/releases/tag/gui-client-1.4.1 - https://github.com/firezone/firezone/releases/tag/gateway-1.4.3 - https://github.com/firezone/firezone/releases/tag/headless-client-1.4.1 It is all done in one PR to avoid merge conflicts within the updates of the Makefile. |
||
|
Thomas Eizinger
|
416e320319 |
revert: bump netlink-packet-route and rtnetlink (#7899)
Reverts: #6694 Related: https://github.com/rust-netlink/netlink-packet-route/issues/140 |
||
|
dependabot[bot]
|
0779757646 |
build(deps): netlink-packet-route and rtnetlink (#6694)
`rtnetlink` has some breaking changes in their latest version. To avoid waiting until they actually cut a release, we temporarily depend on their `main` branch. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Thomas Eizinger <thomas@eizinger.io> |
||
|
Thomas Eizinger
|
3daac8730f |
fix(connlib): limit batch size on mobile platforms to 25 (#7889)
The batch size effects how many packets we process one at a time. It also effects the worst-case size of a single buffer as all packets may be of the same size and thus need to be appended to the same buffer. On mobile, we can't afford to allocate all of these so we reduce the batch-size there. |
||
|
Thomas Eizinger
|
6789b0b377 |
fix(connlib): always return buffers to pool after sending (#7891)
Within the `GsoQueue` data structure, we keep a hash map indexed by source, destination and segment length of UDP packets pointing to a buffer for those payloads. What we intended to do here is to return the buffer to the pool after we sent the payload. What we failed to realise is that putting another buffer into the hash map means we have a buffer allocated for a certain destination address and segment length! This buffer would only get reused for the exact same address and segment length, causing memory usage to balloon over time. To fix this, we wrap the `DatagramBuffer` in an additional `Option`. This allows us to actually remove it from the hash map and return the buffer for future use to the buffer pool. Resolves: #7866. Resolves: #7747. |
||
|
Thomas Eizinger
|
c6492d4832 |
fix(rust): don't start all log files with connlib. (#7853)
At present, the file logger for all Rust code starts each logfile with `connlib.`. This is very confusing when exporting the logs from the GUI client because even the logs from the client itself will start with `connlib.`. To fix this, we make the base file name of the log file configurable. |
||
|
Thomas Eizinger
|
3887a7b690 |
fix(connlib): don't pull new GSO buffer unless we need it (#7888)
When we are queuing a new UDP payload for sending, we always immediately pulled a new buffer even though we might already have on allocated for this particular segment length. This causes an unnecessary spike in memory when we are under load. |
||
|
Thomas Eizinger
|
6188efd1e6 |
refactor(gateway): improve logging for filtered traffic (#7887)
When the Gateway's filter-engine drops a packet, we currently only log "destination not allowed". This could happen either because we don't have a filter (i.e. the resource is not allowed) or because the TCP / UDP port or ICMP traffic is not allowed. To make debugging easier, we now include that information in the error message. Resolves: #7875. |
||
|
Thomas Eizinger
|
a5086af352 |
chore(rust): remove JSON logging (#7854)
Nobody looks at these logs, writing them uses unnecessary CPU + storage on users devices. It also means we have 1 background thread less because we need one less non-blocking writer. |
||
|
Thomas Eizinger
|
e78ef04e6c |
chore(snownet): don't log missing attribute for binding requests (#7852)
STUN binding requests & responses are not authenticated on purpose because they are so easy to fulfill that having to perform the computational work to check the authentication is more work than actually just sending the request. With #7819, we send STUN binding requests more often because they are used as keep-alives to the relay. This spams the debug log because we see > Message does not have a `MessageIntegrity` attribute for every BINDING response. This information isn't interesting for BINDING responses because those will never have a `MessageIntegrity` attribute. |
||
|
Thomas Eizinger
|
88c3e228ba |
feat(snownet): log which packets resume a connection (#7850)
In order to debug connection wake-ups, it is useful to know, which
packet is the first one that gets sent on an idle connection. With this
PR, we do exactly that for incoming and outgoing packets through the
tunnel. The resulting log looks something like this:
```
2025-01-24T02:52:51.818Z DEBUG snownet::node: Connection is idle cid=65f149ea-96a4-4eee-ac70-62a1a2590821
2025-01-24T02:52:57.312Z DEBUG firezone_tunnel::client: Cleared DNS resource NAT domain=speed.cloudflare.com
2025-01-24T02:52:57.312Z DEBUG firezone_tunnel::client: Setting up DNS resource NAT gid=65f149ea-96a4-4eee-ac70-62a1a2590821 domain=speed.cloudflare.com
2025-01-24T02:52:57.312Z DEBUG snownet::node: Connection resumed packet=Packet { src: ::, dst: ::, protocol: "Reserved" } cid=65f149ea-96a4-4eee-ac70-62a1a2590821
```
Here, the connection got resumed because we locally received a DNS query
for a DNS resource which triggers a new control protocol message through
the tunnel. For this, we use the unspecified IPv6 address for src and
dst and the 0x255 protocol identifier which here renders as "Reserved".
|
||
|
Thomas Eizinger
|
e2b48561d1 |
fix(gui-client): don't fail on missing update-desktop-database (#7822)
Currently the GUI Client exits if `update-desktop-database` cannot be executed after deep-links were registered. On non-Ubuntu systems (or more generally non-Debian) this will fail since the command does not exist and prevent the GUI Client from starting. This PR just ignores any command-not-found error, ensuring the command still has to succeed on Debian/Ubuntu machines. --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: oddlama <oddlama@oddlama.org> |
||
|
Thomas Eizinger
|
71b1edfb70 |
test(connlib): fix race condition of WireGuard handshakes (#7839)
The committed regression seeds trigger a scenario where the WireGuard sessions of the peers expire in a way where by the time the Client sends the packet, it is still active (179.xx seconds old) and with the latency to the Gateway, the 180s mark is reached and the Gateway clears the session and discards the packet as a result. In order to fix this, I opted to patch WireGuard by introducing a new timer that does not allow the initiator to use a session that is almost expired: https://github.com/firezone/boringtun/pull/68. Resolves: #7832. --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> |
||
|
Jamil
|
1e5599e5fc |
refactor(connlib): only log actual updates to the allocation (#7826)
With #7819, these log messages appear at a ~10x higher rate than before - a day's worth of these would be over 3,000 messages. For BINDING requests, these only matter if the candidates change, therefore we can make the logging conditional to that. --------- Co-authored-by: Thomas Eizinger <thomas@eizinger.io> |
||
|
Thomas Eizinger
|
8c11d9b728 |
chore(rust): fmt Cargo.toml (#7848)
Unfortunately, we don't have a formatter for the manifest other than sorting the dependencies alphabetically so some things need to be taken care of manually. |
||
|
Thomas Eizinger
|
e2c1ef8f09 |
chore: remove WireGuard keepalive (#7840)
Contrary to my prior belief, we don't actually need the WireGuard _persistent_ keep-alive. The in-built timers from WireGuard will automatically send keep-alive messages in case no organic reply is sent for a particular request. All NAT bindings along the network path are already kept open using the STUN bindings sent on all candidate pairs. Even on idle connections, we send those every 60s. Well-behaved NATs are meant to keep confirmed UDP bindings open for at least 120s. Even if not, the worst-case here is that a connection which does not send any(!) application traffic is cut. |
||
|
Thomas Eizinger
|
f10f29c03b | refactor(connlib): only log cleared nat status if we do (#7841) | ||
|
dependabot[bot]
|
c13a5de770 |
build(deps-dev): Bump vite from 6.0.7 to 6.0.9 in /rust/gui-client in the npm_and_yarn group (#7828)
Bumps the npm_and_yarn group in /rust/gui-client with 1 update: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Updates `vite` from 6.0.7 to 6.0.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/releases">vite's releases</a>.</em></p> <blockquote> <h2>v6.0.9</h2> <p>This version contains a breaking change due to security fixes. See <a href="https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6">https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6</a> for more details.</p> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.0.9/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v6.0.8</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.0.8/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md">vite's changelog</a>.</em></p> <blockquote> <h2><!-- raw HTML omitted -->6.0.9 (2025-01-20)<!-- raw HTML omitted --></h2> <ul> <li>fix!: check host header to prevent DNS rebinding attacks and introduce <code>server.allowedHosts</code> (<a href=" |
||
|
Jamil
|
83102c7cc8 |
fix: Add openssl-dev build req to rust Dockerfile (#7824)
#7808 introduced a minor bug that prevented the rust Docker images from building locally, in `debug` builds. Adding `openssl-dev` to the builder's container fixes the issue. ``` cargo:warning=Could not find directory of OpenSSL installation, and this `-sys` crate cannot proceed without this knowledge. If OpenSSL is installed and this crate had trouble finding it, you can set the `OPENSSL_DIR` environment variable for the compilation process. See stderr section below for further information. ``` |
||
|
Jamil
|
ac77fc7ab0 |
fix(dev): Update tokens in local docker dev env (#7825)
These have drifted and are no longer working, so they've been updated from a fresh `mix ecto.seed` output. |
||
|
Jamil
|
0dcde7ffee |
fix(connlib): Filter 'dual socket' log for keepalives (#7827)
#7819 triggers this log every 25s which isn't exactly describing the correct condition any longer. This PR updates the log to only fire when we're determining which socket to use for communicating with the Relay, and not at each keepalive interval. |
||
|
Thomas Eizinger
|
e50b719d5c |
refactor(headless-client): remove FIREZONE_TOKEN CLI arg (#7770)
The current CLI of the headless-client allows passing the token as a positional parameter in addition to an env variable. This can be very confusing if you make a spelling error in the _command_ that you are trying to pass to the CLI, i.e. `standalone`. A misspelled command will be interpreted as the token to use to connect to the portal without any warning that it is similar to a command. The env variable `FIREZONE_TOKEN` is completely ignored in that case. To fix this, we remove the ability to pass the token via stdin. The token should instead be set via en env variable or read from a file at `FIREZONE_TOKEN_PATH`. --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
Thomas Eizinger
|
8c2d15b8d7 |
fix(snownet): implement STUN keepalive with relays (#7819)
Firezone Clients and Gateways create an allocation with a given set of Relays as soon as they start up. If no traffic is being secured and thus no connections are established between them, NAT bindings between Clients / Gateways and the Relays may expire. Typically, these bindings last for 120s. Allocations are only refreshed every 5 min (after 50% of their lifetime has passed). After a NAT binding is expired, the next UDP message passing through the NAT may allocate a new port, thus changing the 3-tuple of the sender. TURN identifies clients by their 3-tuple. Therefore, without a proactive keepalive, TURN clients lose access to their allocation and need to create one under the new port. To fix this, we implement a scheduled STUN binding request every 25s once we have chosen a socket (IPv4 or IPv6) for a given relay. Resolves: #7802. |
||
|
Thomas Eizinger
|
b568592e52 |
fix: avoid spurious rekey in boringtun (#7767)
For a while now, I've known that `boringtun` may perform spurious rekeys but I didn't fully understand why. After spending some time refactoring the internals of `boringtun` and re-reading the whitepaper, I know understand the reason. https://github.com/firezone/boringtun/pull/66 fixes the problem. The proptests have since also discovered the same issue: https://github.com/firezone/firezone/actions/runs/12790301854/job/35655764072. |
||
|
dependabot[bot]
|
fd02340ed4 |
build(deps): Bump rustls from 0.23.19 to 0.23.21 in /rust (#7810)
Bumps [rustls](https://github.com/rustls/rustls) from 0.23.19 to 0.23.21. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
bd17ff8e7b |
build(deps): Bump tauri from 2.2.2 to 2.2.3 in /rust in the tauri group (#7809)
Bumps the tauri group in /rust with 1 update: [tauri](https://github.com/tauri-apps/tauri). Updates `tauri` from 2.2.2 to 2.2.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases">tauri's releases</a>.</em></p> <blockquote> <h2>tauri-cli v2.2.3</h2> <!-- raw HTML omitted --> <pre><code>Updating git repository `https://github.com/tauri-apps/schemars.git` Updating crates.io index Locking 1051 packages to latest compatible versions Adding apple-codesign v0.27.0 (available: v0.29.0) Adding axum v0.7.9 (available: v0.8.1) Adding colored v2.2.0 (available: v3.0.0) Adding html5ever v0.26.0 (available: v0.29.0) Adding itertools v0.13.0 (available: v0.14.0) Adding minisign v0.7.3 (available: v0.7.9) Adding notify v7.0.0 (available: v8.0.0) Adding notify-debouncer-full v0.4.0 (available: v0.5.0) Adding oxc_allocator v0.36.0 (available: v0.44.0) Adding oxc_ast v0.36.0 (available: v0.44.0) Adding oxc_parser v0.36.0 (available: v0.44.0) Adding oxc_span v0.36.0 (available: v0.44.0) Adding proc-macro-crate v2.0.0 (available: v2.0.2) Adding serialize-to-javascript v0.1.1 (available: v0.1.2) Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2) Adding specta v2.0.0-rc.20 (available: v2.0.0-rc.21) Adding specta-macros v2.0.0-rc.17 (available: v2.0.0-rc.18) Adding specta-util v0.0.7 (available: v0.0.8) Adding tauri-utils v1.6.0 (available: v1.6.1) Adding tiny_http v0.11.0 (available: v0.12.0) Adding windows v0.58.0 (available: v0.59.0) Adding x509-certificate v0.23.1 (available: v0.24.0) Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 724 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1076 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Dependency tree: atk 0.18.2 └── gtk 0.18.2 ├── wry 0.48.0 │ └── tauri-runtime-wry 2.3.0 │ └── tauri 2.2.1 │ ├── tauri-plugin-sample 0.1.0 │ │ └── api 0.1.0 │ ├── tauri-plugin-log 2.2.0 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
96e68bc64e |
fix: enable tauri's native-tls feature to fix offline builds (#7808)
Resolves: #7799. --------- Co-authored-by: oddlama <oddlama@oddlama.org> |
||
|
Thomas Eizinger
|
943dbf9712 |
test(connlib): assert resource status as part of tunnel_test (#7772)
In order to ensure that the "site status" in the UIs is always up-to-date, we model the resource status as part of `tunnel_test`. This should cover even the most bizarre combinations of adding, removing, disabling and enabling resources interleaved with sending packets, resetting connections etc. Fixes: #7761. |
||
|
Thomas Eizinger
|
14ed7c40cb |
test(windows): increase grace-period for timer Io timer (#7821)
Windows' timer granularity isn't as good as the one from Unix platforms. To ensure this test isn't flaky, we increase the grace-period for Windows runners. See https://github.com/firezone/firezone/actions/runs/12862968520/job/35858749736?pr=7808. |
||
|
Jamil
|
6670741dee |
chore: Bump apple clients to 1.4.0 (#7785)
Bumps Apple clients to the 1.4.0 release. They're already live. |
||
|
dependabot[bot]
|
bd4ae08a79 |
build(deps): Bump serde_json from 1.0.133 to 1.0.135 in /rust (#7792)
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.133 to 1.0.135. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.135</h2> <ul> <li>Add serde_json::Map::into_values method (<a href="https://redirect.github.com/serde-rs/json/issues/1226">#1226</a>, thanks <a href="https://github.com/tisonkun"><code>@tisonkun</code></a>)</li> </ul> <h2>v1.0.134</h2> <ul> <li>Add <code>RawValue</code> associated constants for literal <code>null</code>, <code>true</code>, <code>false</code> (<a href="https://redirect.github.com/serde-rs/json/issues/1221">#1221</a>, thanks <a href="https://github.com/bheylin"><code>@bheylin</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
0e6b811902 |
build(deps): Bump reqwest from 0.12.8 to 0.12.9 in /rust (#7793)
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.8 to 0.12.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p> <blockquote> <h2>v0.12.9</h2> <h2>What's Changed</h2> <ul> <li>Add <code>tls::CertificateRevocationLists</code> support (by <a href="https://github.com/ksenia-vazhdaeva"><code>@ksenia-vazhdaeva</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2433">seanmonstar/reqwest#2433</a>)</li> <li>Add crate features to enable webpki roots without selecting a rustls provider (by <a href="https://github.com/stevefan1999-personal"><code>@stevefan1999-personal</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2447">seanmonstar/reqwest#2447</a>)</li> <li>Fix <code>multipart::Part::file()</code> to automatically include content-length (by <a href="https://github.com/Mr-Pine"><code>@Mr-Pine</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2459">seanmonstar/reqwest#2459</a>)</li> <li>Fix proxy to internally no longer cache system proxy settings (by <a href="https://github.com/lanyeeee"><code>@lanyeeee</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2442">seanmonstar/reqwest#2442</a>)</li> <li>Fix <code>connection_verbose()</code> to output read logs (by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2454">seanmonstar/reqwest#2454</a>)</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/lanyeeee"><code>@lanyeeee</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2442">seanmonstar/reqwest#2442</a></li> <li><a href="https://github.com/ksenia-vazhdaeva"><code>@ksenia-vazhdaeva</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2433">seanmonstar/reqwest#2433</a></li> <li><a href="https://github.com/Mr-Pine"><code>@Mr-Pine</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2459">seanmonstar/reqwest#2459</a></li> <li><a href="https://github.com/stevefan1999-personal"><code>@stevefan1999-personal</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2447">seanmonstar/reqwest#2447</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.8...v0.12.9">https://github.com/seanmonstar/reqwest/compare/v0.12.8...v0.12.9</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p> <blockquote> <h2>v0.12.9</h2> <ul> <li>Add <code>tls::CertificateRevocationLists</code> support.</li> <li>Add crate features to enable webpki roots without selecting a rustls provider.</li> <li>Fix <code>connection_verbose()</code> to output read logs.</li> <li>Fix <code>multipart::Part::file()</code> to automatically include content-length.</li> <li>Fix proxy to internally no longer cache system proxy settings.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ce2de2ec8d |
build(deps): Bump tauri from 2.2.1 to 2.2.2 in /rust in the tauri group (#7776)
Bumps the tauri group in /rust with 1 update: [tauri](https://github.com/tauri-apps/tauri). Updates `tauri` from 2.2.1 to 2.2.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases">tauri's releases</a>.</em></p> <blockquote> <h2>tauri-cli v2.2.2</h2> <!-- raw HTML omitted --> <pre><code>Updating git repository `https://github.com/tauri-apps/schemars.git` Updating crates.io index Locking 1041 packages to latest compatible versions Adding apple-codesign v0.27.0 (available: v0.29.0) Adding axum v0.7.9 (available: v0.8.1) Adding cargo_toml v0.17.2 (available: v0.21.0) Adding html5ever v0.26.0 (available: v0.29.0) Adding hyper v0.14.32 (available: v1.5.2) Adding itertools v0.13.0 (available: v0.14.0) Adding minisign v0.7.3 (available: v0.7.9) Adding oxc_allocator v0.36.0 (available: v0.44.0) Adding oxc_ast v0.36.0 (available: v0.44.0) Adding oxc_parser v0.36.0 (available: v0.44.0) Adding oxc_span v0.36.0 (available: v0.44.0) Adding proc-macro-crate v2.0.0 (available: v2.0.2) Adding serialize-to-javascript v0.1.1 (available: v0.1.2) Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2) Adding tauri-utils v1.6.0 (available: v1.6.1) Adding tiny_http v0.11.0 (available: v0.12.0) Adding x509-certificate v0.23.1 (available: v0.24.0) Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 724 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1066 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Dependency tree: atk 0.18.2 └── gtk 0.18.2 ├── wry 0.48.0 │ └── tauri-runtime-wry 2.3.0 │ └── tauri 2.2.0 │ ├── tauri-plugin-sample 0.1.0 │ │ └── api 0.1.0 │ ├── tauri-plugin-log 2.2.0 │ │ └── api 0.1.0 │ ├── tauri-file-associations-demo 0.1.0 │ ├── tauri 2.2.0 │ ├── restart 0.1.0 │ ├── resources 0.1.0 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
81cbaefc84 |
build(deps): Bump glob from 0.3.1 to 0.3.2 in /rust (#7779)
Bumps [glob](https://github.com/rust-lang/glob) from 0.3.1 to 0.3.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/glob/releases">glob's releases</a>.</em></p> <blockquote> <h2>v0.3.2</h2> <h2>What's Changed</h2> <ul> <li>Add fs::symlink_metadata to detect broken symlinks by <a href="https://github.com/kyoheiu"><code>@kyoheiu</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/105">rust-lang/glob#105</a></li> <li>Add support for windows verbatim disk paths by <a href="https://github.com/nico-abram"><code>@nico-abram</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/112">rust-lang/glob#112</a></li> <li>Respect <code>require_literal_leading_dot</code> option in <code>glob_with</code> method for path components by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/128">rust-lang/glob#128</a></li> <li>Harden tests for symlink by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/127">rust-lang/glob#127</a></li> <li>Remove "extern crate" directions from README by <a href="https://github.com/zmitchell"><code>@zmitchell</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/131">rust-lang/glob#131</a></li> <li>Add FIXME for tempdir by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/126">rust-lang/glob#126</a></li> <li>Cache information about file type by <a href="https://github.com/Kobzol"><code>@Kobzol</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/135">rust-lang/glob#135</a></li> <li>Document the behaviour of ** with files by <a href="https://github.com/Wilfred"><code>@Wilfred</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/138">rust-lang/glob#138</a></li> <li>Add dependabot by <a href="https://github.com/oriontvv"><code>@oriontvv</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/139">rust-lang/glob#139</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/140">rust-lang/glob#140</a></li> <li>Check only (no longer test) at the MSRV by <a href="https://github.com/tgross35"><code>@tgross35</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/151">rust-lang/glob#151</a></li> <li>Add release-plz for automated releases by <a href="https://github.com/tgross35"><code>@tgross35</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/150">rust-lang/glob#150</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/kyoheiu"><code>@kyoheiu</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/105">rust-lang/glob#105</a></li> <li><a href="https://github.com/nico-abram"><code>@nico-abram</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/112">rust-lang/glob#112</a></li> <li><a href="https://github.com/zmitchell"><code>@zmitchell</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/131">rust-lang/glob#131</a></li> <li><a href="https://github.com/Kobzol"><code>@Kobzol</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/135">rust-lang/glob#135</a></li> <li><a href="https://github.com/Wilfred"><code>@Wilfred</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/138">rust-lang/glob#138</a></li> <li><a href="https://github.com/oriontvv"><code>@oriontvv</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/139">rust-lang/glob#139</a></li> <li><a href="https://github.com/dependabot"><code>@dependabot</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/140">rust-lang/glob#140</a></li> <li><a href="https://github.com/tgross35"><code>@tgross35</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/151">rust-lang/glob#151</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/glob/compare/0.3.1...v0.3.2">https://github.com/rust-lang/glob/compare/0.3.1...v0.3.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/glob/blob/master/CHANGELOG.md">glob's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/rust-lang/glob/compare/v0.3.1...v0.3.2">0.3.2</a> - 2024-12-28</h2> <h2>What's Changed</h2> <ul> <li>Add fs::symlink_metadata to detect broken symlinks by <a href="https://github.com/kyoheiu"><code>@kyoheiu</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/105">rust-lang/glob#105</a></li> <li>Add support for windows verbatim disk paths by <a href="https://github.com/nico-abram"><code>@nico-abram</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/112">rust-lang/glob#112</a></li> <li>Respect <code>require_literal_leading_dot</code> option in <code>glob_with</code> method for path components by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/128">rust-lang/glob#128</a></li> <li>Harden tests for symlink by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/127">rust-lang/glob#127</a></li> <li>Remove "extern crate" directions from README by <a href="https://github.com/zmitchell"><code>@zmitchell</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/131">rust-lang/glob#131</a></li> <li>Add FIXME for tempdir by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/126">rust-lang/glob#126</a></li> <li>Cache information about file type by <a href="https://github.com/Kobzol"><code>@Kobzol</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/135">rust-lang/glob#135</a></li> <li>Document the behaviour of ** with files by <a href="https://github.com/Wilfred"><code>@Wilfred</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/138">rust-lang/glob#138</a></li> <li>Add dependabot by <a href="https://github.com/oriontvv"><code>@oriontvv</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/139">rust-lang/glob#139</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/140">rust-lang/glob#140</a></li> <li>Check only (no longer test) at the MSRV by <a href="https://github.com/tgross35"><code>@tgross35</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/151">rust-lang/glob#151</a></li> <li>Add release-plz for automated releases by <a href="https://github.com/tgross35"><code>@tgross35</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/150">rust-lang/glob#150</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/kyoheiu"><code>@kyoheiu</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/105">rust-lang/glob#105</a></li> <li><a href="https://github.com/nico-abram"><code>@nico-abram</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/112">rust-lang/glob#112</a></li> <li><a href="https://github.com/zmitchell"><code>@zmitchell</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/131">rust-lang/glob#131</a></li> <li><a href="https://github.com/Kobzol"><code>@Kobzol</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/135">rust-lang/glob#135</a></li> <li><a href="https://github.com/Wilfred"><code>@Wilfred</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/138">rust-lang/glob#138</a></li> <li><a href="https://github.com/oriontvv"><code>@oriontvv</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/139">rust-lang/glob#139</a></li> <li><a href="https://github.com/dependabot"><code>@dependabot</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/140">rust-lang/glob#140</a></li> <li><a href="https://github.com/tgross35"><code>@tgross35</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/151">rust-lang/glob#151</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/glob/compare/0.3.1...0.3.2">https://github.com/rust-lang/glob/compare/0.3.1...0.3.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
d47a1fb633 |
build(deps): Bump env_logger from 0.11.5 to 0.11.6 in /rust (#7780)
Bumps [env_logger](https://github.com/rust-cli/env_logger) from 0.11.5 to 0.11.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-cli/env_logger/releases">env_logger's releases</a>.</em></p> <blockquote> <h2>v0.11.6</h2> <h2>[0.11.6] - 2024-12-20</h2> <h3>Features</h3> <ul> <li>Opt-in file and line rendering</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md">env_logger's changelog</a>.</em></p> <blockquote> <h2>[0.11.6] - 2024-12-20</h2> <h3>Features</h3> <ul> <li>Opt-in file and line rendering</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
081216a929 |
fix(connlib): don't drop unsent datagrams (#7768)
We introduced a regression in `connlib` in #7749 whereby queued but
unsent datagrams got dropped in case the socket was not ready to send
more data.
This happens because within `Io`, we pull each datagram one by one from
the iterator:
|