mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 18:18:55 +00:00
fa19bbf48628640fb557fae331630c80cbf47422
6346 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Jamil
|
fa19bbf486 |
refactor(portal): Authorized Sessions -> Recent Connections (#7830)
We've gotten feedback recently that the expiration field causes confusion among auditors who assume it has actual security relevance. In reality, this is simply the maximum amount of time a connection between Client and Gateway will stay alive for, and it has no relation to "sessions" from a security perspective. As such, it's removed, and the table renamed "Recent connections" to better name what these are. The `expiration` column is also removed because this is not actionable by the admin or end-user. In nearly all cases, the connection will have been "expired" by some other means naturally, such as toggling Firezone on/off or a policy or resource change. In other words, we do not rely on this `expiration` field to enforce any security-related timeout. Fixes #7712 |
||
|
Jamil
|
83102c7cc8 |
fix: Add openssl-dev build req to rust Dockerfile (#7824)
#7808 introduced a minor bug that prevented the rust Docker images from building locally, in `debug` builds. Adding `openssl-dev` to the builder's container fixes the issue. ``` cargo:warning=Could not find directory of OpenSSL installation, and this `-sys` crate cannot proceed without this knowledge. If OpenSSL is installed and this crate had trouble finding it, you can set the `OPENSSL_DIR` environment variable for the compilation process. See stderr section below for further information. ``` |
||
|
Jamil
|
dca9645adf |
chore(infra): Remove unused tf vars (#7803)
These were leftover from #7737 and friends. |
||
|
Jamil
|
0dcb14d9a2 |
refactor(apple): Downgrade error for repeated sysex enabling (#7816)
If the user again clicks `Enable System Extension` without having actually enabled it in system settings, this error will be reported. We don't necessarily need to act on it. |
||
|
Jamil
|
d898884ddb |
refactor(apple): Downgrade noIPCData to warning for logs (#7813)
If the system extension has not been enabled by the user, opening the `Settings -> Diagnostic Logs` pane will trigger this error. There's nothing we can do until they enable the system extension, so don't capture this particular case in Sentry. |
||
|
Jamil
|
ac77fc7ab0 |
fix(dev): Update tokens in local docker dev env (#7825)
These have drifted and are no longer working, so they've been updated from a fresh `mix ecto.seed` output. |
||
|
Jamil
|
838b18e8d1 |
ci: Don't enable more swap space (#7829)
It seems that runners consistently have a 4 GB swapfile enabled now, so this seems to be unneeded and causing a conflict with the Ubuntu-22.04-arm runner which amusingly [uses the same path](https://github.com/firezone/firezone/actions/runs/12895498951/job/35956521688). |
||
|
Jamil
|
7bf3a9d129 | docs: Add missing backtick in administer/logs (#7831) | ||
|
Jamil
|
0dcde7ffee |
fix(connlib): Filter 'dual socket' log for keepalives (#7827)
#7819 triggers this log every 25s which isn't exactly describing the correct condition any longer. This PR updates the log to only fire when we're determining which socket to use for communicating with the Relay, and not at each keepalive interval. |
||
|
Jamil
|
bf967f10b2 |
chore: Use consistent casing for Dockerfile directives (#7823)
Fixes a minor warning Docker complains about during build. |
||
|
Thomas Eizinger
|
e50b719d5c |
refactor(headless-client): remove FIREZONE_TOKEN CLI arg (#7770)
The current CLI of the headless-client allows passing the token as a positional parameter in addition to an env variable. This can be very confusing if you make a spelling error in the _command_ that you are trying to pass to the CLI, i.e. `standalone`. A misspelled command will be interpreted as the token to use to connect to the portal without any warning that it is similar to a command. The env variable `FIREZONE_TOKEN` is completely ignored in that case. To fix this, we remove the ability to pass the token via stdin. The token should instead be set via en env variable or read from a file at `FIREZONE_TOKEN_PATH`. --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
Thomas Eizinger
|
8c2d15b8d7 |
fix(snownet): implement STUN keepalive with relays (#7819)
Firezone Clients and Gateways create an allocation with a given set of Relays as soon as they start up. If no traffic is being secured and thus no connections are established between them, NAT bindings between Clients / Gateways and the Relays may expire. Typically, these bindings last for 120s. Allocations are only refreshed every 5 min (after 50% of their lifetime has passed). After a NAT binding is expired, the next UDP message passing through the NAT may allocate a new port, thus changing the 3-tuple of the sender. TURN identifies clients by their 3-tuple. Therefore, without a proactive keepalive, TURN clients lose access to their allocation and need to create one under the new port. To fix this, we implement a scheduled STUN binding request every 25s once we have chosen a socket (IPv4 or IPv6) for a given relay. Resolves: #7802. |
||
|
Thomas Eizinger
|
b568592e52 |
fix: avoid spurious rekey in boringtun (#7767)
For a while now, I've known that `boringtun` may perform spurious rekeys but I didn't fully understand why. After spending some time refactoring the internals of `boringtun` and re-reading the whitepaper, I know understand the reason. https://github.com/firezone/boringtun/pull/66 fixes the problem. The proptests have since also discovered the same issue: https://github.com/firezone/firezone/actions/runs/12790301854/job/35655764072. |
||
|
dependabot[bot]
|
fd02340ed4 |
build(deps): Bump rustls from 0.23.19 to 0.23.21 in /rust (#7810)
Bumps [rustls](https://github.com/rustls/rustls) from 0.23.19 to 0.23.21. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
bd17ff8e7b |
build(deps): Bump tauri from 2.2.2 to 2.2.3 in /rust in the tauri group (#7809)
Bumps the tauri group in /rust with 1 update: [tauri](https://github.com/tauri-apps/tauri). Updates `tauri` from 2.2.2 to 2.2.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases">tauri's releases</a>.</em></p> <blockquote> <h2>tauri-cli v2.2.3</h2> <!-- raw HTML omitted --> <pre><code>Updating git repository `https://github.com/tauri-apps/schemars.git` Updating crates.io index Locking 1051 packages to latest compatible versions Adding apple-codesign v0.27.0 (available: v0.29.0) Adding axum v0.7.9 (available: v0.8.1) Adding colored v2.2.0 (available: v3.0.0) Adding html5ever v0.26.0 (available: v0.29.0) Adding itertools v0.13.0 (available: v0.14.0) Adding minisign v0.7.3 (available: v0.7.9) Adding notify v7.0.0 (available: v8.0.0) Adding notify-debouncer-full v0.4.0 (available: v0.5.0) Adding oxc_allocator v0.36.0 (available: v0.44.0) Adding oxc_ast v0.36.0 (available: v0.44.0) Adding oxc_parser v0.36.0 (available: v0.44.0) Adding oxc_span v0.36.0 (available: v0.44.0) Adding proc-macro-crate v2.0.0 (available: v2.0.2) Adding serialize-to-javascript v0.1.1 (available: v0.1.2) Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2) Adding specta v2.0.0-rc.20 (available: v2.0.0-rc.21) Adding specta-macros v2.0.0-rc.17 (available: v2.0.0-rc.18) Adding specta-util v0.0.7 (available: v0.0.8) Adding tauri-utils v1.6.0 (available: v1.6.1) Adding tiny_http v0.11.0 (available: v0.12.0) Adding windows v0.58.0 (available: v0.59.0) Adding x509-certificate v0.23.1 (available: v0.24.0) Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 724 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1076 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Dependency tree: atk 0.18.2 └── gtk 0.18.2 ├── wry 0.48.0 │ └── tauri-runtime-wry 2.3.0 │ └── tauri 2.2.1 │ ├── tauri-plugin-sample 0.1.0 │ │ └── api 0.1.0 │ ├── tauri-plugin-log 2.2.0 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
96e68bc64e |
fix: enable tauri's native-tls feature to fix offline builds (#7808)
Resolves: #7799. --------- Co-authored-by: oddlama <oddlama@oddlama.org> |
||
|
Thomas Eizinger
|
943dbf9712 |
test(connlib): assert resource status as part of tunnel_test (#7772)
In order to ensure that the "site status" in the UIs is always up-to-date, we model the resource status as part of `tunnel_test`. This should cover even the most bizarre combinations of adding, removing, disabling and enabling resources interleaved with sending packets, resetting connections etc. Fixes: #7761. |
||
|
Thomas Eizinger
|
14ed7c40cb |
test(windows): increase grace-period for timer Io timer (#7821)
Windows' timer granularity isn't as good as the one from Unix platforms. To ensure this test isn't flaky, we increase the grace-period for Windows runners. See https://github.com/firezone/firezone/actions/runs/12862968520/job/35858749736?pr=7808. |
||
|
Jamil
|
787eac86ac |
fix(apple): Use Task.detached when loading sysex and vpn config (#7815)
When the app starts, we perform various checks in the `AppViewModel.init` which read and write to disk, which can potentially be slow (a few seconds), especially for busy rotational hard drives. These were performed inside a regular `Task` closure, but since AppViewModel is annotated `@MainActor`, that meant this Task blocked the main UI thread until the operations completed. In practice this wasn't an issue because it simply manifested as the app taking a couple seconds to launch under these conditions. We fix this by simply using a `Task.detached` which will run the operations on another thread. Now, the first window will pop up sooner and immediately show the `ProgressView()` (i.e. a loading spinner icon) until these operations complete. A few minor reorganizing of the `os()` macro was also performed because some of the variables now need to be `await`ed because they live on the main thread. refs #7798 |
||
|
Jamil
|
8e39a4140f |
fix(ci): Run PR title check on PR edit (#7817)
If the PR title violates the length check, editing it and re-running the job wouldn't fix it because the original title was still referenced. To fix this, we introduce a trigger for this check that runs specifically on PR edit. |
||
|
Jamil
|
8c9427b7b1 |
revert: Add tauri release build to CI (#7801)
Reverts the portion of #7795 that removed Tauri release builds from running in PRs. |
||
|
Jamil
|
4c5f72d53f |
fix(apple): Use Task.detached to open URLs (#7798)
Opening URLs using `NSWorkspace.shared.open(url)` (which potentially launches the browser) is a blocking operation on Apple platforms. This will cause the UI to hang if called from a UI thread, so we need to avoid that with a Task. |
||
|
Jamil
|
7d322d52db |
ci: Only upload Tauri builds on workflow_dispatch (#7795)
Similar to the Apple and Android clients, this PR updates the Linux and Windows GUI clients to upload to the GitHub drafted release on manual workflow triggers only. This should save a few minutes off `main` builds as the extra package testing steps will now be skipped there. Notably, the Gateway and Headless Client workflows are unchanged because (a) they are much faster to build / test and (b) we use the release builds for performance testing connlib, so we need them to run on `main`. |
||
|
Jamil
|
4cab2b5296 |
docs: Add support link to main README.md
Signed-off-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
dependabot[bot]
|
01a90e3117 |
build(deps): Bump phoenix_ecto from 4.6.2 to 4.6.3 in /elixir (#7790)
Bumps [phoenix_ecto](https://github.com/phoenixframework/phoenix_ecto) from 4.6.2 to 4.6.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/phoenixframework/phoenix_ecto/blob/main/CHANGELOG.md">phoenix_ecto's changelog</a>.</em></p> <blockquote> <h2>v4.6.3</h2> <ul> <li> <p>Enhancements</p> <ul> <li>Add prefix option to check repo status plug</li> </ul> </li> <li> <p>Bug fix</p> <ul> <li>Fix map.field notation warning on Elixir 1.17</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Jamil
|
3f3a908bd2 |
chore(portal): Bump opentelemetry versions (#7794)
Dependabot is having issues figuring out the opentelemetry bumps due to a [package pull](https://github.com/firezone/firezone/pull/7788), so this PR aims to alleviate that as a one-off fix. This bumps a few deps' major versions. Nothing jumped out at first glance when I reviewed the changelogs, but I figured we'll have a better idea when this goes out to staging since OTLP is basically disabled in dev/test. |
||
|
Brian Manifold
|
eea7079776 |
fix(portal): Catch seat limit error in API fallback controller (#7783)
Why:
* The fallback controller in the API was not catching `{:error,
:seat_limit_reached}` being returned and was then generating a 500
response when this happened. This commit adds the condition in the
fallback controller and adds a new template for a more specific error
message in the returned JSON.
|
||
|
Jamil
|
6670741dee |
chore: Bump apple clients to 1.4.0 (#7785)
Bumps Apple clients to the 1.4.0 release. They're already live. |
||
|
dependabot[bot]
|
9ae9f7e341 |
build(deps): Bump phoenix_html from 4.1.1 to 4.2.0 in /elixir (#7789)
Bumps [phoenix_html](https://github.com/phoenixframework/phoenix_html) from 4.1.1 to 4.2.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/phoenixframework/phoenix_html/blob/main/CHANGELOG.md">phoenix_html's changelog</a>.</em></p> <blockquote> <h2>4.2.0 (2024-12-28)</h2> <ul> <li> <p>Enhancements</p> <ul> <li>Add <code>Phoenix.HTML.css_escape/1</code> to escape strings for use inside CSS selectors</li> <li>Add the ability to pass <code>:hr</code> to <code>options_for_select/2</code> to render a horizontal rule</li> </ul> </li> <li> <p>Bug fixes</p> <ul> <li>Pass form action through in FormData implementation</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
bd4ae08a79 |
build(deps): Bump serde_json from 1.0.133 to 1.0.135 in /rust (#7792)
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.133 to 1.0.135. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.135</h2> <ul> <li>Add serde_json::Map::into_values method (<a href="https://redirect.github.com/serde-rs/json/issues/1226">#1226</a>, thanks <a href="https://github.com/tisonkun"><code>@tisonkun</code></a>)</li> </ul> <h2>v1.0.134</h2> <ul> <li>Add <code>RawValue</code> associated constants for literal <code>null</code>, <code>true</code>, <code>false</code> (<a href="https://redirect.github.com/serde-rs/json/issues/1221">#1221</a>, thanks <a href="https://github.com/bheylin"><code>@bheylin</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
0e6b811902 |
build(deps): Bump reqwest from 0.12.8 to 0.12.9 in /rust (#7793)
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.8 to 0.12.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p> <blockquote> <h2>v0.12.9</h2> <h2>What's Changed</h2> <ul> <li>Add <code>tls::CertificateRevocationLists</code> support (by <a href="https://github.com/ksenia-vazhdaeva"><code>@ksenia-vazhdaeva</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2433">seanmonstar/reqwest#2433</a>)</li> <li>Add crate features to enable webpki roots without selecting a rustls provider (by <a href="https://github.com/stevefan1999-personal"><code>@stevefan1999-personal</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2447">seanmonstar/reqwest#2447</a>)</li> <li>Fix <code>multipart::Part::file()</code> to automatically include content-length (by <a href="https://github.com/Mr-Pine"><code>@Mr-Pine</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2459">seanmonstar/reqwest#2459</a>)</li> <li>Fix proxy to internally no longer cache system proxy settings (by <a href="https://github.com/lanyeeee"><code>@lanyeeee</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2442">seanmonstar/reqwest#2442</a>)</li> <li>Fix <code>connection_verbose()</code> to output read logs (by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2454">seanmonstar/reqwest#2454</a>)</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/lanyeeee"><code>@lanyeeee</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2442">seanmonstar/reqwest#2442</a></li> <li><a href="https://github.com/ksenia-vazhdaeva"><code>@ksenia-vazhdaeva</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2433">seanmonstar/reqwest#2433</a></li> <li><a href="https://github.com/Mr-Pine"><code>@Mr-Pine</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2459">seanmonstar/reqwest#2459</a></li> <li><a href="https://github.com/stevefan1999-personal"><code>@stevefan1999-personal</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2447">seanmonstar/reqwest#2447</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.8...v0.12.9">https://github.com/seanmonstar/reqwest/compare/v0.12.8...v0.12.9</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p> <blockquote> <h2>v0.12.9</h2> <ul> <li>Add <code>tls::CertificateRevocationLists</code> support.</li> <li>Add crate features to enable webpki roots without selecting a rustls provider.</li> <li>Fix <code>connection_verbose()</code> to output read logs.</li> <li>Fix <code>multipart::Part::file()</code> to automatically include content-length.</li> <li>Fix proxy to internally no longer cache system proxy settings.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
3bb97c4513 |
build(deps): Bump floki from 0.36.3 to 0.37.0 in /elixir (#7787)
Bumps [floki](https://github.com/philss/floki) from 0.36.3 to 0.37.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/philss/floki/releases">floki's releases</a>.</em></p> <blockquote> <h2>v0.37.0</h2> <h2>Added</h2> <ul> <li>Add <a href="https://hexdocs.pm/floki/0.37.0/Floki.html#css_escape/1"><code>Floki.css_escape/1</code></a> - thanks <a href="https://github.com/SteffenDE"><code>@SteffenDE</code></a>.</li> </ul> <h2>Fixed</h2> <ul> <li>Fix bug propagating identity encoder in <code>raw_html/2</code> - thanks <a href="https://github.com/andyleclair"><code>@andyleclair</code></a>.</li> </ul> <h2>Removed</h2> <ul> <li>Remove support for Elixir 1.13 and OTP 22.</li> </ul> <h2>Pull requests</h2> <ul> <li>Drop support for Elixir 1.13 by <a href="https://github.com/philss"><code>@philss</code></a> in <a href="https://redirect.github.com/philss/floki/pull/595">philss/floki#595</a></li> <li>Bump credo from 1.7.8 to 1.7.9 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/philss/floki/pull/596">philss/floki#596</a></li> <li>Bump credo from 1.7.9 to 1.7.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/philss/floki/pull/597">philss/floki#597</a></li> <li>Bump fast_html from 2.3.0 to 2.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/philss/floki/pull/599">philss/floki#599</a></li> <li>Bump dialyxir from 1.4.4 to 1.4.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/philss/floki/pull/600">philss/floki#600</a></li> <li>Bump ex_doc from 0.34.2 to 0.35.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/philss/floki/pull/602">philss/floki#602</a></li> <li>Fix bug propagating identity encoder in <code>raw_html/2</code> by <a href="https://github.com/andyleclair"><code>@andyleclair</code></a> in <a href="https://redirect.github.com/philss/floki/pull/603">philss/floki#603</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/andyleclair"><code>@andyleclair</code></a> made their first contribution in <a href="https://redirect.github.com/philss/floki/pull/603">philss/floki#603</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/philss/floki/compare/v0.36.3...v0.37.0">https://github.com/philss/floki/compare/v0.36.3...v0.37.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/philss/floki/blob/main/CHANGELOG.md">floki's changelog</a>.</em></p> <blockquote> <h2>[0.37.0] - 2024-12-06</h2> <h3>Added</h3> <ul> <li>Add <code>Floki.css_escape/1</code> - thanks <a href="https://github.com/SteffenDE"><code>@SteffenDE</code></a>.</li> </ul> <h3>Fixed</h3> <ul> <li>Fix bug propagating identity encoder in <code>raw_html/2</code> - thanks <a href="https://github.com/andyleclair"><code>@andyleclair</code></a>.</li> </ul> <h3>Removed</h3> <ul> <li>Remove support for Elixir 1.13 and OTP 22.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
0b2fdac500 |
build(deps-dev): Bump dialyxir from 1.4.3 to 1.4.5 in /elixir (#7786)
Bumps [dialyxir](https://github.com/jeremyjh/dialyxir) from 1.4.3 to 1.4.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jeremyjh/dialyxir/releases">dialyxir's releases</a>.</em></p> <blockquote> <h2>1.4.5</h2> <h3>Fixed</h3> <ul> <li>Crash when default ignore file missing and custom file specified</li> <li>Revert format option ignore_file_string to ignore_file_strict</li> </ul> <h2>1.4.4</h2> <h3>Fixed</h3> <ul> <li>Invalid contract formatting failed on OTP 26 & later.</li> <li>Empty ignore files are ignored.</li> <li>Several improvements and corrections to documentation.</li> </ul> <h3>Changed</h3> <ul> <li>Updated Erlex minimum version to 0.27, bringing in several fixes and improvements.</li> </ul> <h3>Added</h3> <ul> <li>Multiple formatters can be used in the same invocation.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jeremyjh/dialyxir/blob/master/CHANGELOG.md">dialyxir's changelog</a>.</em></p> <blockquote> <h2>Unreleased changes post [1.4.5]</h2> <h2>[1.4.5] - 2024-11-17</h2> <h3>Fixed</h3> <ul> <li>Crash when default ignore file missing and custom file specified</li> <li>Revert format option ignore_file_string to ignore_file_strict</li> </ul> <h2>[1.4.4] - 2024-09-28</h2> <h3>Fixed</h3> <ul> <li>Invalid contract formatting failed on OTP 26 & later.</li> <li>Empty ignore files are ignored.</li> <li>Several improvements and corrections to documentation.</li> </ul> <h3>Changed</h3> <ul> <li>Updated Erlex minimum version to 0.27, bringing in several fixes and improvements.</li> </ul> <h3>Added</h3> <ul> <li>Multiple formatters can be used in the same invocation.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
bdc4711fd7 |
build(deps): Bump the google group in /terraform/environments/staging with 2 updates (#7775)
Bumps the google group in /terraform/environments/staging with 2 updates: [hashicorp/google](https://github.com/hashicorp/terraform-provider-google) and [hashicorp/google-beta](https://github.com/hashicorp/terraform-provider-google-beta). Updates `hashicorp/google` from 6.12.0 to 6.16.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/terraform-provider-google/releases">hashicorp/google's releases</a>.</em></p> <blockquote> <h2>v6.16.0</h2> <p>FEATURES:</p> <ul> <li><strong>New Resource:</strong> <code>google_beyondcorp_security_gateway</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20844">#20844</a>)</li> <li><strong>New Resource:</strong> <code>google_developer_connect_connection</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20823">#20823</a>)</li> <li><strong>New Resource:</strong> <code>google_developer_connect_git_repository_link</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20823">#20823</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>compute: promoted <code>standby_policy</code>, <code>target_suspended_size</code>, and <code>target_stopped_size</code> fields in <code>google_compute_region_instance_group_manager</code> and <code>google_compute_instance_group_manager</code> resource from beta to ga (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20821">#20821</a>)</li> <li>dns: added <code>health_check</code> and <code>external_endpoints</code> fields to <code>google_dns_record_set</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20843">#20843</a>)</li> <li>sql: added <code>server_ca_pool</code> field to <code>google_sql_database_instance</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20834">#20834</a>)</li> <li>vmwareengine: allowed import of non-STANDARD private clouds in <code>google_vmwareengine_private_cloud</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20832">#20832</a>)</li> </ul> <p>BUG FIXES:</p> <ul> <li>dataproc: fixed boolean fields in <code>shielded_instance_config</code> in the <code>google_dataproc_cluster</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20828">#20828</a>)</li> <li>gkeonprem: fixed permadiff on <code>vcenter</code> field in <code>google_gkeonprem_vmware_cluster</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20837">#20837</a>)</li> <li>networkservices: fixed <code>google_network_services_gateway</code> resource so that it correctly waits for the router to be deleted on <code>terraform destroy</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20817">#20817</a>)</li> <li>provider: fixed issue where <code>GOOGLE_CLOUD_QUOTA_PROJECT</code> env var would override explicit <code>billing_project</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20839">#20839</a>)</li> </ul> <h2>v6.15.0</h2> <p>NOTES:</p> <ul> <li>compute: <code>google_compute_firewall_policy_association</code> now uses MMv1 engine instead of DCL. (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20744">#20744</a>)</li> </ul> <p>DEPRECATIONS:</p> <ul> <li>compute: deprecated <code>numeric_id</code> (string) field in <code>google_compute_network</code> resource. Use the new <code>network_id</code> (integer) field instead (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20698">#20698</a>)</li> </ul> <p>FEATURES:</p> <ul> <li><strong>New Data Source:</strong> <code>google_gke_hub_feature</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20721">#20721</a>)</li> <li><strong>New Resource:</strong> <code>google_storage_folder</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20767">#20767</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>artifactregistry: added <code>vulnerability_scanning_config</code> field to <code>google_artifact_registry_repository</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20726">#20726</a>)</li> <li>backupdr: promoted datasource <code>google_backup_dr_backup</code> to ga (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20677">#20677</a>)</li> <li>backupdr: promoted datasource <code>google_backup_dr_data_source</code> to ga (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20677">#20677</a>)</li> <li>bigquery: added <code>condition</code> field to <code>google_bigquery_dataset_access</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20707">#20707</a>)</li> <li>bigquery: added <code>condition</code> field to <code>google_bigquery_dataset</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20707">#20707</a>)</li> <li>composer: added <code>airflow_metadata_retention_config</code> field to <code>google_composer_environment</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20769">#20769</a>)</li> <li>compute: added back the validation for <code>target_service</code> field on the <code>google_compute_service_attachment</code> resource to validade a <code>ForwardingRule</code> or <code>Gateway</code> URL (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20711">#20711</a>)</li> <li>compute: added <code>availability_domain</code> field to <code>google_compute_instance</code>, <code>google_compute_instance_template</code> and <code>google_compute_region_instance_template</code> resources (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20694">#20694</a>)</li> <li>compute: added <code>network_id</code> (integer) field to <code>google_compute_network</code> resource and data source (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20698">#20698</a>)</li> <li>compute: added <code>preset_topology</code> field to <code>google_network_connectivity_hub</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20720">#20720</a>)</li> <li>compute: added <code>subnetwork_id</code> field to <code>google_compute_subnetwork</code> data source (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20666">#20666</a>)</li> <li>compute: made setting resource policies for <code>google_compute_instance</code> outside of terraform or using <code>google_compute_disk_resource_policy_attachment</code> no longer affect the <code>boot_disk.initialize_params.resource_policies</code> field (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20764">#20764</a>)</li> <li>container: changed <code>google_container_cluster</code> to apply maintenance policy updates after upgrades during cluster update (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20708">#20708</a>)</li> <li>container: made nodepool concurrent operations scale better for <code>google_container_cluster</code> and <code>google_container_node_pool</code> resources (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20738">#20738</a>)</li> <li>datastream: added <code>gtid</code> and <code>binary_log_position</code> fields to <code>google_datastream_stream</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20777">#20777</a>)</li> <li>developerconnect: added support for setting up a <code>google_developer_connect_connection</code> resource without specifying the <code>authorizer_credentials</code> field (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20756">#20756</a>)</li> <li>filestore: added <code>tags</code> field to <code>google_filestore_backup</code> to allow setting tags for backups at creation time (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20718">#20718</a>)</li> <li>networkconnectivity: added <code>group</code> field to <code>google_network_connectivity_spoke</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20689">#20689</a>)</li> <li>networkmanagement: promoted <code>google_network_management_vpc_flow_logs_config</code> resource to ga (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20701">#20701</a>)</li> <li>parallelstore: added <code>deployment_type</code> field to <code>google_parallelstore_instance</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20785">#20785</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/terraform-provider-google/blob/main/CHANGELOG.md">hashicorp/google's changelog</a>.</em></p> <blockquote> <h2>6.16.0 (January 13, 2025)</h2> <p>FEATURES:</p> <ul> <li><strong>New Resource:</strong> <code>google_beyondcorp_security_gateway</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20844">#20844</a>)</li> <li><strong>New Resource:</strong> <code>google_developer_connect_connection</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20823">#20823</a>)</li> <li><strong>New Resource:</strong> <code>google_developer_connect_git_repository_link</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20823">#20823</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>compute: promoted <code>standby_policy</code>, <code>target_suspended_size</code>, and <code>target_stopped_size</code> fields in <code>google_compute_region_instance_group_manager</code> and <code>google_compute_instance_group_manager</code> resource from beta to ga (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20821">#20821</a>)</li> <li>dns: added <code>health_check</code> and <code>external_endpoints</code> fields to <code>google_dns_record_set</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20843">#20843</a>)</li> <li>sql: added <code>server_ca_pool</code> field to <code>google_sql_database_instance</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20834">#20834</a>)</li> <li>vmwareengine: allowed import of non-STANDARD private clouds in <code>google_vmwareengine_private_cloud</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20832">#20832</a>)</li> </ul> <p>BUG FIXES:</p> <ul> <li>dataproc: fixed boolean fields in <code>shielded_instance_config</code> in the <code>google_dataproc_cluster</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20828">#20828</a>)</li> <li>gkeonprem: fixed permadiff on <code>vcenter</code> field in <code>google_gkeonprem_vmware_cluster</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20837">#20837</a>)</li> <li>networkservices: fixed <code>google_network_services_gateway</code> resource so that it correctly waits for the router to be deleted on <code>terraform destroy</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20817">#20817</a>)</li> <li>provider: fixed issue where <code>GOOGLE_CLOUD_QUOTA_PROJECT</code> env var would override explicit <code>billing_project</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20839">#20839</a>)</li> </ul> <h2>6.15.0 (January 6, 2025)</h2> <p>NOTES:</p> <ul> <li>compute: <code>google_compute_firewall_policy_association</code> now uses MMv1 engine instead of DCL. (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20744">#20744</a>)</li> </ul> <p>DEPRECATIONS:</p> <ul> <li>compute: deprecated <code>numeric_id</code> (string) field in <code>google_compute_network</code> resource. Use the new <code>network_id</code> (integer) field instead (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20698">#20698</a>)</li> </ul> <p>FEATURES:</p> <ul> <li><strong>New Data Source:</strong> <code>google_gke_hub_feature</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20721">#20721</a>)</li> <li><strong>New Resource:</strong> <code>google_storage_folder</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20767">#20767</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>artifactregistry: added <code>vulnerability_scanning_config</code> field to <code>google_artifact_registry_repository</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20726">#20726</a>)</li> <li>backupdr: promoted datasource <code>google_backup_dr_backup</code> to ga (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20677">#20677</a>)</li> <li>backupdr: promoted datasource <code>google_backup_dr_data_source</code> to ga (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20677">#20677</a>)</li> <li>bigquery: added <code>condition</code> field to <code>google_bigquery_dataset_access</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20707">#20707</a>)</li> <li>bigquery: added <code>condition</code> field to <code>google_bigquery_dataset</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20707">#20707</a>)</li> <li>composer: added <code>airflow_metadata_retention_config</code> field to <code>google_composer_environment</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20769">#20769</a>)</li> <li>compute: added back the validation for <code>target_service</code> field on the <code>google_compute_service_attachment</code> resource to validade a <code>ForwardingRule</code> or <code>Gateway</code> URL (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20711">#20711</a>)</li> <li>compute: added <code>availability_domain</code> field to <code>google_compute_instance</code>, <code>google_compute_instance_template</code> and <code>google_compute_region_instance_template</code> resources (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20694">#20694</a>)</li> <li>compute: added <code>network_id</code> (integer) field to <code>google_compute_network</code> resource and data source (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20698">#20698</a>)</li> <li>compute: added <code>preset_topology</code> field to <code>google_network_connectivity_hub</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20720">#20720</a>)</li> <li>compute: added <code>subnetwork_id</code> field to <code>google_compute_subnetwork</code> data source (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20666">#20666</a>)</li> <li>compute: made setting resource policies for <code>google_compute_instance</code> outside of terraform or using <code>google_compute_disk_resource_policy_attachment</code> no longer affect the <code>boot_disk.initialize_params.resource_policies</code> field (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20764">#20764</a>)</li> <li>container: changed <code>google_container_cluster</code> to apply maintenance policy updates after upgrades during cluster update (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20708">#20708</a>)</li> <li>container: made nodepool concurrent operations scale better for <code>google_container_cluster</code> and <code>google_container_node_pool</code> resources (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20738">#20738</a>)</li> <li>datastream: added <code>gtid</code> and <code>binary_log_position</code> fields to <code>google_datastream_stream</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20777">#20777</a>)</li> <li>developerconnect: added support for setting up a <code>google_developer_connect_connection</code> resource without specifying the <code>authorizer_credentials</code> field (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20756">#20756</a>)</li> <li>filestore: added <code>tags</code> field to <code>google_filestore_backup</code> to allow setting tags for backups at creation time (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20718">#20718</a>)</li> <li>networkconnectivity: added <code>group</code> field to <code>google_network_connectivity_spoke</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/20689">#20689</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
87d44518e2 |
build(deps): Bump cyrilgdn/postgresql from 1.24.0 to 1.25.0 in /terraform/environments/staging (#7778)
Bumps [cyrilgdn/postgresql](https://github.com/cyrilgdn/terraform-provider-postgresql) from 1.24.0 to 1.25.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cyrilgdn/terraform-provider-postgresql/releases">cyrilgdn/postgresql's releases</a>.</em></p> <blockquote> <h2>v1.25.0</h2> <h2>What's Changed</h2> <h3>Features</h3> <ul> <li><strong>New resource</strong>: <code>postgresql_security_label</code> by <a href="https://github.com/stanleyz"><code>@stanleyz</code></a> in <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/pull/482">cyrilgdn/terraform-provider-postgresql#482</a></li> <li><strong>Provider configuration</strong>: Add support for assuming an AWS IAM role from the provider. by <a href="https://github.com/zizzencs"><code>@zizzencs</code></a> in <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/pull/486">cyrilgdn/terraform-provider-postgresql#486</a></li> </ul> <h3>Fixes</h3> <ul> <li><code>postgresql_grant</code>: Fix cyrilgdn#321 replaces postgresql_grant all the time. by <a href="https://github.com/PabloAzNR"><code>@PabloAzNR</code></a> in <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/pull/476">cyrilgdn/terraform-provider-postgresql#476</a></li> <li><code>postgresql_grant</code> / <code>postgresql_default_privileges</code>: Fix <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/issues/32">#32</a> <code>ALL</code> privileges by <a href="https://github.com/talbx"><code>@talbx</code></a> in <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/pull/339">cyrilgdn/terraform-provider-postgresql#339</a></li> </ul> <h3>Documentation / Development</h3> <ul> <li>Tests: Remove Postrges 11 from tests matrix by <a href="https://github.com/cyrilgdn"><code>@cyrilgdn</code></a> in <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/pull/485">cyrilgdn/terraform-provider-postgresql#485</a></li> <li>Update documentation for postgresql_default_privileges resource by <a href="https://github.com/caodangtinh"><code>@caodangtinh</code></a> in <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/pull/468">cyrilgdn/terraform-provider-postgresql#468</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/PabloAzNR"><code>@PabloAzNR</code></a> made their first contribution in <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/pull/476">cyrilgdn/terraform-provider-postgresql#476</a></li> <li><a href="https://github.com/talbx"><code>@talbx</code></a> made their first contribution in <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/pull/339">cyrilgdn/terraform-provider-postgresql#339</a></li> <li><a href="https://github.com/stanleyz"><code>@stanleyz</code></a> made their first contribution in <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/pull/482">cyrilgdn/terraform-provider-postgresql#482</a></li> <li><a href="https://github.com/zizzencs"><code>@zizzencs</code></a> made their first contribution in <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/pull/486">cyrilgdn/terraform-provider-postgresql#486</a></li> <li><a href="https://github.com/caodangtinh"><code>@caodangtinh</code></a> made their first contribution in <a href="https://redirect.github.com/cyrilgdn/terraform-provider-postgresql/pull/468">cyrilgdn/terraform-provider-postgresql#468</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/cyrilgdn/terraform-provider-postgresql/compare/v1.24.0...v1.25.0">https://github.com/cyrilgdn/terraform-provider-postgresql/compare/v1.24.0...v1.25.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Jamil
|
603a64435e |
chore(portal): use appropriate sha in dev (#7782)
Not a huge deal, but this doesn't actually need to be a valid SHA and this is more clear / has no risk of collision with an actual git sha. |
||
|
Jamil
|
d07ef17b52 |
fix(website): Use relative hrefs for downloads on changelog (#7784)
These weren't being loaded correctly for Android and Apple, and are now updated to use relative paths. |
||
|
Jamil
|
53032fcbe1 |
fix(ci): Populate elixir vsn from env at build time (#7773)
Dependabot's workflow is set up in such a way it seems that it can't find our `sha.exs` file. This is a cleaner approach that doesn't rely on using external files for the application version. Interesting note: `mix compile` will happily use the cached `version` even though it's computed from an env var, because `mix compile` uses file hash and mtime to know when to recompile. See https://github.com/firezone/firezone/network/updates/942719116 |
||
|
dependabot[bot]
|
ce2de2ec8d |
build(deps): Bump tauri from 2.2.1 to 2.2.2 in /rust in the tauri group (#7776)
Bumps the tauri group in /rust with 1 update: [tauri](https://github.com/tauri-apps/tauri). Updates `tauri` from 2.2.1 to 2.2.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases">tauri's releases</a>.</em></p> <blockquote> <h2>tauri-cli v2.2.2</h2> <!-- raw HTML omitted --> <pre><code>Updating git repository `https://github.com/tauri-apps/schemars.git` Updating crates.io index Locking 1041 packages to latest compatible versions Adding apple-codesign v0.27.0 (available: v0.29.0) Adding axum v0.7.9 (available: v0.8.1) Adding cargo_toml v0.17.2 (available: v0.21.0) Adding html5ever v0.26.0 (available: v0.29.0) Adding hyper v0.14.32 (available: v1.5.2) Adding itertools v0.13.0 (available: v0.14.0) Adding minisign v0.7.3 (available: v0.7.9) Adding oxc_allocator v0.36.0 (available: v0.44.0) Adding oxc_ast v0.36.0 (available: v0.44.0) Adding oxc_parser v0.36.0 (available: v0.44.0) Adding oxc_span v0.36.0 (available: v0.44.0) Adding proc-macro-crate v2.0.0 (available: v2.0.2) Adding serialize-to-javascript v0.1.1 (available: v0.1.2) Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2) Adding tauri-utils v1.6.0 (available: v1.6.1) Adding tiny_http v0.11.0 (available: v0.12.0) Adding x509-certificate v0.23.1 (available: v0.24.0) Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 724 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1066 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Dependency tree: atk 0.18.2 └── gtk 0.18.2 ├── wry 0.48.0 │ └── tauri-runtime-wry 2.3.0 │ └── tauri 2.2.0 │ ├── tauri-plugin-sample 0.1.0 │ │ └── api 0.1.0 │ ├── tauri-plugin-log 2.2.0 │ │ └── api 0.1.0 │ ├── tauri-file-associations-demo 0.1.0 │ ├── tauri 2.2.0 │ ├── restart 0.1.0 │ ├── resources 0.1.0 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
81cbaefc84 |
build(deps): Bump glob from 0.3.1 to 0.3.2 in /rust (#7779)
Bumps [glob](https://github.com/rust-lang/glob) from 0.3.1 to 0.3.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/glob/releases">glob's releases</a>.</em></p> <blockquote> <h2>v0.3.2</h2> <h2>What's Changed</h2> <ul> <li>Add fs::symlink_metadata to detect broken symlinks by <a href="https://github.com/kyoheiu"><code>@kyoheiu</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/105">rust-lang/glob#105</a></li> <li>Add support for windows verbatim disk paths by <a href="https://github.com/nico-abram"><code>@nico-abram</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/112">rust-lang/glob#112</a></li> <li>Respect <code>require_literal_leading_dot</code> option in <code>glob_with</code> method for path components by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/128">rust-lang/glob#128</a></li> <li>Harden tests for symlink by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/127">rust-lang/glob#127</a></li> <li>Remove "extern crate" directions from README by <a href="https://github.com/zmitchell"><code>@zmitchell</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/131">rust-lang/glob#131</a></li> <li>Add FIXME for tempdir by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/126">rust-lang/glob#126</a></li> <li>Cache information about file type by <a href="https://github.com/Kobzol"><code>@Kobzol</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/135">rust-lang/glob#135</a></li> <li>Document the behaviour of ** with files by <a href="https://github.com/Wilfred"><code>@Wilfred</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/138">rust-lang/glob#138</a></li> <li>Add dependabot by <a href="https://github.com/oriontvv"><code>@oriontvv</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/139">rust-lang/glob#139</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/140">rust-lang/glob#140</a></li> <li>Check only (no longer test) at the MSRV by <a href="https://github.com/tgross35"><code>@tgross35</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/151">rust-lang/glob#151</a></li> <li>Add release-plz for automated releases by <a href="https://github.com/tgross35"><code>@tgross35</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/150">rust-lang/glob#150</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/kyoheiu"><code>@kyoheiu</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/105">rust-lang/glob#105</a></li> <li><a href="https://github.com/nico-abram"><code>@nico-abram</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/112">rust-lang/glob#112</a></li> <li><a href="https://github.com/zmitchell"><code>@zmitchell</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/131">rust-lang/glob#131</a></li> <li><a href="https://github.com/Kobzol"><code>@Kobzol</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/135">rust-lang/glob#135</a></li> <li><a href="https://github.com/Wilfred"><code>@Wilfred</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/138">rust-lang/glob#138</a></li> <li><a href="https://github.com/oriontvv"><code>@oriontvv</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/139">rust-lang/glob#139</a></li> <li><a href="https://github.com/dependabot"><code>@dependabot</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/140">rust-lang/glob#140</a></li> <li><a href="https://github.com/tgross35"><code>@tgross35</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/151">rust-lang/glob#151</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/glob/compare/0.3.1...v0.3.2">https://github.com/rust-lang/glob/compare/0.3.1...v0.3.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/glob/blob/master/CHANGELOG.md">glob's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/rust-lang/glob/compare/v0.3.1...v0.3.2">0.3.2</a> - 2024-12-28</h2> <h2>What's Changed</h2> <ul> <li>Add fs::symlink_metadata to detect broken symlinks by <a href="https://github.com/kyoheiu"><code>@kyoheiu</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/105">rust-lang/glob#105</a></li> <li>Add support for windows verbatim disk paths by <a href="https://github.com/nico-abram"><code>@nico-abram</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/112">rust-lang/glob#112</a></li> <li>Respect <code>require_literal_leading_dot</code> option in <code>glob_with</code> method for path components by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/128">rust-lang/glob#128</a></li> <li>Harden tests for symlink by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/127">rust-lang/glob#127</a></li> <li>Remove "extern crate" directions from README by <a href="https://github.com/zmitchell"><code>@zmitchell</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/131">rust-lang/glob#131</a></li> <li>Add FIXME for tempdir by <a href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/126">rust-lang/glob#126</a></li> <li>Cache information about file type by <a href="https://github.com/Kobzol"><code>@Kobzol</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/135">rust-lang/glob#135</a></li> <li>Document the behaviour of ** with files by <a href="https://github.com/Wilfred"><code>@Wilfred</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/138">rust-lang/glob#138</a></li> <li>Add dependabot by <a href="https://github.com/oriontvv"><code>@oriontvv</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/139">rust-lang/glob#139</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/140">rust-lang/glob#140</a></li> <li>Check only (no longer test) at the MSRV by <a href="https://github.com/tgross35"><code>@tgross35</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/151">rust-lang/glob#151</a></li> <li>Add release-plz for automated releases by <a href="https://github.com/tgross35"><code>@tgross35</code></a> in <a href="https://redirect.github.com/rust-lang/glob/pull/150">rust-lang/glob#150</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/kyoheiu"><code>@kyoheiu</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/105">rust-lang/glob#105</a></li> <li><a href="https://github.com/nico-abram"><code>@nico-abram</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/112">rust-lang/glob#112</a></li> <li><a href="https://github.com/zmitchell"><code>@zmitchell</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/131">rust-lang/glob#131</a></li> <li><a href="https://github.com/Kobzol"><code>@Kobzol</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/135">rust-lang/glob#135</a></li> <li><a href="https://github.com/Wilfred"><code>@Wilfred</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/138">rust-lang/glob#138</a></li> <li><a href="https://github.com/oriontvv"><code>@oriontvv</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/139">rust-lang/glob#139</a></li> <li><a href="https://github.com/dependabot"><code>@dependabot</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/140">rust-lang/glob#140</a></li> <li><a href="https://github.com/tgross35"><code>@tgross35</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/glob/pull/151">rust-lang/glob#151</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/glob/compare/0.3.1...0.3.2">https://github.com/rust-lang/glob/compare/0.3.1...0.3.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
d47a1fb633 |
build(deps): Bump env_logger from 0.11.5 to 0.11.6 in /rust (#7780)
Bumps [env_logger](https://github.com/rust-cli/env_logger) from 0.11.5 to 0.11.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-cli/env_logger/releases">env_logger's releases</a>.</em></p> <blockquote> <h2>v0.11.6</h2> <h2>[0.11.6] - 2024-12-20</h2> <h3>Features</h3> <ul> <li>Opt-in file and line rendering</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md">env_logger's changelog</a>.</em></p> <blockquote> <h2>[0.11.6] - 2024-12-20</h2> <h3>Features</h3> <ul> <li>Opt-in file and line rendering</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Jamil
|
2d0fafbc59 |
chore(ci): Use consistent casing for Docker directives (#7781)
``` => WARN: FromAsCasing: 'as' and 'FROM' keywords' casing do not match (line 258) ``` |
||
|
Thomas Eizinger
|
081216a929 |
fix(connlib): don't drop unsent datagrams (#7768)
We introduced a regression in `connlib` in #7749 whereby queued but
unsent datagrams got dropped in case the socket was not ready to send
more data.
This happens because within `Io`, we pull each datagram one by one from
the iterator:
|
||
|
Jamil
|
10847fd549 |
fix(apple): Use Task.detached when starting from MainActor (#7766)
When starting a Task, by default it's launched with the same priority as the calling code. In the UI these are run on the `MainActor` with highest priority by default. If the worker thread running the Task closure gets blocked, it will cause the UI to hang. To fix this, we use `Task.detached` which runs the closure without a specific priority, which is lower than the UI thread. Furthermore, `weak self` is used to prevent retain cycles if the parent thread `deinit`s. This was causing an issue primarily when making IPC calls because those will sometimes hang until the XPC service is launched for the first time. --------- Signed-off-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
dependabot[bot]
|
e4cfe6d5a2 |
build(deps): Bump keyring from 3.4.0 to 3.6.1 in /rust (#7744)
Bumps [keyring](https://github.com/hwchen/keyring-rs) from 3.4.0 to 3.6.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hwchen/keyring-rs/releases">keyring's releases</a>.</em></p> <blockquote> <h2>v3.6.1: Update dependencies</h2> <p>Two of the dependencies (<code>openssl</code> and <code>whoami</code>) were discovered to have vulnerabilities which were fixed in minor or patch releases. This crate has been updated to insist that the minor/patch release number of these dependencies is high enough to ensure use of a patched version.</p> <p>There is no reason to think that the vulnerabilities in these dependencies could have been exercised through this crate. In addition, builds of clients done after the dependencies were patched would have already picked up the non-vulnerable versions. So this change is simply to ensure that future builds cannot use the vulnerable versions.</p> <p>There are no code changes in this release.</p> <h2>v3.6.0: Add new combination keystore</h2> <p>This release contains a new credential store for Linux: a combination of keyutils (for use by headless processes) and secret service (for persistence of credentials beyond reboot). Thanks very much to <a href="https://github.com/soywod"><code>@soywod</code></a> for the contribution!</p> <h2>v3.5.0: Add debug logging of internal operations</h2> <ul> <li>Add debug logging of internal operations (thanks to <a href="https://github.com/soywod"><code>@soywod</code></a>).</li> <li>Revert iOS security-framework dependency to v2 (see <a href="https://redirect.github.com/hwchen/keyring-rs/issues/225">#225</a>).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hwchen/keyring-rs/blob/master/CHANGELOG.md">keyring's changelog</a>.</em></p> <blockquote> <h2>Version 3.6.0</h2> <ul> <li>Add combination keystore of keyutils and secret service (thanks to <a href="https://github.com/soywod"><code>@soywod</code></a>).</li> </ul> <h2>Version 3.5.0</h2> <ul> <li>Add debug logging of internal operations (thanks to <a href="https://github.com/soywod"><code>@soywod</code></a>).</li> <li>Revert iOS security-framework dependency to v2 (see <a href="https://redirect.github.com/hwchen/keyring-rs/issues/225">#225</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Jamil
|
81615dfef8 |
Revert "refactor(apple): Use kSecUseDataProtectionKeychain for token" (#7765)
After reading through this [Apple technical note](https://developer.apple.com/documentation/technotes/tn3137-on-mac-keychains), it's clear that we want to actually omit this key from our keychain queries. The reason is because: - on iOS, this will be already set (there is no other option) - on macOS, the data protection keychain is *unavailable* from system extensions After testing, it appears that the original issue that PR sought to fix was actually fixed by always installing the correct system extension version: #7759. Reverts firezone/firezone#7756 |
||
|
Jamil
|
854436b1a0 |
fix(apple): Don't log certain security errors in debug (#7764)
When building / testing the Apple clients locally, OS code signing and security requirements can cause certain types of errors to throw. We still want to see these in the console, but not necessary capture them to Sentry. |
||
|
Brian Manifold
|
430b32324a |
fix(portal): Update IDP sync error email threshold (#7757)
Why: * An IdP sync can fail for different reasons and because of this we previously put a threshold on when to send the first 'IdP sync failed' email, which was set at 10 failed sync attempts. One thing that was accidentally overlooked was that on one specific failure type (i.e. 401 - Unauthorized) the Firezone sync was automatically disabled and not tried from that point forward. Unfortunately, that meant an email did not get sent out because the threshold was not met. This PR resolves that by making sure the 401 error will send out an email immediately, while keeping the 10 failed sync threshold for all other errors. Closes: #7725 |
||
|
Jamil
|
55485c71e6 |
fix(apple/macOS): Don't log notificationsNotAllowed (#7762)
This can happen if the user hasn't granted notifications and isn't worth reporting. |
||
|
Thomas Eizinger
|
01c1e629d2 |
test(connlib): ensure that we never want a time in the past (#7760)
In #7758, we fix `connlib`s event-loop to always provide the current time to the state machine rather than the one that was requested (which may be in the past). Even though this is already fairly resilient, we should never request a time in the past. This patch adds this as an assertion to our test suite. |