scottk/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-03-22 07:41:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,066 Commits 1 Branch 0 Tags
5db8e20f3bb01cc1ecc59f95afa2ff4f32ef683b
Commit Graph

2250 Commits

Author SHA1 Message Date
Jamil
5db8e20f3b chore: release Apple and GUI clients (#8882) 
- Apple clients 1.4.12
- GUI clients 1.4.11
 2025-04-21 21:45:16 +00:00
Jamil
368ace2c6e ci: Release Android 1.4.7 (#8878) 
App is live on Play store.
 2025-04-21 21:12:27 +00:00
Thomas Eizinger
4d20856d21 chore(connlib): record GRO batch-size as histogram metric (#8875) 
This will allow us to test, how many batches we typically read from the
UDP socket in a single syscall. Knowing that should help in profiling
#8874.
 2025-04-21 13:17:25 +00:00
dependabot[bot]
0ad7cc5b93 build(deps): bump log from 0.4.26 to 0.4.27 in /rust (#8870) 
Bumps [log](https://github.com/rust-lang/log) from 0.4.26 to 0.4.27.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/log/releases">log's
releases</a>.</em></p>
<blockquote>
<h2>0.4.27</h2>
<h2>What's Changed</h2>
<ul>
<li>A few minor lint fixes by <a
href="https://github.com/nyurik"><code>@​nyurik</code></a> in <a
href="https://redirect.github.com/rust-lang/log/pull/671">rust-lang/log#671</a></li>
<li>Enable clippy support for format-like macros by <a
href="https://github.com/nyurik"><code>@​nyurik</code></a> in <a
href="https://redirect.github.com/rust-lang/log/pull/665">rust-lang/log#665</a></li>
<li>Add an optional logger param by <a
href="https://github.com/tisonkun"><code>@​tisonkun</code></a> in <a
href="https://redirect.github.com/rust-lang/log/pull/664">rust-lang/log#664</a></li>
<li>Pass global logger by value, supplied logger by ref by <a
href="https://github.com/KodrAus"><code>@​KodrAus</code></a> in <a
href="https://redirect.github.com/rust-lang/log/pull/673">rust-lang/log#673</a></li>
<li>Prepare for 0.4.27 release by <a
href="https://github.com/KodrAus"><code>@​KodrAus</code></a> in <a
href="https://redirect.github.com/rust-lang/log/pull/674">rust-lang/log#674</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/rust-lang/log/compare/0.4.26...0.4.27">https://github.com/rust-lang/log/compare/0.4.26...0.4.27</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/log/blob/master/CHANGELOG.md">log's
changelog</a>.</em></p>
<blockquote>
<h2>[0.4.27] - 2025-03-24</h2>
<h3>What's Changed</h3>
<ul>
<li>A few minor lint fixes by <a
href="https://github.com/nyurik"><code>@​nyurik</code></a> in <a
href="https://redirect.github.com/rust-lang/log/pull/671">rust-lang/log#671</a></li>
<li>Enable clippy support for format-like macros by <a
href="https://github.com/nyurik"><code>@​nyurik</code></a> in <a
href="https://redirect.github.com/rust-lang/log/pull/665">rust-lang/log#665</a></li>
<li>Add an optional logger param by <a
href="https://github.com/tisonkun"><code>@​tisonkun</code></a> in <a
href="https://redirect.github.com/rust-lang/log/pull/664">rust-lang/log#664</a></li>
<li>Pass global logger by value, supplied logger by ref by <a
href="https://github.com/KodrAus"><code>@​KodrAus</code></a> in <a
href="https://redirect.github.com/rust-lang/log/pull/673">rust-lang/log#673</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/rust-lang/log/compare/0.4.26...0.4.27">https://github.com/rust-lang/log/compare/0.4.26...0.4.27</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="35161d0d25"><code>35161d0</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/log/issues/674">#674</a>
from rust-lang/cargo/0.4.27</li>
<li><a
href="cc131ef268"><code>cc131ef</code></a>
prepare for 0.4.27 release</li>
<li><a
href="ea6f54d395"><code>ea6f54d</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/log/issues/673">#673</a>
from rust-lang/feat/logger-by-ref</li>
<li><a
href="d229c7355b"><code>d229c73</code></a>
fix unclosed code block</li>
<li><a
href="02486e458c"><code>02486e4</code></a>
fill in more tests for logger argument</li>
<li><a
href="71e034ffa6"><code>71e034f</code></a>
expand logger tests</li>
<li><a
href="dfa067e65c"><code>dfa067e</code></a>
fix up kv passing</li>
<li><a
href="39d4c3ab88"><code>39d4c3a</code></a>
run fmt</li>
<li><a
href="7aacc8fea3"><code>7aacc8f</code></a>
pass global logger by value, supplied logger by ref</li>
<li><a
href="a438c6ed08"><code>a438c6e</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/log/issues/664">#664</a>
from tisonkun/logger-field</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-lang/log/compare/0.4.26...0.4.27">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=log&package-manager=cargo&previous-version=0.4.26&new-version=0.4.27)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-21 12:19:13 +00:00
dependabot[bot]
04a3cf1a33 build(deps): bump keyring from 3.6.1 to 3.6.2 in /rust (#8869) 
Bumps [keyring](https://github.com/hwchen/keyring-rs) from 3.6.1 to
3.6.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/hwchen/keyring-rs/releases">keyring's
releases</a>.</em></p>
<blockquote>
<h2>v3.6.2: better docs, lighter-weight tests</h2>
<p>Thanks to <a
href="https://github.com/unkcpz"><code>@​unkcpz</code></a>, this release
fully documents all the platform-specific modules in each platform on <a
href="https://docs.rs/keyring/latest/keyring/">docs.rs</a>.</p>
<p>The dev dependencies (used for testing) have been switched from using
<code>rand</code> to using the lighter-weight module
<code>fastrand</code>.</p>
<p>There are no functional code changes in this release, only test
changes.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/open-source-cooperative/keyring-rs/blob/master/CHANGELOG.md">keyring's
changelog</a>.</em></p>
<blockquote>
<h2>Version 3.6.2</h2>
<ul>
<li>Have docs.rs build docs for all modules on all platforms (thanks to
<a href="https://github.com/unkcpz"><code>@​unkcpz</code></a> - see <a
href="https://redirect.github.com/hwchen/keyring-rs/issues/235">#235</a>).</li>
<li>Switch to <code>fastrand</code> for tests (see <a
href="https://redirect.github.com/hwchen/keyring-rs/issues/237">#237</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ee3f80d0d3"><code>ee3f80d</code></a>
Merge pull request <a
href="https://redirect.github.com/hwchen/keyring-rs/issues/238">#238</a>
from brotskydotcom/issue-236</li>
<li><a
href="766c8bc4e6"><code>766c8bc</code></a>
Switch to using fastrand for testing.</li>
<li><a
href="f1b7ec192e"><code>f1b7ec1</code></a>
Merge pull request <a
href="https://redirect.github.com/hwchen/keyring-rs/issues/237">#237</a>
from unkcpz/fix/235/keyring-doc-xplat</li>
<li><a
href="09c9c0dd94"><code>09c9c0d</code></a>
using matrix for targets in doctest.yaml</li>
<li><a
href="307e575e2f"><code>307e575</code></a>
Move to doctest.yaml as ind CI and run inline from action</li>
<li><a
href="8a5c6dd838"><code>8a5c6dd</code></a>
fast-fail test-docsrs-build.sh</li>
<li><a
href="a40bd956fd"><code>a40bd95</code></a>
r-brot</li>
<li><a
href="ac2a3b474d"><code>ac2a3b4</code></a>
experiment doccfg with attr docrs</li>
<li><a
href="3d8da9603c"><code>3d8da96</code></a>
multi-target toolchain CI</li>
<li><a
href="a994584d9b"><code>a994584</code></a>
remove -Zbuild-std which not required on docs.rs</li>
<li>Additional commits viewable in <a
href="https://github.com/hwchen/keyring-rs/compare/v3.6.1...v3.6.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=keyring&package-manager=cargo&previous-version=3.6.1&new-version=3.6.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-21 12:19:09 +00:00
dependabot[bot]
23c0db825e build(deps): bump tauri from 2.5.0 to 2.5.1 in /rust in the tauri group (#8868) 
Bumps the tauri group in /rust with 1 update:
[tauri](https://github.com/tauri-apps/tauri).

Updates `tauri` from 2.5.0 to 2.5.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri's
releases</a>.</em></p>
<blockquote>
<h2>tauri-runtime v2.5.1</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1021 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding axum v0.7.9 (available: v0.8.3)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.1)
      Adding getrandom v0.2.15 (available: v0.3.2)
      Adding html5ever v0.26.0 (available: v0.30.0)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding oxc_allocator v0.36.0 (available: v0.61.2)
      Adding oxc_ast v0.36.0 (available: v0.61.2)
      Adding oxc_parser v0.36.0 (available: v0.61.2)
      Adding oxc_span v0.36.0 (available: v0.61.2)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rand v0.8.5 (available: v0.9.0)
      Adding rpm v0.16.0 (available: v0.17.0)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tauri-utils v1.6.0 (available: v1.6.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding webview2-com v0.36.0 (available: v0.37.0)
      Adding windows v0.60.0 (available: v0.61.1)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 748 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1046 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="766bccc341"><code>766bccc</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13243">#13243</a>)</li>
<li><a
href="31becbd1d1"><code>31becbd</code></a>
enhance(core): respect
<code>data-tauri-drag-region=&quot;false&quot;</code> (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13269">#13269</a>)</li>
<li><a
href="da2a6ae5e3"><code>da2a6ae</code></a>
fix(core): raw channel message type regression (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13268">#13268</a>)</li>
<li><a
href="87fdc3b9cd"><code>87fdc3b</code></a>
chore(deps): update rust crate jsonschema to 0.30 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13249">#13249</a>)</li>
<li><a
href="30e76c7d3a"><code>30e76c7</code></a>
chore(deps): update rust crate brotli to v8 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13264">#13264</a>)</li>
<li><a
href="85b1912529"><code>85b1912</code></a>
Make tauri-runtime-wry optional with features (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13241">#13241</a>)</li>
<li><a
href="82da4f17f5"><code>82da4f1</code></a>
fix(ci): ubuntu 20.04 no longer exists (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13240">#13240</a>)</li>
<li>See full diff in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-v2.5.0...tauri-v2.5.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tauri&package-manager=cargo&previous-version=2.5.0&new-version=2.5.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-21 12:19:07 +00:00
Thomas Eizinger
0a620d20ca build(rust): bump iana-time-zone (#8863) 
This eliminates one duplicate version of the `windows` crate in our
dependency tree.
 2025-04-20 22:59:22 +00:00
dependabot[bot]
80cf386a3a build(deps): bump tempfile from 3.13.0 to 3.19.1 in /rust (#8845) 
Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.13.0 to
3.19.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md">tempfile's
changelog</a>.</em></p>
<blockquote>
<h2>3.19.1</h2>
<ul>
<li>Don't unlink temporary files immediately on Windows (fixes <a
href="https://redirect.github.com/Stebalien/tempfile/issues/339">#339</a>).
Unfortunately, this seemed to corrupt the file object (possibly a
Windows kernel bug) in rare cases and isn't strictly speaking
necessary.</li>
</ul>
<h2>3.19.0</h2>
<ul>
<li>Remove direct dependency on <code>cfg-if</code>. It's still in the
tree, but we didn't really need to use it in this crate.</li>
<li>Add an unstable feature
(<code>unstable-windows-keep-open-tempfile</code>) to test a potential
fix to <a
href="https://redirect.github.com/Stebalien/tempfile/issues/339">#339</a>.</li>
</ul>
<h2>3.18.0</h2>
<ul>
<li>Update <code>rustix</code> to 1.0.0.</li>
<li>Make <code>NamedTempFile::persist_noclobber</code> atomic on Apple
operating systems. It's now atomic on MacOS, Windows, and Linux
(depending on the OS version and filesystem used).</li>
</ul>
<h2>3.17.1</h2>
<ul>
<li>Fix build with <code>windows-sys</code> 0.52. Unfortunately, we have
no CI for older <code>windows-sys</code> versions at the moment...</li>
</ul>
<h2>3.17.0</h2>
<ul>
<li>Make sure to use absolute paths in when creating unnamed temporary
files (avoids a small race in the &quot;immediate unlink&quot; logic)
and in <code>Builder::make_in</code> (when creating temporary files of
arbitrary types).</li>
<li>Prevent a theoretical crash that could (maybe) happen when a
temporary file is created from a drop function run in a TLS destructor.
Nobody has actually reported a case of this happening in practice and I
have been unable to create this scenario in a test.</li>
<li>When reseeding with <code>getrandom</code>, use platform (e.g., CPU)
specific randomness sources where possible.</li>
<li>Clarify some documentation.</li>
<li>Unlink unnamed temporary files on windows <em>immediately</em> when
possible instead of waiting for the handle to be closed. We open files
with &quot;Unix&quot; semantics, so this is generally possible.</li>
</ul>
<h2>3.16.0</h2>
<ul>
<li>Update <code>getrandom</code> to <code>0.3.0</code> (thanks to <a
href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a>).</li>
<li>Allow <code>windows-sys</code> versions <code>0.59.x</code> in
addition to <code>0.59.0</code> (thanks <a
href="https://github.com/ErichDonGubler"><code>@​ErichDonGubler</code></a>).</li>
<li>Improved security documentation (thanks to <a
href="https://github.com/n0toose"><code>@​n0toose</code></a> for
collaborating with me on this).</li>
</ul>
<h2>3.15.0</h2>
<p>Re-seed the per-thread RNG from system randomness when we repeatedly
fail to create temporary files (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/314">#314</a>).
This resolves a potential DoS vector (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/178">#178</a>)
while avoiding <code>getrandom</code> in the common case where it's
necessary. The feature is optional but enabled by default via the
<code>getrandom</code> feature.</p>
<p>For libc-free builds, you'll either need to disable this feature or
opt-in to a different <a
href="https://github.com/rust-random/getrandom?tab=readme-ov-file#opt-in-backends"><code>getrandom</code>
backend</a>.</p>
<h2>3.14.0</h2>
<ul>
<li>Make the wasip2 target work (requires tempfile's &quot;nightly&quot;
feature to be enabled). <a
href="https://redirect.github.com/Stebalien/tempfile/pull/305">#305</a>.</li>
<li>Allow older windows-sys versions <a
href="https://redirect.github.com/Stebalien/tempfile/pull/304">#304</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="95540ed3fc"><code>95540ed</code></a>
chore: release v3.19.1</li>
<li><a
href="b60aae49c1"><code>b60aae4</code></a>
fix(windows): don't automatically delete files on open (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/344">#344</a>)</li>
<li><a
href="167f544abe"><code>167f544</code></a>
ci(cargo-deny): remove windows-sys exception (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/343">#343</a>)</li>
<li><a
href="42fff6813d"><code>42fff68</code></a>
chore: release v3.19.0</li>
<li><a
href="61b4283c20"><code>61b4283</code></a>
feat(windows): add a feature to immediate tempfile deletion (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/340">#340</a>)</li>
<li><a
href="c2d16b3bc3"><code>c2d16b3</code></a>
ci: downgrade once-cell on old rustc versions (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/342">#342</a>)</li>
<li><a
href="35c204d7c2"><code>35c204d</code></a>
chore: remove cfg-if dependency (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/338">#338</a>)</li>
<li><a
href="b8bddaf0cf"><code>b8bddaf</code></a>
release 3.18.0</li>
<li><a
href="0e17869470"><code>0e17869</code></a>
update rustix (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/336">#336</a>)</li>
<li><a
href="6cf65365a4"><code>6cf6536</code></a>
doc: fix markdown</li>
<li>Additional commits viewable in <a
href="https://github.com/Stebalien/tempfile/compare/v3.13.0...v3.19.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tempfile&package-manager=cargo&previous-version=3.13.0&new-version=3.19.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
 2025-04-20 22:49:41 +00:00
Thomas Eizinger
4c5fd9b256 feat(connlib): prefer relay candidates of same IP version (#8798) 
When calculating preferences for candidates, `str0m` currently always
prefer IPv6 over IPv4. This is as per the ICE spec. Howver, this can
lead to sub-optimal situations when a connection ends up using a TURN
server.

TURN allows a client to allocate an IPv4 and an IPv6 address in the same
allocation. This makes it possible for e.g. an IPv4-only client to
connect to an IPv6-only peer as long as the TURN server runs in
dual-stack AND the client requests an IPv6 address in addition to an
IPv4 address with the `ADDITIONAL-ADDRESS-FAMILY` attribute.

Assume that a client sits behind symmetric NAT and therefore needs to
rely on a TURN server to communicate with its peers. The TURN server as
well as all the peers operate in dual-stack mode.

The current priority calculation will yield a communication path that
uses IPv4 to talk to the TURN server (as that is the only one available)
but due to the preference ordering of IPv6 over IPv4, will use an IPv6
path to the peer, despite the peer also supporting IPv4.

This isn't a problem per-se but makes our life unnecessarily difficult.
Our TURN servers use eBPF to efficiently deal with TURN's channel-data
messages. This however is at present only implemented for the IPv4 <>
IPv4 and IPv6 <> IPv6 path. Implementing the other paths is possible but
complicates the eBPF code because we need to also translate IP headers
between versions and not just update the source and destination IPs.

We have since patched `str0m` to extend the `Candidate::relayed`
constructor to also take a `base` address which is - similar to the
other candidate types - the address the client is sending from in order
to use this candidate. In the context of relayed candidates, this is the
address the client is using to talk to the TURN server. We can use this
information in the candidate's priority calculation to prefer candidates
that allow traffic to remain within one IP version, i.e. if the client
talks to the TURN server over IPv4, the candidate with an allocated IPv4
address will have a higher priority than the one with the IPv6 address
because we are applying a "punishment" factor as part of the
local-preference component in the priority formula.

Staying within the same IP version whilst relaying traffic allows our
TURN servers to use their eBPF kernel which results in a better UX due
to lower latency and higher throughput.

The final candidate ordering is ultimately decided by the controlling
ICE agent which in our case is the Firezone Client. Thus, we don't
necessarily need to update Gateways in order to test / benefit from
this. Building a Client with this patch included should be enough to
benefit from this change.

Related: https://github.com/algesten/str0m/pull/640
Related: https://github.com/algesten/str0m/pull/644
 2025-04-20 22:41:56 +00:00
dependabot[bot]
4a81aed3cb build(deps): bump domain from 0.10.3 to 0.10.4 in /rust (#8856) 
Bumps [domain](https://github.com/nlnetlabs/domain) from 0.10.3 to
0.10.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nlnetlabs/domain/releases">domain's
releases</a>.</em></p>
<blockquote>
<h2>0.10.4</h2>
<p>Other changes</p>
<ul>
<li>Fix a build issue with <a
href="https://time-rs.github.io/"><em>time</em></a> 0.3.41. (<a
href="https://redirect.github.com/nlnetlabs/domain/issues/505">#505</a>,
backported from <a
href="https://redirect.github.com/nlnetlabs/domain/issues/503">#503</a>
by [<a href="https://github.com/PSeitz"><code>@​PSeitz</code></a>])</li>
</ul>
<p><a
href="https://redirect.github.com/nlnetlabs/domain/issues/503">#503</a>:
<a
href="https://redirect.github.com/NLnetLabs/domain/pull/503">NLnetLabs/domain#503</a>
<a
href="https://redirect.github.com/nlnetlabs/domain/issues/505">#505</a>:
<a
href="https://redirect.github.com/NLnetLabs/domain/pull/505">NLnetLabs/domain#505</a>
[<a href="https://github.com/PSeitz"><code>@​PSeitz</code></a>]: <a
href="https://github.com/PSeitz">https://github.com/PSeitz</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/NLnetLabs/domain/blob/main/Changelog.md">domain's
changelog</a>.</em></p>
<blockquote>
<h2>0.10.4</h2>
<p>Released 2025-03-31.</p>
<p>Other changes</p>
<ul>
<li>Fix a build issue with <a
href="https://time-rs.github.io/"><em>time</em></a> 0.3.41.
(<a
href="https://redirect.github.com/nlnetlabs/domain/issues/505">#505</a>,
backported from <a
href="https://redirect.github.com/nlnetlabs/domain/issues/503">#503</a>
by [<a href="https://github.com/PSeitz"><code>@​PSeitz</code></a>])</li>
</ul>
<p><a
href="https://redirect.github.com/nlnetlabs/domain/issues/503">#503</a>:
<a
href="https://redirect.github.com/NLnetLabs/domain/pull/503">NLnetLabs/domain#503</a>
<a
href="https://redirect.github.com/nlnetlabs/domain/issues/505">#505</a>:
<a
href="https://redirect.github.com/NLnetLabs/domain/pull/505">NLnetLabs/domain#505</a>
[<a href="https://github.com/PSeitz"><code>@​PSeitz</code></a>]: <a
href="https://github.com/PSeitz">https://github.com/PSeitz</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b851eeb543"><code>b851eeb</code></a>
Release 0.10.4. (<a
href="https://redirect.github.com/nlnetlabs/domain/issues/509">#509</a>)</li>
<li><a
href="556255bcef"><code>556255b</code></a>
Update dependencies. (<a
href="https://redirect.github.com/nlnetlabs/domain/issues/508">#508</a>)</li>
<li><a
href="1aae138ebd"><code>1aae138</code></a>
Explicit cast in comparison (series 0.10) (<a
href="https://redirect.github.com/nlnetlabs/domain/issues/505">#505</a>)</li>
<li><a
href="bffb0d97c9"><code>bffb0d9</code></a>
Clippy-suggested fixes introduces in Rust 1.85. (<a
href="https://redirect.github.com/nlnetlabs/domain/issues/506">#506</a>)</li>
<li>See full diff in <a
href="https://github.com/nlnetlabs/domain/compare/v0.10.3...v0.10.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=domain&package-manager=cargo&previous-version=0.10.3&new-version=0.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-20 11:58:20 +00:00
dependabot[bot]
6bae165302 build(deps-dev): bump @types/node from 22.13.9 to 22.14.1 in /rust/gui-client (#8833) 
Bumps
[@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)
from 22.13.9 to 22.14.1.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/node&package-manager=npm_and_yarn&previous-version=22.13.9&new-version=22.14.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-20 11:16:56 +00:00
dependabot[bot]
ea53eebb74 build(deps): bump serde_json from 1.0.135 to 1.0.140 in /rust (#8857) 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.135 to
1.0.140.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/json/releases">serde_json's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.140</h2>
<ul>
<li>Documentation improvements</li>
</ul>
<h2>v1.0.139</h2>
<ul>
<li>Documentation improvements</li>
</ul>
<h2>v1.0.138</h2>
<ul>
<li>Documentation improvements</li>
</ul>
<h2>v1.0.137</h2>
<ul>
<li>Turn on &quot;float_roundtrip&quot; and &quot;unbounded_depth&quot;
features for serde_json in play.rust-lang.org (<a
href="https://redirect.github.com/serde-rs/json/issues/1231">#1231</a>)</li>
</ul>
<h2>v1.0.136</h2>
<ul>
<li>Optimize serde_json::value::Serializer::serialize_map by using
Map::with_capacity (<a
href="https://redirect.github.com/serde-rs/json/issues/1230">#1230</a>,
thanks <a
href="https://github.com/goffrie"><code>@​goffrie</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="762783414e"><code>7627834</code></a>
Release 1.0.140</li>
<li><a
href="d77a498c80"><code>d77a498</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1245">#1245</a>
from serde-rs/powerpc</li>
<li><a
href="b34d317089"><code>b34d317</code></a>
Delete unused gcc installation</li>
<li><a
href="f7200c3cf6"><code>f7200c3</code></a>
Ignore unbuffered_bytes clippy lint</li>
<li><a
href="76cd4fb383"><code>76cd4fb</code></a>
Ignore elidable_lifetime_names pedantic clippy lint</li>
<li><a
href="400eaa977f"><code>400eaa9</code></a>
Point standard library links to stable</li>
<li><a
href="4d4f53c3b7"><code>4d4f53c</code></a>
Release 1.0.139</li>
<li><a
href="5d6b32f378"><code>5d6b32f</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1242">#1242</a>
from dtolnay/writefloat</li>
<li><a
href="e5bb8bd38f"><code>e5bb8bd</code></a>
Document behavior of write_f32/f64 on non-finite floats</li>
<li><a
href="7a797810d2"><code>7a79781</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1241">#1241</a>
from dtolnay/doclink</li>
<li>Additional commits viewable in <a
href="https://github.com/serde-rs/json/compare/v1.0.135...v1.0.140">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.135&new-version=1.0.140)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-20 11:14:40 +00:00
Thomas Eizinger
92534ae4ec test(connlib): ensure we have gaps in port ranges (#8862) 
This should fix the flaky proptest.
 2025-04-20 11:02:55 +00:00
Thomas Eizinger
1af7f4f8c1 fix(rust): don't use jemalloc on ARMv7 (#8859) 
Doesn't compile on ARMv7 so we just fallback to the default allocator
there.
 2025-04-19 22:20:05 +00:00
Thomas Eizinger
ae4b7d9d08 test(connlib): correctly assert in Io unit-test (#8861) 
Not sure what I was smoking when I wrote this test but the current
assertion makes no sense for what we actually want to test.

As the test name says, we want to assert that if we are given an
`Instant` in the past, we do in fact return a more recent one and
therefore what is returned in `Input::Timeout` is at least as recent as
`now`.
 2025-04-19 22:17:51 +00:00
dependabot[bot]
9c10fbf8b5 build(deps-dev): bump typescript from 5.7.3 to 5.8.3 in /rust/gui-client (#8855) 
Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.7.3
to 5.8.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/microsoft/TypeScript/releases">typescript's
releases</a>.</em></p>
<blockquote>
<h2>TypeScript 5.8.3</h2>
<p>For release notes, check out the <a
href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-8/">release
announcement</a>.</p>
<ul>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.8.0%22+is%3Aclosed+">fixed
issues query for Typescript 5.8.0 (Beta)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.8.1%22+is%3Aclosed+">fixed
issues query for Typescript 5.8.1 (RC)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.8.2%22+is%3Aclosed+">fixed
issues query for Typescript 5.8.2 (Stable)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.8.3%22+is%3Aclosed+">fixed
issues query for Typescript 5.8.3 (Stable)</a>.</li>
</ul>
<p>Downloads are available on:</p>
<ul>
<li><a href="https://www.npmjs.com/package/typescript">npm</a></li>
</ul>
<h2>TypeScript 5.8</h2>
<p>For release notes, check out the <a
href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-8/">release
announcement</a>.</p>
<ul>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.8.0%22+is%3Aclosed+">fixed
issues query for Typescript 5.8.0 (Beta)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.8.1%22+is%3Aclosed+">fixed
issues query for Typescript 5.8.1 (RC)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.8.2%22+is%3Aclosed+">fixed
issues query for Typescript 5.8.2 (Stable)</a>.</li>
</ul>
<p>Downloads are available on:</p>
<ul>
<li><a href="https://www.npmjs.com/package/typescript">npm</a></li>
</ul>
<h2>TypeScript 5.8 RC</h2>
<p>For release notes, check out the <a
href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-8-rc/">release
announcement</a>.</p>
<ul>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.8.0%22+is%3Aclosed+">fixed
issues query for Typescript 5.8.0 (Beta)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.8.1%22+is%3Aclosed+">fixed
issues query for Typescript 5.8.1 (RC)</a>.</li>
</ul>
<p>Downloads are available on:</p>
<ul>
<li><a href="https://www.npmjs.com/package/typescript">npm</a></li>
</ul>
<h2>TypeScript 5.8 Beta</h2>
<p>For release notes, check out the <a
href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-8-beta/">release
announcement</a>.</p>
<ul>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+5.8.0%22+is%3Aclosed+">fixed
issues query for Typescript 5.8.0 (Beta)</a>.</li>
</ul>
<p>Downloads are available on:</p>
<ul>
<li><a href="https://www.npmjs.com/package/typescript">npm</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="83dc0bb2ed"><code>83dc0bb</code></a>
Convert release publishing inputs into parameters (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/61523">#61523</a>)</li>
<li><a
href="ba663f6ac2"><code>ba663f6</code></a>
Exclude completions of binding pattern variable initializers (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/52723">#52723</a>)</li>
<li><a
href="7205eda454"><code>7205eda</code></a>
Bump github/codeql-action from 3.28.12 to 3.28.13 in the github-actions
group...</li>
<li><a
href="89c572ca0c"><code>89c572c</code></a>
Fixed a symbol display crash on expando members write locations (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/55478">#55478</a>)</li>
<li><a
href="7b26d2eba5"><code>7b26d2e</code></a>
Fix incorrect name in new release pipeline (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/61514">#61514</a>)</li>
<li><a
href="c7a559eeae"><code>c7a559e</code></a>
Add new release publisher yaml (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/61491">#61491</a>)</li>
<li><a
href="29e6d6689d"><code>29e6d66</code></a>
Fix <code>lib.includes('dom')</code> check in
<code>containerSeemsToBeEmptyDomElement</code> (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/61481">#61481</a>)</li>
<li><a
href="19b777260b"><code>19b7772</code></a>
Bump the github-actions group with 4 updates (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/61474">#61474</a>)</li>
<li><a
href="4dc677b292"><code>4dc677b</code></a>
Fix errors on type assertions in erasableSyntaxOnly (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/61452">#61452</a>)</li>
<li><a
href="ee3dd7264b"><code>ee3dd72</code></a>
fix(60908): Unexpected &quot;'Type' is declared but its value is never
read.&quot; erro...</li>
<li>Additional commits viewable in <a
href="https://github.com/microsoft/TypeScript/compare/v5.7.3...v5.8.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript&package-manager=npm_and_yarn&previous-version=5.7.3&new-version=5.8.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-19 21:02:27 +00:00
dependabot[bot]
a3c221d7c2 build(deps): bump the tauri group in /rust/gui-client with 2 updates (#8825) 
Bumps the tauri group in /rust/gui-client with 2 updates:
[@tauri-apps/api](https://github.com/tauri-apps/tauri) and
[@tauri-apps/cli](https://github.com/tauri-apps/tauri).

Updates `@tauri-apps/api` from 2.4.1 to 2.5.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/api</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/api</code> v2.5.0</h2>
<!-- raw HTML omitted -->
<pre><code>No known vulnerabilities found
</code></pre>
<!-- raw HTML omitted -->
<h2>[2.5.0]</h2>
<h3>New Features</h3>
<ul>
<li>
<p><a
href="66e6325f43"><code>66e6325f4</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13136">#13136</a>)
Allow passing the callback as the parameter of constructor of
<code>Channel</code> so you can use it like this <code>new
Channel((message) =&gt; console.log(message))</code></p>
</li>
<li>
<p><a
href="ea36294cbc"><code>ea36294cb</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13208">#13208</a>)
Added <code>disableInputAccessoryView: bool</code> config for iOS.</p>
</li>
<li>
<p><a
href="c1cd0a2ddb"><code>c1cd0a2dd</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13090">#13090</a>)
macOS/iOS: add option to disable or enable link previews when building a
webview (the webkit api has it enabled by default)</p>
<ul>
<li><code>WindowOptions::allowLinkPreview</code></li>
<li><code>WebviewOptions::allowLinkPreview</code></li>
</ul>
</li>
<li>
<p><a
href="b072e2b296"><code>b072e2b29</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9687">#9687</a>)
Add <code>preventOverflow</code> config option to prevent the window
from overflowing the monitor size on creation</p>
</li>
<li>
<p><a
href="dd4f13ce4b"><code>dd4f13ce4</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13185">#13185</a>)
Added <code>app.setDockVisibility</code> for macOS.</p>
</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li><a
href="b8f86669ab"><code>b8f86669a</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13145">#13145</a>)
<code>core.isTauri</code> now leverages <code>globalThis</code> instead
of <code>window</code> in order to be used in unit tests.</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="66e6325f43"><code>66e6325f4</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13136">#13136</a>)
Fix <code>Channel</code>'s callback attached to <code>window</code>
never cleaned up</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>&gt; @tauri-apps/api@2.5.0 npm-publish
/home/runner/work/tauri/tauri/packages/api
&gt; pnpm build &amp;&amp; cd ./dist &amp;&amp; pnpm publish --access
public --loglevel silly --no-git-checks
<p>&gt; <code>@​tauri-apps/api</code><a
href="https://github.com/2"><code>@​2</code></a>.5.0 build
/home/runner/work/tauri/tauri/packages/api
&gt; rollup -c --configPlugin typescript</p>
<p>
./src/app.ts, ./src/core.ts, ./src/dpi.ts, ./src/event.ts,
./src/image.ts, ./src/index.ts, ./src/menu.ts, ./src/mocks.ts,
./src/path.ts, ./src/tray.ts, ./src/webview.ts, ./src/webviewWindow.ts,
./src/window.ts → ./dist, ./dist...
created ./dist, ./dist in 1.7s

src/index.ts →
../../crates/tauri/scripts/bundle.global.js...
created ../../crates/tauri/scripts/bundle.global.js in
1.9s
npm verbose cli /opt/hostedtoolcache/node/20.19.0/x64/bin/node
/opt/hostedtoolcache/node/20.19.0/x64/bin/npm
npm info using npm@10.8.2
&lt;/tr&gt;&lt;/table&gt;
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="977c4b496c"><code>977c4b4</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li>
<li><a
href="48b12b4404"><code>48b12b4</code></a>
chore: bump crates depending on tauri-utils as minor</li>
<li><a
href="9356fa15d8"><code>9356fa1</code></a>
feat(core): include type name in state panic message (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li>
<li><a
href="2dccfab532"><code>2dccfab</code></a>
fix: fileAssociations missing LSHandlerRank on macOS (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>)
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li>
<li><a
href="5d3687e8c3"><code>5d3687e</code></a>
chore(tauri-driver): update README</li>
<li><a
href="0cf2d9933f"><code>0cf2d99</code></a>
fix(tauri-driver): append .exe ext on app path on Windows, closes <a
href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li>
<li><a
href="1734273bbe"><code>1734273</code></a>
fix: using center and overflow together crashes (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li>
<li><a
href="690146e311"><code>690146e</code></a>
fix(macros): invoke handler stack overflow (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li>
<li><a
href="f888502fd2"><code>f888502</code></a>
fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li>
<li><a
href="577c7ffc45"><code>577c7ff</code></a>
fix(webdriver): windows: make native webdriver close with parent process
(fix...</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/api-v2.4.1...@tauri-apps/api-v2.5.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `@tauri-apps/cli` from 2.4.1 to 2.5.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/cli</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/cli</code> v2.5.0</h2>
<h2>[2.5.0]</h2>
<h3>New Features</h3>
<ul>
<li><a
href="0aa48fb9e4"><code>0aa48fb9e</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13030">#13030</a>)
Added <code>bundleVersion</code> to iOS and macOS configuration to
support specifying a <code>CFBundleVersion</code>.</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li><a
href="ad3fd3890f"><code>ad3fd3890</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13152">#13152</a>)
Detect package manager from environment variable
<code>npm_config_user_agent</code> first</li>
<li><a
href="82406c61e0"><code>82406c61e</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13231">#13231</a>)
Improve iOS simulator usage, checking if Xcode iOS SDK is installed and
allowing usage of Simulator for older iOS releases (previously only
supported when running on Xcode via <code>ios dev --open</code>).</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="2dccfab532"><code>2dccfab53</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13236">#13236</a>)
Fix <code>fileAssociations</code> missing <code>LSHandlerRank</code> on
macOS.</li>
<li><a
href="0802529031"><code>080252903</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13210">#13210</a>)
Fixes iOS dev not working on Xcode 16.3 simulators. To apply the fix,
either regenerate the Xcode project with <code>rm -r src-tauri/gen/apple
&amp;&amp; tauri ios init</code> or remove the <code>arm64-sim</code>
architecture from the Xcode project.</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>tauri-cli@2.5.0</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="977c4b496c"><code>977c4b4</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li>
<li><a
href="48b12b4404"><code>48b12b4</code></a>
chore: bump crates depending on tauri-utils as minor</li>
<li><a
href="9356fa15d8"><code>9356fa1</code></a>
feat(core): include type name in state panic message (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li>
<li><a
href="2dccfab532"><code>2dccfab</code></a>
fix: fileAssociations missing LSHandlerRank on macOS (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>)
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li>
<li><a
href="5d3687e8c3"><code>5d3687e</code></a>
chore(tauri-driver): update README</li>
<li><a
href="0cf2d9933f"><code>0cf2d99</code></a>
fix(tauri-driver): append .exe ext on app path on Windows, closes <a
href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li>
<li><a
href="1734273bbe"><code>1734273</code></a>
fix: using center and overflow together crashes (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li>
<li><a
href="690146e311"><code>690146e</code></a>
fix(macros): invoke handler stack overflow (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li>
<li><a
href="f888502fd2"><code>f888502</code></a>
fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li>
<li><a
href="577c7ffc45"><code>577c7ff</code></a>
fix(webdriver): windows: make native webdriver close with parent process
(fix...</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/cli-v2.4.1...@tauri-apps/cli-v2.5.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-19 13:41:04 +00:00
Thomas Eizinger
a41395a165 feat(eBPF): embed BTF information in eBPF kernel (#8842) 
It turns out that the Rust compiler doesn't always say that it is adding
debug information to a binary even when it does! The build output only
displays `[optimized]` when in fact it does actually emit debug
information. Adding an additional linker flag configures `bpf-linker` to
include the necessary BTF information in our kernel.

This makes debugging verifier errors much easier as the program output
contains source code annotiations. It also should make it easier to
debug issues using `xdpdump` which relies on BTF information.

Resolves: #8503
 2025-04-19 12:38:59 +00:00
dependabot[bot]
024b0b36ed build(deps): bump the tauri group across 1 directory with 5 updates (#8841) 
Bumps the tauri group with 2 updates in the /rust directory:
[tauri](https://github.com/tauri-apps/tauri) and
[tauri-winrt-notification](https://github.com/tauri-apps/winrt-notification).

Updates `tauri` from 2.4.1 to 2.5.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri's
releases</a>.</em></p>
<blockquote>
<h2>tauri-runtime v2.5.0</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1020 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding axum v0.7.9 (available: v0.8.1)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.1)
      Adding getrandom v0.2.15 (available: v0.3.2)
      Adding html5ever v0.26.0 (available: v0.30.0)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding oxc_allocator v0.36.0 (available: v0.61.0)
      Adding oxc_ast v0.36.0 (available: v0.61.0)
      Adding oxc_parser v0.36.0 (available: v0.61.0)
      Adding oxc_span v0.36.0 (available: v0.61.0)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rand v0.8.5 (available: v0.9.0)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tauri-utils v1.6.0 (available: v1.6.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding webview2-com v0.36.0 (available: v0.37.0)
      Adding windows v0.60.0 (available: v0.61.1)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 742 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1045 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.50.5
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="977c4b496c"><code>977c4b4</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li>
<li><a
href="48b12b4404"><code>48b12b4</code></a>
chore: bump crates depending on tauri-utils as minor</li>
<li><a
href="9356fa15d8"><code>9356fa1</code></a>
feat(core): include type name in state panic message (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li>
<li><a
href="2dccfab532"><code>2dccfab</code></a>
fix: fileAssociations missing LSHandlerRank on macOS (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>)
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li>
<li><a
href="5d3687e8c3"><code>5d3687e</code></a>
chore(tauri-driver): update README</li>
<li><a
href="0cf2d9933f"><code>0cf2d99</code></a>
fix(tauri-driver): append .exe ext on app path on Windows, closes <a
href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li>
<li><a
href="1734273bbe"><code>1734273</code></a>
fix: using center and overflow together crashes (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li>
<li><a
href="690146e311"><code>690146e</code></a>
fix(macros): invoke handler stack overflow (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li>
<li><a
href="f888502fd2"><code>f888502</code></a>
fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li>
<li><a
href="577c7ffc45"><code>577c7ff</code></a>
fix(webdriver): windows: make native webdriver close with parent process
(fix...</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-v2.4.1...tauri-v2.5.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `tauri-build` from 2.1.1 to 2.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri-build's
releases</a>.</em></p>
<blockquote>
<h2>tauri-build v2.2.0</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1021 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding axum v0.7.9 (available: v0.8.3)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.1)
      Adding getrandom v0.2.15 (available: v0.3.2)
      Adding html5ever v0.26.0 (available: v0.31.0)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding oxc_allocator v0.36.0 (available: v0.63.0)
      Adding oxc_ast v0.36.0 (available: v0.63.0)
      Adding oxc_parser v0.36.0 (available: v0.63.0)
      Adding oxc_span v0.36.0 (available: v0.63.0)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rand v0.8.5 (available: v0.9.0)
      Adding rpm v0.16.0 (available: v0.17.0)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tauri-utils v1.6.0 (available: v1.6.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 752 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1046 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.51.2
    │   └── tauri-runtime-wry 2.6.0
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="977c4b496c"><code>977c4b4</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li>
<li><a
href="48b12b4404"><code>48b12b4</code></a>
chore: bump crates depending on tauri-utils as minor</li>
<li><a
href="9356fa15d8"><code>9356fa1</code></a>
feat(core): include type name in state panic message (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li>
<li><a
href="2dccfab532"><code>2dccfab</code></a>
fix: fileAssociations missing LSHandlerRank on macOS (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>)
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li>
<li><a
href="5d3687e8c3"><code>5d3687e</code></a>
chore(tauri-driver): update README</li>
<li><a
href="0cf2d9933f"><code>0cf2d99</code></a>
fix(tauri-driver): append .exe ext on app path on Windows, closes <a
href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li>
<li><a
href="1734273bbe"><code>1734273</code></a>
fix: using center and overflow together crashes (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li>
<li><a
href="690146e311"><code>690146e</code></a>
fix(macros): invoke handler stack overflow (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li>
<li><a
href="f888502fd2"><code>f888502</code></a>
fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li>
<li><a
href="577c7ffc45"><code>577c7ff</code></a>
fix(webdriver): windows: make native webdriver close with parent process
(fix...</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-build-v2.1.1...tauri-build-v2.2.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `tauri-runtime` from 2.5.1 to 2.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri-runtime's
releases</a>.</em></p>
<blockquote>
<h2>tauri-runtime v2.6.0</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1021 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding axum v0.7.9 (available: v0.8.3)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.1)
      Adding getrandom v0.2.15 (available: v0.3.2)
      Adding html5ever v0.26.0 (available: v0.31.0)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding oxc_allocator v0.36.0 (available: v0.63.0)
      Adding oxc_ast v0.36.0 (available: v0.63.0)
      Adding oxc_parser v0.36.0 (available: v0.63.0)
      Adding oxc_span v0.36.0 (available: v0.63.0)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rand v0.8.5 (available: v0.9.0)
      Adding rpm v0.16.0 (available: v0.17.0)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tauri-utils v1.6.0 (available: v1.6.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 752 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1046 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.51.2
    │   └── tauri-runtime-wry 2.6.0
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="977c4b496c"><code>977c4b4</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li>
<li><a
href="48b12b4404"><code>48b12b4</code></a>
chore: bump crates depending on tauri-utils as minor</li>
<li><a
href="9356fa15d8"><code>9356fa1</code></a>
feat(core): include type name in state panic message (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li>
<li><a
href="2dccfab532"><code>2dccfab</code></a>
fix: fileAssociations missing LSHandlerRank on macOS (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>)
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li>
<li><a
href="5d3687e8c3"><code>5d3687e</code></a>
chore(tauri-driver): update README</li>
<li><a
href="0cf2d9933f"><code>0cf2d99</code></a>
fix(tauri-driver): append .exe ext on app path on Windows, closes <a
href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li>
<li><a
href="1734273bbe"><code>1734273</code></a>
fix: using center and overflow together crashes (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li>
<li><a
href="690146e311"><code>690146e</code></a>
fix(macros): invoke handler stack overflow (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li>
<li><a
href="f888502fd2"><code>f888502</code></a>
fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li>
<li><a
href="577c7ffc45"><code>577c7ff</code></a>
fix(webdriver): windows: make native webdriver close with parent process
(fix...</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-runtime-v2.5.1...tauri-runtime-v2.6.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `tauri-utils` from 2.3.1 to 2.4.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri-utils's
releases</a>.</em></p>
<blockquote>
<h2>tauri-utils v2.4.0</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1021 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding axum v0.7.9 (available: v0.8.3)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.1)
      Adding getrandom v0.2.15 (available: v0.3.2)
      Adding html5ever v0.26.0 (available: v0.31.0)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding oxc_allocator v0.36.0 (available: v0.63.0)
      Adding oxc_ast v0.36.0 (available: v0.63.0)
      Adding oxc_parser v0.36.0 (available: v0.63.0)
      Adding oxc_span v0.36.0 (available: v0.63.0)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rand v0.8.5 (available: v0.9.0)
      Adding rpm v0.16.0 (available: v0.17.0)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tauri-utils v1.6.0 (available: v1.6.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 752 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1046 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.51.2
    │   └── tauri-runtime-wry 2.6.0
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="977c4b496c"><code>977c4b4</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li>
<li><a
href="48b12b4404"><code>48b12b4</code></a>
chore: bump crates depending on tauri-utils as minor</li>
<li><a
href="9356fa15d8"><code>9356fa1</code></a>
feat(core): include type name in state panic message (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li>
<li><a
href="2dccfab532"><code>2dccfab</code></a>
fix: fileAssociations missing LSHandlerRank on macOS (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>)
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li>
<li><a
href="5d3687e8c3"><code>5d3687e</code></a>
chore(tauri-driver): update README</li>
<li><a
href="0cf2d9933f"><code>0cf2d99</code></a>
fix(tauri-driver): append .exe ext on app path on Windows, closes <a
href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li>
<li><a
href="1734273bbe"><code>1734273</code></a>
fix: using center and overflow together crashes (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li>
<li><a
href="690146e311"><code>690146e</code></a>
fix(macros): invoke handler stack overflow (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li>
<li><a
href="f888502fd2"><code>f888502</code></a>
fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li>
<li><a
href="577c7ffc45"><code>577c7ff</code></a>
fix(webdriver): windows: make native webdriver close with parent process
(fix...</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-utils-v2.3.1...tauri-utils-v2.4.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `tauri-winrt-notification` from 0.7.1 to 0.7.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/winrt-notification/releases">tauri-winrt-notification's
releases</a>.</em></p>
<blockquote>
<h2>tauri-winrt-notification v0.7.2</h2>
<p>Updating crates.io index
Locking 20 packages to latest compatible versions</p>
<!-- raw HTML omitted -->
<pre><code>Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 751 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (21 crate dependencies)
</code></pre>
<!-- raw HTML omitted -->
<h2>[0.7.2]</h2>
<ul>
<li><a
href="a7ec5622c4"><code>a7ec562</code></a>
(<a
href="https://redirect.github.com/tauri-apps/winrt-notification/pull/46">#46</a>
by <a
href="https://github.com/tauri-apps/winrt-notification/../../renovate"><code>@​renovate</code></a>)
Update <code>windows</code> crate to <code>0.61</code>.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>Updating crates.io index
Packaging tauri-winrt-notification v0.7.2
(/home/runner/work/winrt-notification/winrt-notification)
    Updating crates.io index
    Packaged 33 files, 100.8KiB (45.7KiB compressed)
Uploading tauri-winrt-notification v0.7.2
(/home/runner/work/winrt-notification/winrt-notification)
    Uploaded tauri-winrt-notification v0.7.2 to registry `crates-io`
note: waiting for `tauri-winrt-notification v0.7.2` to be available at
registry `crates-io`.
You may press ctrl-c to skip waiting; the crate should be available
shortly.
   Published tauri-winrt-notification v0.7.2 at registry `crates-io`
</code></pre>
<!-- raw HTML omitted -->
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/winrt-notification/blob/dev/CHANGELOG.md">tauri-winrt-notification's
changelog</a>.</em></p>
<blockquote>
<h2>[0.7.2]</h2>
<ul>
<li><a
href="a7ec5622c4"><code>a7ec562</code></a>
(<a
href="https://redirect.github.com/tauri-apps/winrt-notification/pull/46">#46</a>
by <a
href="https://github.com/tauri-apps/winrt-notification/../../renovate"><code>@​renovate</code></a>)
Update <code>windows</code> crate to <code>0.61</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1cbe2d98ec"><code>1cbe2d9</code></a>
publish new versions (<a
href="https://redirect.github.com/tauri-apps/winrt-notification/issues/48">#48</a>)</li>
<li><a
href="b835cab9e6"><code>b835cab</code></a>
ci: Update action dependencies</li>
<li><a
href="a7ec5622c4"><code>a7ec562</code></a>
chore(deps): update rust crate windows to 0.61 (<a
href="https://redirect.github.com/tauri-apps/winrt-notification/issues/46">#46</a>)</li>
<li><a
href="2893beae07"><code>2893bea</code></a>
ci: Create renovate.json</li>
<li><a
href="f25d9114a1"><code>f25d911</code></a>
ci: Delete renovate.json</li>
<li><a
href="daeb2631ab"><code>daeb263</code></a>
chore: Add <code>unpackaged-app</code> example (<a
href="https://redirect.github.com/tauri-apps/winrt-notification/issues/45">#45</a>)</li>
<li>See full diff in <a
href="https://github.com/tauri-apps/winrt-notification/compare/tauri-winrt-notification-v0.7.1...tauri-winrt-notification-v0.7.2">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
 2025-04-19 12:33:24 +00:00
Thomas Eizinger
34f28e2ae6 feat(rust): use jemalloc for Gateway and Relay (#8846) 
`jemalloc` is a modern allocator that is designed for multi-threaded
systems and can better handle smaller allocations that may otherwise
fragment the heap. Firezone's components, especially Relays and Gateways
are intended to operate with a long uptime and therefore need to handle
memory efficiently.
 2025-04-19 12:25:46 +00:00
dependabot[bot]
54f04108b2 build(deps-dev): bump vite from 6.2.6 to 6.3.2 in /rust/gui-client (#8829) 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite)
from 6.2.6 to 6.3.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v6.3.2</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.3.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@6.3.1</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@6.3.1/packages/create-vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.3.1</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.3.1/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@6.3.0</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@6.3.0/packages/create-vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.3.0</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.3.0/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.3.0-beta.2</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.3.0-beta.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.3.0-beta.1</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.3.0-beta.1/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.3.0-beta.0</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.3.0-beta.0/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->6.3.2 (2025-04-18)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: match default asserts case insensitive (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19852">#19852</a>)
(<a
href="cbdab1d6a3">cbdab1d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19852">#19852</a></li>
<li>fix: open first url if host does not match any urls (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19886">#19886</a>)
(<a
href="6abbdce3d7">6abbdce</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19886">#19886</a></li>
<li>fix(css): respect <code>css.lightningcss</code> option in css
minification process (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19879">#19879</a>)
(<a
href="b5055e0dd4">b5055e0</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19879">#19879</a></li>
<li>fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19698">#19698</a>)
(<a
href="bab4cb9224">bab4cb9</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19698">#19698</a></li>
<li>feat(css): improve lightningcss messages (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19880">#19880</a>)
(<a
href="c713f79b5a">c713f79</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19880">#19880</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.3.1 (2025-04-17)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: avoid using <code>Promise.allSettled</code> in preload function
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19805">#19805</a>)
(<a
href="35c7f35e2b">35c7f35</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19805">#19805</a></li>
<li>fix: backward compat for internal plugin <code>transform</code>
calls (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19878">#19878</a>)
(<a
href="a152b7cbac">a152b7c</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19878">#19878</a></li>
</ul>
<h2>6.3.0 (2025-04-16)</h2>
<ul>
<li>fix(hmr): avoid infinite loop happening with
<code>hot.invalidate</code> in circular deps (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19870">#19870</a>)
(<a
href="d4ee5e8655">d4ee5e8</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19870">#19870</a></li>
<li>fix(preview): use host url to open browser (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19836">#19836</a>)
(<a
href="5003434040">5003434</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19836">#19836</a></li>
</ul>
<h2>6.3.0-beta.2 (2025-04-11)</h2>
<ul>
<li>fix: addWatchFile doesn't work if base is specified (fixes <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19792">#19792</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19794">#19794</a>)
(<a
href="8bed1de571">8bed1de</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19792">#19792</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19794">#19794</a></li>
<li>fix: correct the behavior when multiple transform filter options are
specified (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19818">#19818</a>)
(<a
href="7200deec91">7200dee</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19818">#19818</a></li>
<li>fix: fs check with svg and relative paths (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782">#19782</a>)
(<a
href="62d7e81ee1">62d7e81</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19782">#19782</a></li>
<li>fix: keep entry asset files imported by other files (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19779">#19779</a>)
(<a
href="2fa1495801">2fa1495</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19779">#19779</a></li>
<li>fix: reject requests with <code>#</code> in request-target (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830">#19830</a>)
(<a
href="175a83909f">175a839</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19830">#19830</a></li>
<li>fix: unbundle <code>fdir</code> to fix
<code>commonjsOptions.dynamicRequireTargets</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19791">#19791</a>)
(<a
href="71227be9aa">71227be</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19791">#19791</a></li>
<li>fix(css): remove empty chunk imports correctly when chunk file name
contained special characters (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/1">#1</a>
(<a
href="b1251720d4">b125172</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19814">#19814</a></li>
<li>fix(dev): make query selector regexes more inclusive (fix <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19213">#19213</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19767">#19767</a>)
(<a
href="f530a72246">f530a72</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19213">#19213</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19767">#19767</a></li>
<li>fix(hmr): run HMR handler sequentially (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19793">#19793</a>)
(<a
href="380c10e665">380c10e</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19793">#19793</a></li>
<li>fix(module-runner): allow already resolved id as entry (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19768">#19768</a>)
(<a
href="e2e11b15a6">e2e11b1</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19768">#19768</a></li>
<li>fix(types): remove the <code>keepProcessEnv</code> from the
<code>DefaultEnvironmentOptions</code> type (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19796">#19796</a>)
(<a
href="36935b58ea">36935b5</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19796">#19796</a></li>
<li>refactor: simplify pluginFilter implementation (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19828">#19828</a>)
(<a
href="0a0c50a7ed">0a0c50a</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19828">#19828</a></li>
<li>perf(css): avoid constructing <code>renderedModules</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19775">#19775</a>)
(<a
href="59d0b35b30">59d0b35</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19775">#19775</a></li>
<li>test: tweak generateCodeFrame test (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19812">#19812</a>)
(<a
href="8fe3538d90">8fe3538</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19812">#19812</a></li>
<li>docs(vite): fix description of <code>transformIndexHtml</code> hook
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19799">#19799</a>)
(<a
href="a0e1a04026">a0e1a04</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19799">#19799</a></li>
<li>chore: remove unused eslint directive (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19781">#19781</a>)
(<a
href="cb4f5b4b6b">cb4f5b4</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19781">#19781</a></li>
</ul>
<h2>6.3.0-beta.1 (2025-04-03)</h2>
<ul>
<li>fix: align plugin hook filter behavior with pluginutils (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19736">#19736</a>)
(<a
href="0bbdd2c133">0bbdd2c</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19736">#19736</a></li>
<li>fix: fs check in transform middleware (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761">#19761</a>)
(<a
href="59673137c4">5967313</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19761">#19761</a></li>
<li>fix(hmr): throw non-standard error info causes logical error (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19776">#19776</a>)
(<a
href="6b648c73ae">6b648c7</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19776">#19776</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4bc17b4683"><code>4bc17b4</code></a>
release: v6.3.2</li>
<li><a
href="b5055e0dd4"><code>b5055e0</code></a>
fix(css): respect <code>css.lightningcss</code> option in css
minification process (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19879">#19879</a>)</li>
<li><a
href="c713f79b5a"><code>c713f79</code></a>
feat(css): improve lightningcss messages (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19880">#19880</a>)</li>
<li><a
href="cbdab1d6a3"><code>cbdab1d</code></a>
fix: match default asserts case insensitive (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19852">#19852</a>)</li>
<li><a
href="6abbdce3d7"><code>6abbdce</code></a>
fix: open first url if host does not match any urls (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19886">#19886</a>)</li>
<li><a
href="bab4cb9224"><code>bab4cb9</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19698">#19698</a>)</li>
<li><a
href="a7349ef31e"><code>a7349ef</code></a>
release: v6.3.1</li>
<li><a
href="a152b7cbac"><code>a152b7c</code></a>
fix: backward compat for internal plugin <code>transform</code> calls
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19878">#19878</a>)</li>
<li><a
href="35c7f35e2b"><code>35c7f35</code></a>
fix: avoid using <code>Promise.allSettled</code> in preload function (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19805">#19805</a>)</li>
<li><a
href="5fdcfe77a9"><code>5fdcfe7</code></a>
release: v6.3.0</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v6.3.2/packages/vite">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=6.2.6&new-version=6.3.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-19 12:17:01 +00:00
dependabot[bot]
5698e5167e build(deps): bump @tailwindcss/cli from 4.1.3 to 4.1.4 in /rust/gui-client (#8832) 
Bumps
[@tailwindcss/cli](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-cli)
from 4.1.3 to 4.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/releases"><code>@​tailwindcss/cli</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v4.1.4</h2>
<h3>Added</h3>
<ul>
<li>Add experimental <code>@tailwindcss/oxide-wasm32-wasi</code> target
for running Tailwind in browser environments like StackBlitz (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17558">#17558</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Ensure <code>color-mix(…)</code> polyfills do not cause used CSS
variables to be removed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17555">#17555</a>)</li>
<li>Ensure <code>color-mix(…)</code> polyfills create fallbacks for
theme variables that reference other theme variables (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17562">#17562</a>)</li>
<li>Fix brace expansion in declining ranges like <code>{10..0..5}</code>
and <code>{0..10..-5}</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17591">#17591</a>)</li>
<li>Work around a Chrome rendering bug when using the
<code>skew-*</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17627">#17627</a>)</li>
<li>Ensure container query variant names can contain hyphens (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17628">#17628</a>)</li>
<li>Ensure <code>shadow-inherit</code>,
<code>inset-shadow-inherit</code>, <code>drop-shadow-inherit</code>, and
<code>text-shadow-inherit</code> inherit the shadow color (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17647">#17647</a>)</li>
<li>Ensure compatibility with array tuples used in <code>fontSize</code>
JS theme keys (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li>
<li>Ensure folders with binary file extensions in their names are
scanned for utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17595">#17595</a>)</li>
<li>Upgrade: Convert <code>fontSize</code> array tuple syntax to CSS
theme variables (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md"><code>@​tailwindcss/cli</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>[4.1.4] - 2025-04-14</h2>
<h3>Added</h3>
<ul>
<li>Add experimental <code>@tailwindcss/oxide-wasm32-wasi</code> target
for running Tailwind in browser environments like StackBlitz (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17558">#17558</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Ensure <code>color-mix(…)</code> polyfills do not cause used CSS
variables to be removed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17555">#17555</a>)</li>
<li>Ensure <code>color-mix(…)</code> polyfills create fallbacks for
theme variables that reference other theme variables (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17562">#17562</a>)</li>
<li>Fix brace expansion in declining ranges like <code>{10..0..5}</code>
and <code>{0..10..-5}</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17591">#17591</a>)</li>
<li>Work around a Chrome rendering bug when using the
<code>skew-*</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17627">#17627</a>)</li>
<li>Ensure container query variant names can contain hyphens (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17628">#17628</a>)</li>
<li>Ensure <code>shadow-inherit</code>,
<code>inset-shadow-inherit</code>, <code>drop-shadow-inherit</code>, and
<code>text-shadow-inherit</code> inherit the shadow color (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17647">#17647</a>)</li>
<li>Ensure compatibility with array tuples used in <code>fontSize</code>
JS theme keys (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li>
<li>Ensure folders with binary file extensions in their names are
scanned for utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17595">#17595</a>)</li>
<li>Upgrade: Convert <code>fontSize</code> array tuple syntax to CSS
theme variables (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="aa836d3442"><code>aa836d3</code></a>
Prepare v4.1.4 release (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-cli/issues/17669">#17669</a>)</li>
<li>See full diff in <a
href="https://github.com/tailwindlabs/tailwindcss/commits/v4.1.4/packages/@tailwindcss-cli">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@tailwindcss/cli&package-manager=npm_and_yarn&previous-version=4.1.3&new-version=4.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-19 12:16:43 +00:00
dependabot[bot]
ddf460b55f build(deps-dev): bump tailwindcss from 4.1.3 to 4.1.4 in /rust/gui-client (#8835) 
Bumps
[tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss)
from 4.1.3 to 4.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/releases">tailwindcss's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.4</h2>
<h3>Added</h3>
<ul>
<li>Add experimental <code>@tailwindcss/oxide-wasm32-wasi</code> target
for running Tailwind in browser environments like StackBlitz (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17558">#17558</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Ensure <code>color-mix(…)</code> polyfills do not cause used CSS
variables to be removed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17555">#17555</a>)</li>
<li>Ensure <code>color-mix(…)</code> polyfills create fallbacks for
theme variables that reference other theme variables (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17562">#17562</a>)</li>
<li>Fix brace expansion in declining ranges like <code>{10..0..5}</code>
and <code>{0..10..-5}</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17591">#17591</a>)</li>
<li>Work around a Chrome rendering bug when using the
<code>skew-*</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17627">#17627</a>)</li>
<li>Ensure container query variant names can contain hyphens (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17628">#17628</a>)</li>
<li>Ensure <code>shadow-inherit</code>,
<code>inset-shadow-inherit</code>, <code>drop-shadow-inherit</code>, and
<code>text-shadow-inherit</code> inherit the shadow color (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17647">#17647</a>)</li>
<li>Ensure compatibility with array tuples used in <code>fontSize</code>
JS theme keys (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li>
<li>Ensure folders with binary file extensions in their names are
scanned for utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17595">#17595</a>)</li>
<li>Upgrade: Convert <code>fontSize</code> array tuple syntax to CSS
theme variables (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md">tailwindcss's
changelog</a>.</em></p>
<blockquote>
<h2>[4.1.4] - 2025-04-14</h2>
<h3>Added</h3>
<ul>
<li>Add experimental <code>@tailwindcss/oxide-wasm32-wasi</code> target
for running Tailwind in browser environments like StackBlitz (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17558">#17558</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Ensure <code>color-mix(…)</code> polyfills do not cause used CSS
variables to be removed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17555">#17555</a>)</li>
<li>Ensure <code>color-mix(…)</code> polyfills create fallbacks for
theme variables that reference other theme variables (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17562">#17562</a>)</li>
<li>Fix brace expansion in declining ranges like <code>{10..0..5}</code>
and <code>{0..10..-5}</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17591">#17591</a>)</li>
<li>Work around a Chrome rendering bug when using the
<code>skew-*</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17627">#17627</a>)</li>
<li>Ensure container query variant names can contain hyphens (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17628">#17628</a>)</li>
<li>Ensure <code>shadow-inherit</code>,
<code>inset-shadow-inherit</code>, <code>drop-shadow-inherit</code>, and
<code>text-shadow-inherit</code> inherit the shadow color (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17647">#17647</a>)</li>
<li>Ensure compatibility with array tuples used in <code>fontSize</code>
JS theme keys (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li>
<li>Ensure folders with binary file extensions in their names are
scanned for utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17595">#17595</a>)</li>
<li>Upgrade: Convert <code>fontSize</code> array tuple syntax to CSS
theme variables (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="aa836d3442"><code>aa836d3</code></a>
Prepare v4.1.4 release (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17669">#17669</a>)</li>
<li><a
href="6e1f53348d"><code>6e1f533</code></a>
Workaround Chrome rendering bug for <code>skew-*</code> utilities (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17627">#17627</a>)</li>
<li><a
href="3bea760ff2"><code>3bea760</code></a>
Add test coverage for property-specific colors (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17436">#17436</a>)</li>
<li><a
href="6d8dd82c40"><code>6d8dd82</code></a>
Fix <code>shadow-inherit</code>, <code>inset-shadow-inherit</code>,
<code>drop-shadow-inherit</code>, and `tex...</li>
<li><a
href="c0af1e2129"><code>c0af1e2</code></a>
Fix <code>fontSize</code> array upgrade (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17630">#17630</a>)</li>
<li><a
href="3ab7f12563"><code>3ab7f12</code></a>
Fix container names with hyphens (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17628">#17628</a>)</li>
<li><a
href="f66d287436"><code>f66d287</code></a>
Fix brace expansion with range going down (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17591">#17591</a>)</li>
<li><a
href="3e9cf87adf"><code>3e9cf87</code></a>
Make polyfill work when the theme variable resolves to another var (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17562">#17562</a>)</li>
<li><a
href="811e97d61a"><code>811e97d</code></a>
Fix polyfill in combination with unused CSS variable removal (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17555">#17555</a>)</li>
<li>See full diff in <a
href="https://github.com/tailwindlabs/tailwindcss/commits/v4.1.4/packages/tailwindcss">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tailwindcss&package-manager=npm_and_yarn&previous-version=4.1.3&new-version=4.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-19 12:13:48 +00:00
dependabot[bot]
81d2246593 build(deps): bump the aya group in /rust with 5 updates (#8844) 
Bumps the aya group in /rust with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [aya](https://github.com/aya-rs/aya) | ``6d36fe1`` | ``0237e36`` |
| [aya-build](https://github.com/aya-rs/aya) | ``6d36fe1`` | ``0237e36``
|
| [aya-ebpf](https://github.com/aya-rs/aya) | ``6d36fe1`` | ``0237e36``
|
| [aya-log](https://github.com/aya-rs/aya) | ``6d36fe1`` | ``0237e36`` |
| [aya-log-ebpf](https://github.com/aya-rs/aya) | ``6d36fe1`` |
``0237e36`` |

Updates `aya` from `6d36fe1` to `0237e36`
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0237e36dbe"><code>0237e36</code></a>
ci: test against 6.12 rather than 6.10</li>
<li><a
href="5732b2c203"><code>5732b2c</code></a>
test-distro: build without cross toolchain</li>
<li><a
href="edae5cd676"><code>edae5cd</code></a>
test-distro: reduce indentation</li>
<li><a
href="35279b7c7b"><code>35279b7</code></a>
test-distro: extract common decompression code</li>
<li><a
href="680402be0c"><code>680402b</code></a>
Revert &quot;ci: download gen_init_cpio with authentication&quot;</li>
<li><a
href="e967d0aea2"><code>e967d0a</code></a>
Use nul bytes as delimiters</li>
<li><a
href="e692e5ffc5"><code>e692e5f</code></a>
Remove stale comments</li>
<li><a
href="fe8e1c48b0"><code>fe8e1c4</code></a>
Remove getrandom patch</li>
<li><a
href="4c5fbef869"><code>4c5fbef</code></a>
Merge pull request <a
href="https://redirect.github.com/aya-rs/aya/issues/1240">#1240</a> from
dave-tucker/use-gen-bpf-add</li>
<li><a
href="11e9dcc179"><code>11e9dcc</code></a>
Merge pull request <a
href="https://redirect.github.com/aya-rs/aya/issues/1241">#1241</a> from
aya-rs/dependabot/cargo/cargo-crates-cb2c366dd6</li>
<li>Additional commits viewable in <a
href="6d36fe13d3...0237e36dbe">compare
view</a></li>
</ul>
</details>
<br />

Updates `aya-build` from `6d36fe1` to `0237e36`
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0237e36dbe"><code>0237e36</code></a>
ci: test against 6.12 rather than 6.10</li>
<li><a
href="5732b2c203"><code>5732b2c</code></a>
test-distro: build without cross toolchain</li>
<li><a
href="edae5cd676"><code>edae5cd</code></a>
test-distro: reduce indentation</li>
<li><a
href="35279b7c7b"><code>35279b7</code></a>
test-distro: extract common decompression code</li>
<li><a
href="680402be0c"><code>680402b</code></a>
Revert &quot;ci: download gen_init_cpio with authentication&quot;</li>
<li><a
href="e967d0aea2"><code>e967d0a</code></a>
Use nul bytes as delimiters</li>
<li><a
href="e692e5ffc5"><code>e692e5f</code></a>
Remove stale comments</li>
<li><a
href="fe8e1c48b0"><code>fe8e1c4</code></a>
Remove getrandom patch</li>
<li><a
href="4c5fbef869"><code>4c5fbef</code></a>
Merge pull request <a
href="https://redirect.github.com/aya-rs/aya/issues/1240">#1240</a> from
dave-tucker/use-gen-bpf-add</li>
<li><a
href="11e9dcc179"><code>11e9dcc</code></a>
Merge pull request <a
href="https://redirect.github.com/aya-rs/aya/issues/1241">#1241</a> from
aya-rs/dependabot/cargo/cargo-crates-cb2c366dd6</li>
<li>Additional commits viewable in <a
href="6d36fe13d3...0237e36dbe">compare
view</a></li>
</ul>
</details>
<br />

Updates `aya-ebpf` from `6d36fe1` to `0237e36`
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0237e36dbe"><code>0237e36</code></a>
ci: test against 6.12 rather than 6.10</li>
<li><a
href="5732b2c203"><code>5732b2c</code></a>
test-distro: build without cross toolchain</li>
<li><a
href="edae5cd676"><code>edae5cd</code></a>
test-distro: reduce indentation</li>
<li><a
href="35279b7c7b"><code>35279b7</code></a>
test-distro: extract common decompression code</li>
<li><a
href="680402be0c"><code>680402b</code></a>
Revert &quot;ci: download gen_init_cpio with authentication&quot;</li>
<li><a
href="e967d0aea2"><code>e967d0a</code></a>
Use nul bytes as delimiters</li>
<li><a
href="e692e5ffc5"><code>e692e5f</code></a>
Remove stale comments</li>
<li><a
href="fe8e1c48b0"><code>fe8e1c4</code></a>
Remove getrandom patch</li>
<li><a
href="4c5fbef869"><code>4c5fbef</code></a>
Merge pull request <a
href="https://redirect.github.com/aya-rs/aya/issues/1240">#1240</a> from
dave-tucker/use-gen-bpf-add</li>
<li><a
href="11e9dcc179"><code>11e9dcc</code></a>
Merge pull request <a
href="https://redirect.github.com/aya-rs/aya/issues/1241">#1241</a> from
aya-rs/dependabot/cargo/cargo-crates-cb2c366dd6</li>
<li>Additional commits viewable in <a
href="6d36fe13d3...0237e36dbe">compare
view</a></li>
</ul>
</details>
<br />

Updates `aya-log` from `6d36fe1` to `0237e36`
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0237e36dbe"><code>0237e36</code></a>
ci: test against 6.12 rather than 6.10</li>
<li><a
href="5732b2c203"><code>5732b2c</code></a>
test-distro: build without cross toolchain</li>
<li><a
href="edae5cd676"><code>edae5cd</code></a>
test-distro: reduce indentation</li>
<li><a
href="35279b7c7b"><code>35279b7</code></a>
test-distro: extract common decompression code</li>
<li><a
href="680402be0c"><code>680402b</code></a>
Revert &quot;ci: download gen_init_cpio with authentication&quot;</li>
<li><a
href="e967d0aea2"><code>e967d0a</code></a>
Use nul bytes as delimiters</li>
<li><a
href="e692e5ffc5"><code>e692e5f</code></a>
Remove stale comments</li>
<li><a
href="fe8e1c48b0"><code>fe8e1c4</code></a>
Remove getrandom patch</li>
<li><a
href="4c5fbef869"><code>4c5fbef</code></a>
Merge pull request <a
href="https://redirect.github.com/aya-rs/aya/issues/1240">#1240</a> from
dave-tucker/use-gen-bpf-add</li>
<li><a
href="11e9dcc179"><code>11e9dcc</code></a>
Merge pull request <a
href="https://redirect.github.com/aya-rs/aya/issues/1241">#1241</a> from
aya-rs/dependabot/cargo/cargo-crates-cb2c366dd6</li>
<li>Additional commits viewable in <a
href="6d36fe13d3...0237e36dbe">compare
view</a></li>
</ul>
</details>
<br />

Updates `aya-log-ebpf` from `6d36fe1` to `0237e36`
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0237e36dbe"><code>0237e36</code></a>
ci: test against 6.12 rather than 6.10</li>
<li><a
href="5732b2c203"><code>5732b2c</code></a>
test-distro: build without cross toolchain</li>
<li><a
href="edae5cd676"><code>edae5cd</code></a>
test-distro: reduce indentation</li>
<li><a
href="35279b7c7b"><code>35279b7</code></a>
test-distro: extract common decompression code</li>
<li><a
href="680402be0c"><code>680402b</code></a>
Revert &quot;ci: download gen_init_cpio with authentication&quot;</li>
<li><a
href="e967d0aea2"><code>e967d0a</code></a>
Use nul bytes as delimiters</li>
<li><a
href="e692e5ffc5"><code>e692e5f</code></a>
Remove stale comments</li>
<li><a
href="fe8e1c48b0"><code>fe8e1c4</code></a>
Remove getrandom patch</li>
<li><a
href="4c5fbef869"><code>4c5fbef</code></a>
Merge pull request <a
href="https://redirect.github.com/aya-rs/aya/issues/1240">#1240</a> from
dave-tucker/use-gen-bpf-add</li>
<li><a
href="11e9dcc179"><code>11e9dcc</code></a>
Merge pull request <a
href="https://redirect.github.com/aya-rs/aya/issues/1241">#1241</a> from
aya-rs/dependabot/cargo/cargo-crates-cb2c366dd6</li>
<li>Additional commits viewable in <a
href="6d36fe13d3...0237e36dbe">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-19 12:10:47 +00:00
Thomas Eizinger
b4afd0bffb refactor(eBPF): reduce size of maps (#8849) 
Whilst developing the eBPF module for the relay, I needed to manually
add padding within the key and value structs used in the maps in order
for the kernel to be able to correctly retrieve the data.

For some reason, this seems no longer necessary as the integration test
now passes without this as well.

Being able to remove the padding drastically reduces the size of these
maps for the current number of entries that we allow. This brings the
overall memory usage of the relay down.

Resolves: #8682
 2025-04-19 11:46:58 +00:00
Jamil
5669c83835 ci: Bump Apple clients to 1.4.11 (#8848) 
Includes a fix for auto-starting on launch when other VPN clients have
been connected previously.
 2025-04-19 11:45:42 +00:00
Thomas Eizinger
50d3edccd7 feat(apple): re-enable quinn-udps fast data path feature (#8818) 
Now that https://github.com/quinn-rs/quinn/pull/2208 is merged, we can
re-enable the `apple-fast-datapath` feature again on Apple platforms.
Even if we cannot yet measure a speed-increase yet, this should at least
make UDP operations more efficient and thus reduce CPU and battery
usage.
 2025-04-19 10:37:37 +00:00
Thomas Eizinger
f51fd53708 chore(eBPF): use RangeInclusive::contains again (#8812) 
Now that we have figured out what the problem was with the eBPF kernel
not routing certain packets, we can undo the manual implementation of
the allocation range checking again and use the more concise
`RangeInclusive::contains`.

Related: #8809
Related: #8807
 2025-04-18 15:49:23 +00:00
Thomas Eizinger
492e54efaa build(rust): bump network-types to v0.0.8 (#8811) 
This new release includes several patches we have made upstream that
allow us to remove some of the vendored types from the crate. All fields
that we access from `network-types` are now stored as byte-arrays and
thus retain the big-endian byte ordering from the network.

Resolves: #8686
Related: https://github.com/vadorovsky/network-types/pull/34
Related: https://github.com/vadorovsky/network-types/pull/36
Related: https://github.com/vadorovsky/network-types/pull/38
 2025-04-18 15:21:14 +00:00
Thomas Eizinger
c52d88f421 fix(relay): stateless encoding/decoding (#8810) 
The STUN message encoder & decoder from `stun_codec` are stateful
operations. However, they only operate on one datagram at the time. If
encoding or decoding fails, their internal state is corrupted and must
be discarded. At present, this doesn't happen which leads to further
failures down the line because new datagrams coming in cannot be
correctly decoded.

To fix this, we scope the stateful nature of these encoders and decoders
to their respective functions.

Resolves: #8808
 2025-04-18 15:12:46 +00:00
Thomas Eizinger
96e739439b fix(relay): remove Config caching (#8809) 
In #8650, we originally added a feature-flag for toggling the eBPF TURN
router on and off at runtime. This later got removed again in #8681.
What remained was a "caching system" of the config that the eBPF kernel
and user space share with each other.
This config was initialised to the default configuration. If the
to-be-set config was the same as the current config, the config would
not actually apply to the array that was shared with the eBPF kernel.

At the time, we assumed that, if the config was not set in the kernel,
the lookup in the array would yield `None` and we would fall back to the
`Default` implementation of `Config`. This assumption was wrong. It
appears that look-ups in the array always yield an element: all zeros.
Initialising our config with all zeros yields the following:


![image](https://github.com/user-attachments/assets/6556f32d-8cff-4fba-aa29-f9ac7349ace6)

Of course, if this range is not initialised correctly, we can never
actually route packets arriving on allocation ports and with UDP
checksumming turned off, all packets routed the other way will have an
invalid checksum and therefore be dropped by the receiving host.

Our integration test did not catch this because in there, we purposely
disable UDP checksumming. That meant that the "caching" check in the
`ebpf::Program` did not trigger and we actually did set a `Config` in
the array, therefore initialising the allocation port range correctly
and allowing the packet to be routed.

To fix this, we remove this caching check again which means every
`Config` we set on the eBPF program actually gets copied to the shared
array. Originally, this caching check was introduced to avoid a syscall
on every event-loop iteration as part of checking the feature-flag. Now
that the feature-flag has been removed, we don't need to have this cache
anymore.
 2025-04-18 13:50:42 +00:00
Thomas Eizinger
4ade88b1b1 fix(eBPF): implement "is port in allocation range" ourselves (#8807) 
I am suspecting that something is wrong with the check that a port is
indeed within that range. Thus, we now implemented this ourselves with
two simple conditions.
 2025-04-18 06:43:33 +00:00
Thomas Eizinger
c5c195f282 chore(eBPF): change error log-levels (#8805) 
Neither of the moved error cases should happen very often so it is fine
to log them on debug.

- `Error::NotTurn` only happens if we receive a UDP packet that isn't
STUN traffic (port 3478) or not in the allocation-port range. I am
suspecting there to be a bug that I am aiming to fix in #8804.
- `Error::NotAChannelDataMessage` will happen for all STUN control
traffic, like channel bindings, allocation requests, etc. Those only
happen occasionally so won't spam too much.
- `Ipv4PacketWithOptions` should basically not happen at all because -
as far as I know - IPv4 options aren't used a lot.

In any case, when debugging, it is useful to see when we do hit these
cases to know, why a packet was offloaded to user space.
 2025-04-18 04:55:43 +00:00
Thomas Eizinger
0079f76ebd fix(eBPF): store allocation port-range in big-endian (#8804) 
Any communication between user-space and the eBPF kernel happens via
maps. The keys and values in these maps are serialised to bytes, meaning
the endianness of how these values are encoded matters!

When debugging why the eBPF kernels were not performing as much as we
thought they would, I noticed that only very small packets were getting
relayed. In particular, only packets encoded as channel-data packets
were getting unwrapped correctly. The reverse didn't happen at all.
Turning the log-level up to TRACE did reveal that we do in fact see
these packets but they don't get handled.

Here is the relevant section that handles these packets:


74ccf8e0b2/rust/relay/ebpf-turn-router/src/main.rs (L127-L151)

We can see the `trace!` log in the logs and we know that it should be
handled by the first `if`. But for some reason it doesn't.

x86 systems like the machines running in GCP are typically
little-endian. Network-byte ordering is big-endian. My current theory is
that we are comparing the port range with the wrong endianness and
therefore, this branch never gets hit, causing the relaying to be
offloaded to user space.

By storing the fields within `Config` in byte-arrays, we can take
explicit control over which endianness is used to store these fields.
 2025-04-18 04:51:40 +00:00
Jamil
a2e32a4918 ci: Bump apple to 1.4.10 to ship PKG (#8797) 
This publishes the 1.4.10 permalinks for the PKG download.
 2025-04-17 15:13:44 +00:00
Thomas Eizinger
38dedb8275 feat(relay): allow controlling log-level at runtime (#8800) 
When debugging issues with the relays on GCP, it is useful to be able to
change the log-level at runtime without having to redeploy them. We can
achieve this by running an additional HTTP server as part of the relay
that response to HTTP POST requests that contain new logging directives.

---------

Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
 2025-04-17 13:22:12 +00:00
Thomas Eizinger
4a39d5eafb chore(connlib): log malformed IP packets (#8799) 
When determining, how to NAT a certain packet, we need to identify
whether it is a UDP, TCP or ICMP packet and extract the relevant port or
identifier from it. When parsing these packets, we may run into a
situation where the IP number says that the packet is TCP but it is
actually malformed and we cannot parse the port from it.

In such situations, we end up constructing a `UnsupportedProtocol` error
that then confusingly states the we don't support the TCP protocol (or
UDP / ICMP if those are malformed).

The parsing error here is currently silently discarded as part of the
`.ok()` combinator when constructing the relevant slice. To make these
logs easier to understand, we now add an `inspect_err` call prior to
this the prints, why the packet could not be parsed.

Long-term, I am planning to refactor our IP packet model to eagerly
parse the layer 3 + 4 headers. This will also be necessary to implement
segmentation offloading on the TUN device. Doing so will improve
situations like because we will either pass through the malformed packet
(if at least the header is intact) or drop it much earlier already. In
either case, accessing things like port numbers will be infallible as
part of the processing code.
 2025-04-17 04:27:21 +00:00
Jamil
aab691a67f ci: Release Apple clients 1.4.9 (#8793) 
These contain the recent UDP thread enhancements.
 2025-04-15 20:14:43 +00:00
Jamil
743f5fdfeb ci: bump clients/gateway to ship write improvements (#8792) 
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
 2025-04-15 06:21:23 +00:00
Thomas Eizinger
901207b274 chore(rust): remove stale error context (#8787) 
Minor oversight from #8783. We accidentally retained this `.context`
even though there are now multiple error paths from the `Eventloop`, not
just portal connection errors.
 2025-04-14 20:35:11 -07:00
Thomas Eizinger
5ca61a3e3d fix(connlib): disable apple-fast-datapath on quinn-udp (#8784) 
There appears to be a regression on the most recent MacOS release (15.4)
where we can no longer set `src_ip` on outgoing datagrams for IPv6
sockets. In order to unblock the upcoming release, disable the
`fast-apple-datapath` feature until we know how to fix it.

Related: https://github.com/quinn-rs/quinn/issues/2206
Resolves: #8779
 2025-04-15 03:14:04 +00:00
Thomas Eizinger
7f5a81cc5a chore(rust-ffi): log non-authentication errors on error (#8785) 
In the FFI layer, it is tricky to decide what we should do with errors.
On the one hand, logging and returning errors is an anti-pattern because
it may lead to duplicate logs. In this particular case however, it is
useful to log the error on the Rust side because it allows our Sentry
integration to capture and include the DEBUG logs prior to this one
which may add crucial context.
 2025-04-15 02:28:09 +00:00
Thomas Eizinger
7c2163ddf4 fix(connlib): fail event-loops if UDP threads stop (#8783) 
The UDP socket threads added in #7590 are designed to never exit. UDP
sockets are stateless and therefore any error condition on them should
be isolated to sending / receiving a particular datagram. It is however
possible that code panics which will shut down the threads
irrecoverably. In this unlikely event, `connlib`'s event-loop would keep
spinning and spam the log with "UDP socket stopped". There is no good
way on how we can recover from such a situation automatically, so we
just quit `connlib` in that case and shut everything down.

To model this new error path, we refactor the `DisconnectError` to be
internally backed by `anyhow`.
 2025-04-15 02:27:37 +00:00
Thomas Eizinger
d693904063 chore(connlib): include total length of GSO batch in error msg (#8776) 
At present, we assume that we can send datagrams with the full 65535
bytes as the payload. If that were ever to fail, we are going to receive
a Sentry alert about it. For that one to be meaningful, include the
total length of the batch in the error message.
 2025-04-14 12:50:19 +00:00
Thomas Eizinger
b3746b330f refactor(connlib): spawn dedicated threads for UDP sockets (#7590) 
Correctly implementing asynchronous IO is notoriously hard. In order to
not drop packets in the process, one has to ensure a given socket is
ready to accept packets, buffer them if it is not case, suspend
everything else until the socket is ready and then continue.

Until now, we did this because it was the only option to run the UDP
sockets on the same thread as the actual packet processing. That in turn
was motivated by wanting to pass around references of the received
packets for processing. Rust's borrow-checker does not allow to pass
references between threads which forced us to have the sockets on the
same thread as the packet processing.

Like we already did in other places in `connlib`, this can be solved
through the use of buffer pools. Using a buffer pool, we can use heap
allocations to store the received packets without having to make a new
allocation every time we read new packets. Instead, we can have a
dedicated thread that is connected to `connlib`'s packet processing
thread via two channels (one for inbound and one for outbound packets).
These channels are bounded, which ensures backpressure is maintained in
case one of the two threads lags behind. These bounds also mean that we
have at most N buffers from the buffer pool in-flight (where N is the
capacity of the channel).

Within those dedicated threads, we can then use `async/await` notation
to suspend the entire task when a socket isn't ready for sending.

Resolves: #8000
 2025-04-14 06:18:06 +00:00
Thomas Eizinger
be897ed6c5 chore(gateway): require 4 cores to spawn more TUN threads (#8775) 
By default, we spawn 1 TUN send and 1 TUN receive thread on the Gateway.
In addition to that, we also have the main processing thread that
encrypts and decrypts packets. With #7590, we will be separating out the
UDP send and receive operations into yet another thread. As a result, we
will have at a minimum 4 threads running that perform IO or important
work.

Thus, in order to benefit from TUN multi-queue, we need more than 4
cores to be able to efficiently parallelise work.

Related: #8769
 2025-04-14 01:18:40 +00:00
Thomas Eizinger
859aa3cee0 feat(connlib): add context to event-loop errors (#8773) 
This should make it easier to diagnose any error returned from the
event-loop.
 2025-04-14 00:07:27 +00:00
Thomas Eizinger
19d954c76c fix(connlib): prioritise GSO batches with smaller segments (#8772) 
In order to implement GSO in `connlib`, we opted for an approach where
packets of the same length are being appended to a buffer. Each of these
buffers is the sent to the kernel in a single syscall, which drastically
decreases the per-packet overhead of syscalls and therefore improves
performance.

Within `connlib` itself, we prioritise control-protocol associated
packets over tunnel traffic. The idea here is that even under high-load,
we want to ensure that STUN probes between the peers and to the relays
are sent in a timely manner. Failing to send these probes results in a
false-positive detection of a lost connection because the `connlib`'s
internal state uses timeouts to detect such situations.

Despite processing the packets itself in a timely manner, it is still
possible that they get delayed depending on which order the get flushed
to the socket. This order is currently non-deterministic because
`GsoQueue` uses a `HashMap` internally and when accessing the
batched-together datagrams, we just access it via `iter_mut`.

To fix this, we use a `BTreeMap` instead and explicitly define the `Key`
to start with the `segment_size` field. As a result, entries within the
`BTreeMap` will be sorted ascending by `segment_size` (i.e. the size of
individual packets within the batch). Packets of smaller size are more
likely to be control messages like STUN binding requests or TURN
messages to the relays for managing allocations.

By sorting the map explicitly, we ensure that if the UDP socket is ready
to send, we flush out these messages first before moving on to bigger
packets such as the ones containing (more likely) WireGuard data
messages.
 2025-04-14 00:04:39 +00:00
Thomas Eizinger
d560eb00fd chore(rust): remove resolved duplicated dependency exclusion (#8766) 
We no longer have multiple versions of `tauri-winrt-notification` in our
dependency tree and can therefore remove this exclusion rule.

To ensure that we don't forget to update these in the future, we now
deny the `unnecessary-skip` lint that warns us when we have one of those
entries.
 2025-04-13 02:54:33 +00:00
Thomas Eizinger
574bd75ae5 build(rust): depend on quinn-udp's main branch (#8763) 
The latest `main` of `quinn-udp` includes important patches that will
surface errors around dropped packets.
 2025-04-13 01:57:47 +00:00