firezone

mirror of https://github.com/outbackdingo/firezone.git synced 2026-03-21 19:41:58 +00:00

Author	SHA1	Message	Date
Thomas Eizinger	8233db4d00	chore(connlib): bump `quinn-udp` (#8954 ) The latest release includes our upstreamed fix for handling `segment_size` > `contents.len()` and therefore our local workaround is no longer necessary.	2025-05-01 02:19:50 +00:00
dependabot[bot]	1ff545814d	build(deps-dev): bump vite from 6.3.2 to 6.3.4 in /rust/gui-client in the npm_and_yarn group (#8949 ) Bumps the npm_and_yarn group in /rust/gui-client with 1 update: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Updates `vite` from 6.3.2 to 6.3.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/releases">vite's releases</a>.</em></p> <blockquote> <h2>v6.3.4</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.3.4/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v6.3.3</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.3.3/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md">vite's changelog</a>.</em></p> <blockquote> <h2><!-- raw HTML omitted -->6.3.4 (2025-04-30)<!-- raw HTML omitted --></h2> <ul> <li>fix: check static serve file inside sirv (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965">#19965</a>) (<a href="`c22c43de61`">c22c43d</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19965">#19965</a></li> <li>fix(optimizer): return plain object when using <code>require</code> to import externals in optimized dependenci (<a href="`efc5eab253`">efc5eab</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19940">#19940</a></li> <li>refactor: remove duplicate plugin context type (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935">#19935</a>) (<a href="`d6d01c2292`">d6d01c2</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19935">#19935</a></li> </ul> <h2><!-- raw HTML omitted -->6.3.3 (2025-04-24)<!-- raw HTML omitted --></h2> <ul> <li>fix: ignore malformed uris in tranform middleware (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853">#19853</a>) (<a href="`e4d520141b`">e4d5201</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19853">#19853</a></li> <li>fix(assets): ensure ?no-inline is not included in the asset url in the production environment (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/1949">#1949</a> (<a href="`16a73c05d3`">16a73c0</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19496">#19496</a></li> <li>fix(css): resolve relative imports in sass properly on Windows (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19920">#19920</a>) (<a href="`ffab442704`">ffab442</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19920">#19920</a></li> <li>fix(deps): update all non-major dependencies (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19899">#19899</a>) (<a href="`a4b500ef9c`">a4b500e</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19899">#19899</a></li> <li>fix(ssr): fix execution order of re-export (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19841">#19841</a>) (<a href="`ed29dee2eb`">ed29dee</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19841">#19841</a></li> <li>fix(ssr): fix live binding of default export declaration and hoist exports getter (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19842">#19842</a>) (<a href="`80a91ff824`">80a91ff</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19842">#19842</a></li> <li>perf: skip sourcemap generation for renderChunk hook of import-analysis-build plugin (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19921">#19921</a>) (<a href="`55cfd04b10`">55cfd04</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19921">#19921</a></li> <li>test(ssr): test <code>ssrTransform</code> re-export deps and test stacktrace with first line (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19629">#19629</a>) (<a href="`9399cdaf8c`">9399cda</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19629">#19629</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`b040d547a1`"><code>b040d54</code></a> release: v6.3.4</li> <li><a href="`c22c43de61`"><code>c22c43d</code></a> fix: check static serve file inside sirv (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965">#19965</a>)</li> <li><a href="`efc5eab253`"><code>efc5eab</code></a> fix(optimizer): return plain object when using <code>require</code> to import externals ...</li> <li><a href="`d6d01c2292`"><code>d6d01c2</code></a> refactor: remove duplicate plugin context type (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935">#19935</a>)</li> <li><a href="`db9eb97b2f`"><code>db9eb97</code></a> release: v6.3.3</li> <li><a href="`e4d520141b`"><code>e4d5201</code></a> fix: ignore malformed uris in tranform middleware (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853">#19853</a>)</li> <li><a href="`55cfd04b10`"><code>55cfd04</code></a> perf: skip sourcemap generation for renderChunk hook of import-analysis-build...</li> <li><a href="`ffab442704`"><code>ffab442</code></a> fix(css): resolve relative imports in sass properly on Windows (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19920">#19920</a>)</li> <li><a href="`16a73c05d3`"><code>16a73c0</code></a> fix(assets): ensure ?no-inline is not included in the asset url in the produc...</li> <li><a href="`9399cdaf8c`"><code>9399cda</code></a> test(ssr): test <code>ssrTransform</code> re-export deps and test stacktrace with first ...</li> <li>Additional commits viewable in <a href="https://github.com/vitejs/vite/commits/v6.3.4/packages/vite">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=6.3.2&new-version=6.3.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/firezone/firezone/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-30 20:17:46 +00:00
Thomas Eizinger	8dd794d8c8	chore(gateway): record metrics about dropped packets (#8942 ) When a NAT session expires or other unallowed traffic is routed to the Gateway, we drop these packets. It will be useful to learn, how often that actually happens and what the reason is for why they got dropped. To do so, we add a counter metric for these packets. --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-04-30 18:24:10 +00:00
Thomas Eizinger	8a201494d0	ci: remove flaky Windows benchmark (#8941 ) This tunnel throughput benchmark isn't a very useful benchmark and it is very flaky. Remove it entirely until we can replace it with something more robust and useful. Resolves: #8172	2025-04-30 07:24:21 -07:00
Thomas Eizinger	6f11568c8c	fix(connlib): move `wire::dev::recv` log to right location (#8944 ) I don't understand why but in the current location, this log simply doesn't show up for anything other than UDP packets. If we move it up, it will actually log all packets.	2025-04-30 13:45:51 +00:00
Thomas Eizinger	ec4cd898ba	chore: release Gateway v1.4.7 (#8943 )	2025-04-30 13:37:32 +00:00
Thomas Eizinger	e031dfdb4a	refactor(connlib): introduce our own `bufferpool` crate (#8928 ) We have been using buffer pools for a while all over `connlib` as a way to efficiently use heap-allocated memory. This PR harmonizes the usage of buffer pools across the codebase by introducing a dedicated `bufferpool` crate. This crate offers a convenient and easy-to-use API for all the things we (currently) need from buffer pools. As a nice bonus of having it all in one place, we can now also track metrics of how many buffers we have currently allocated. An example output from the local metrics exporter looks like this: ``` Name : system.buffer.count Description : The number of buffers allocated in the pool. Unit : {buffers} Type : Sum Sum DataPoints Monotonic : false Temporality : Cumulative DataPoint #0 StartTime : 2025-04-29 12:41:25.278436 EndTime : 2025-04-29 12:42:25.278088 Value : 96 Attributes : -> system.buffer.pool.name: udp-socket-v6 -> system.buffer.pool.buffer_size: 65535 DataPoint #1 StartTime : 2025-04-29 12:41:25.278436 EndTime : 2025-04-29 12:42:25.278088 Value : 7 Attributes : -> system.buffer.pool.buffer_size: 131600 -> system.buffer.pool.name: gso-queue DataPoint #2 StartTime : 2025-04-29 12:41:25.278436 EndTime : 2025-04-29 12:42:25.278088 Value : 128 Attributes : -> system.buffer.pool.name: udp-socket-v4 -> system.buffer.pool.buffer_size: 65535 DataPoint #3 StartTime : 2025-04-29 12:41:25.278436 EndTime : 2025-04-29 12:42:25.278088 Value : 8 Attributes : -> system.buffer.pool.buffer_size: 1336 -> system.buffer.pool.name: ip-packet DataPoint #4 StartTime : 2025-04-29 12:41:25.278436 EndTime : 2025-04-29 12:42:25.278088 Value : 9 Attributes : -> system.buffer.pool.buffer_size: 1336 -> system.buffer.pool.name: snownet ``` Resolves: #8385	2025-04-30 08:52:18 +00:00
Thomas Eizinger	f7df445924	fix(gateway): don't invalidate active NAT sessions (#8937 ) Whenever the Gateway is instructed to (re)create the NAT for a DNS resource, it performs a DNS query and then overwrite the existing entries in the NAT table. Depending on how the DNS records are defined, this may lead to a very bad user experience where connections are cut regularly. In particular, if a service utilises round-robin DNS where a DNS query only ever returns a single entry yet that entry may change as soon as the TTL expires, all connections for this particular DNS resource for a Client get cut. To fix this, we now first check for active NAT sessions for a given proxy IP and only replace it if we don't have an open NAT session. The NAT sessions have a TTL of 1 minute, meaning there needs to be at least 1 outgoing packet from the Client every minute to keep it open.	2025-04-30 06:58:58 +00:00
Jamil	2650d81444	chore: release clients with GSO fix (#8936 )	2025-04-29 23:52:43 -07:00
Thomas Eizinger	c75b6c6641	feat(connlib): record the number of IO errors as a metric (#8934 ) It will be interesting to learn for example, how many installations have no IPv6 connectivity as those will encounter `NetworkUnreachable` errors. We categorise the errors by IO direction and IP stack which will allow us to deduce this information.	2025-04-30 05:24:55 +00:00
Thomas Eizinger	6dc5f85cc5	fix(connlib): don't buffer when recreating DNS resource NAT (#8935 ) In order to detect changes to DNS records of DNS resources, `connlib` will recreate the DNS resource NAT whenever it receives a query for a DNS resource. The way we implemented this was by clearing the local state of the DNS resource NAT, which triggered us to perform the handshake with the Gateway again upon the next packet for this resource. The Gateway would then perform the DNS query and respond back when this was finished. In order to not drop any packets, `connlib` has a buffer where it keeps the packets that are arriving in the meantime. This works reasonably well when the connection is first set up because we are only buffering a TCP SYN or equivalent handshake packet. Yet, when the connection is full use, and the application just so happens to make another DNS query, we halt the entire flow of packets until this is confirmed again. To prevent high memory use, the buffer for this packets is constrained to 32 packets which is nowhere near enough when a connection is actively transferring data (like a file upload). In most cases, the DNS query on the Gateway will yield the exact same results as because the records haven't changed. Thus, there is no reason for us to actually halt the flow of these packets when we are _recreating_ the DNS resource NAT. That way, this handshake happens in parallel to the actual packet flow and does not interrupt anything in the happy path case.	2025-04-30 04:26:49 +00:00
Thomas Eizinger	d19d20da51	fix(connlib): send IO errors from UDP threads to event-loop (#8933 ) With #7590, we've moved all UDP IO operations to a separate thread. As a result, some of the error handling of IO errors within the Client's and Gateway's event-loop no longer applied as those are now captured within the respective thread. To fix this, we extend the type-signature of the receive-channel to also allow for errors and use that to send back errors from sending AND receiving UDP datagrams.	2025-04-30 02:00:41 +00:00
Thomas Eizinger	4881280a3a	fix(connlib): don't set `segment_size` if it is > than payload (#8932 ) When a platform's network driver does not support GSO, `quinn-udp` detects that and disables segmentation offloading: > 04-30 11:32:49.161 19612 19836 I connlib : quinn_udp:👿 `libc::sendmsg` failed with I/O error (os error 5); halting segmentation offload What this means is that it sets an internal field that sets the GSO batch-size to 1 (instead of the default 32). We then use this batch-size to compute, how we are meant to chunk up the already batched datagrams. As a consequence of #8920, we are now also using a "feature" of GSO where the last datagram in a GSO batch is allowed to be less than the segment size. The combination of these two features now makes it possible that we are passing a datagram to the kernel where the `segment_size` is greater than the actual length. Android's Linux kernel doesn't seem to like that an barfs when being passed such a datagram with an IO error 5. The long-term fix is to sanitise this within `quinn-udp` but in the short-term, we can do this ourselves as part of the loop where we segment the datagrams. --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-04-30 01:58:34 +00:00
Thomas Eizinger	2ba7a87899	feat(connlib): add FFI for changing log-level on MacOS (#8927 ) This isn't plugged into anything yet on the Swift side but lays the foundation for changing the log-level at runtime without having to sign the user out.	2025-04-29 13:51:46 +00:00
Thomas Eizinger	122d84cfa2	fix(connlib): recreate log file if it got deleted (#8926 ) Currently, when `connlib`'s log file gets deleted, we write logs into nirvana until the corresponding process gets restarted. This is painful for users to do because they need to restart the IPC service or Network Extension. Instead, we can simply check if the log file exists prior to writing to it and re-create it if it doesn't. Resolves: #6850 Related: #7569	2025-04-29 13:05:02 +00:00
Thomas Eizinger	6114bb274f	chore(rust): make most of the Rust code compile on MacOS (#8924 ) When working on the Rust code of Firezone from a MacOS computer, it is useful to have pretty much all of the code at least compile to ensure detect problems early. Eventually, once we target features like a headless MacOS client, some of these stubs will actually be filled in an be functional.	2025-04-29 11:20:09 +00:00
Thomas Eizinger	091a1d0ab9	fix(headless-client): don't print error for `-h` (#8925 ) Resolves: #8897	2025-04-29 07:58:57 +00:00
Thomas Eizinger	66b7ca6f7f	fix(connlib): ensure we don't mistake SYN-ACK for SYN (#8922 ) This shouldn't matter because we are only using the `UniquePacketBuffer` on the client and not on the Gateway where SYN-ACK packets would be sent from. To be fully correct though, we need to also compare the ACK flag of the two packets.	2025-04-29 04:17:18 +00:00
Thomas Eizinger	fde8d08423	fix(connlib): maintain packet order across GSO batches (#8920 ) Despite our efforts in #8912, the current implementation still does not do enough to maintain packet ordering across GSO batches. At present, we very aggressively batch packets of the same length together. This however is too eager when we consider packet flows such as the following: ``` 9:03:49.585143 IP 10.128.15.241.3000 > 100.69.109.138.53474: Flags [.], seq 1:1229, ack 524, win 249, options [nop,nop,TS val 3862031964 ecr 1928356896], length 1228 09:03:49.585151 IP 10.128.15.241.3000 > 100.69.109.138.53474: Flags [P.], seq 1229:2063, ack 524, win 249, options [nop,nop,TS val 3862031964 ecr 1928356896], length 834 09:03:49.585157 IP 10.128.15.241.3000 > 100.69.109.138.53474: Flags [P.], seq 2063:3094, ack 524, win 249, options [nop,nop,TS val 3862031964 ecr 1928356896], length 1031 09:03:49.585187 IP 10.128.15.241.3000 > 100.69.109.138.53474: Flags [.], seq 3094:4322, ack 524, win 249, options [nop,nop,TS val 3862031964 ecr 1928356896], length 1228 09:03:49.585188 IP 10.128.15.241.3000 > 100.69.109.138.53474: Flags [P.], seq 4322:5156, ack 524, win 249, options [nop,nop,TS val 3862031964 ecr 1928356896], length 834 09:03:49.585227 IP 10.128.15.241.3000 > 100.69.109.138.53474: Flags [.], seq 5156:6384, ack 524, win 249, options [nop,nop,TS val 3862031964 ecr 1928356896], length 1228 09:03:49.585228 IP 10.128.15.241.3000 > 100.69.109.138.53474: Flags [P.], seq 6384:7612, ack 524, win 249, options [nop,nop,TS val 3862031964 ecr 1928356896], length 1228 09:03:49.585230 IP 10.128.15.241.3000 > 100.69.109.138.53474: Flags [P.], seq 7612:8249, ack 524, win 249, options [nop,nop,TS val 3862031964 ecr 1928356896], length 637 09:03:49.585846 IP 10.128.15.241.3000 > 100.69.109.138.53474: Flags [.], seq 8249:9477, ack 524, win 249, options [nop,nop,TS val 3862031964 ecr 1928356896], length 1228 09:03:49.585851 IP 10.128.15.241.3000 > 100.69.109.138.53474: Flags [P.], seq 9477:10705, ack 524, win 249, options [nop,nop,TS val 3862031964 ecr 1928356896], length 1228 ``` As we can see here, the remote sends us packet batches of varying lengths: - 1228, 834 - 1031 - 1228, 834 - 1228, 1228, 637 - 1228, 1228 1228 represents a "full" TCP packet so any packet following a full-packet SHOULD be grouped together into a GSO batch. Currently, we are batching all the 1228 packets together and we ignore the fact that there were actually smaller sized packets inbetween those that belong together. To mitigate this, we refactor the `GsoQueue` to remove the `segment_size` from the binning key of our map and instead only group batches by their source, destination and ECN information. Within such a connection, we then create an ordered list of batches. A new batch is started if the length differs or we have previously pushed a packet that isn't of the length of the batch, therefore signalling the end of the batch. The result here looks very promising (this is loading `blog.firezone.dev` via the `lynx` browser from within the headless-client docker container, so going through a Gateway running this PR): \|main\|this PR\| \|---\|---\| \|![Screenshot From 2025-04-29 10-32-00](https://github.com/user-attachments/assets/ba0535e4-1df9-4601-a2d7-ba099ba2313f)\|![image](https://github.com/user-attachments/assets/ab2ccec7-ce96-4305-8514-2e43d82ecc7d)\| Related: #8899	2025-04-29 00:50:23 +00:00
Thomas Eizinger	ad9a453aa1	feat(linux-client): reduce number of TUN threads to 1 (#8914 ) Having multiple threads for reading and writing the TUN device can cause packet re-orderings on the client. All other clients only use a single TUN thread, so aligning this value means a more consistent behaviour of Firezone across all platforms.	2025-04-28 12:25:27 +00:00
Thomas Eizinger	52efb280ee	chore(ip-packet): print length of payload (#8913 ) This is useful when debugging things.	2025-04-28 10:45:15 +00:00
Thomas Eizinger	e0faddf43f	chore(connlib): maintain order within a single GSO batch (#8912 ) Generic Segmentation Offload (GSO) is a clever way of reducing the number of syscalls made when a you want to send a lot of packets with the same length to the same recipient. The way this works is that the packets are concatenated and passed to the kernel as a single packet together with the `segment_size` as an out-of-band argument. The component managing this batching in `connlib` is called `GsoQueue`. In #8772, we made the order in which these batches are sent to the kernel explicit by prioritising batches with smaller segments. What we overlooked with that strategy is that in a particular GSO batch, the last packet is actually allowed to be of a different length. For example, say the user is downloading an image of 4500Kb. With our MTU of 1280, we have a payload size of 1252. This results in three fully-filled packets and one packet of 744 bytes. With the change in #8772, the small packet of 744 bytes will be transferred first, followed by the "train" of fully filled packets. To fix this, we flip the order here and transfer batches or larger sizes first. The original problem we attempted to mitigate in #8772 no longer exists now that we merged #7590. We will simply suspend now if the UDP socket isn't ready contrary to dropping the next batch. By flipping the order here, we guarantee that batches with a larger size are sent before batches with a smaller size. This should also imply that the encapsulated IP packets of e.g. an image arrive in the correct order (with the smallest packet last as it is part of a smaller batch). What we don't guarantee with this is that there won't be any other IP packets sent "in the middle" of such a batch. This shouldn't be a problem though as we are simply interleaving packets of different TCP / UDP connections with each other which already happens on the regular Internet anyway.	2025-04-28 06:53:43 +00:00
Thomas Eizinger	ac5e44d5d0	feat(connlib): request larger buffers for UDP sockets (#8731 ) Sufficiently large receive buffers are important to sustain high-throughput as latency increases. If the receive buffer in the kernel is too small, packets need to be dropped on arrival. Firefox uses 1MB in its QUIC stack [0]. `quic-go` recommends to set send and receive buffers to 7.5 MB [1]. Power users of Firezone are likely receiving a lot more traffic than the average Firefox user (especially with Internet Resource activated) so setting it to 10 MB seems reasonable. Sending packets is likely not as critical because we have back-pressure through our system such that we will stop reading IP packets when we cannot write to our UDP socket. The UDP socket is sitting in a separate thread and those threads are connected with dedicated queues which act as another buffer. However, as the data below shows, some systems have really small send buffers which are currently likely a speed bottleneck because we need to suspend writing so frequently. Assuming a 50ms latency, the bandwidth-delay product tells us that we can (in theory) saturate a 1.6 Gbps link with a 10MB receive buffer (assuming the OS also has large enough buffer sizes in its TCP or QUIC stack): ``` 80 Mb / 0.05s = 1600Mbps ``` Experiments and research [2] show the following: \|OS\|Receive buffer (default)\|Receive buffer (this PR)\|Send buffer (default)\|Send buffer (this PR)\| \|---\|---\|---\|---\|---\| \|Windows\|65KB\|10MB\|65KB\|1MB\| \|MacOS\|786KB\|8MB\|9KB\|1MB\| \|Linux\|212KB\|212KB\|212KB\|212KB\| With the exception of Linux, the OSes appear to be quite generous with how big they allow receive buffers to be. On Linux, these limit can be changed by setting the `core.net.rmem_max` and `core.net.wmem_max` parameters using `sysctl`. Most of our users are on Windows and MacOS, meaning they immediately benefit from this without having to change any system settings. Larger client-side UDP receive buffers are critical for any "download" scenario which is likely the majority of usecases that Firezone is used for. On Windows, increasing this receive buffer almost doubles the throughput in an iperf3 download test. [0]: https://github.com/mozilla/neqo/pull/2470 [1]: https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes [2]: https://unix.stackexchange.com/a/424381 --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Jamil <jamilbk@users.noreply.github.com>	2025-04-22 06:52:33 +00:00
Thomas Eizinger	93036734ae	build(rust): move our own `windows` dependency to `0.61.0` (#8730 ) Version `0.61.0` is what most of our dependencies bring in, so depending on that allows us to unify the dependency tree here.	2025-04-22 02:35:28 +00:00
Thomas Eizinger	44a402e1db	feat(connlib): increase the number of GRO batches (#8874 ) When reading from our UDP socket, we utilise GRO to read multiple packets originating from the same IP + port and with the same length in a single syscall. Currently, we can read up to 10 different combinations here in a single syscall. `quinn_udp` actually exposes a constant for how many batches it can handle at a time. Instead of hard-coding the value 10, we now follow this constant. On Linux and MacOS (with `apple-fast-datapath`), this constant has the value 32. On Windows, it is 1. Even on my not-so-fast Internet connection of 100Mbit, I can see an increase in batch-count of up to 29 so increasing this value seems to be definitely worth it.	2025-04-22 02:07:12 +00:00
Thomas Eizinger	74ff39ec6d	fix(connlib): shortcut `DatagramSegmentIter` on `len` (#8877 ) When the `recv` syscall completes, `quinn-udp` tells us how many batches we have read. On Windows, this is always 1 because Windows doesn't have an APIs to read more than a single GRO batch. The `DatagramSegmentIter` already has a way of detecting this, however it currently needs to iterator through all batches (10) and check that their `meta.length == 0` before realising this. We can shortcut the iterator early which might improve download performance on Windows. I can't measure a direct improvement here but I believe that is because we are currently limited by the buffer size on Windows. Regardless, this feels like the right thing to do.	2025-04-22 01:35:45 +00:00
Thomas Eizinger	d2e275be56	feat(connlib): classify UDP traffic by protocol (#8886 ) It creates a bit of duplication with code that we have in `snownet` but it is code that is unlikely to change because the protocols are already standarised. Contrary to recording the port, the cardinality of these protocols is much fixed to a much smaller range which will allow us to safely record these metrics in an actual time-series database further down the line whilst still reasoning about how much traffic we are sending over TURN, as STUN or as WireGuard.	2025-04-22 01:35:38 +00:00
Thomas Eizinger	bcbc8cd212	build(rust): bump `aya` to include BTF information feature (#8883 ) The latest version of `aya-build` automatically builds our eBPF program with BTF information enabled. Related: https://github.com/aya-rs/aya/pull/1250	2025-04-22 00:36:41 +00:00
Jamil	5db8e20f3b	chore: release Apple and GUI clients (#8882 ) - Apple clients 1.4.12 - GUI clients 1.4.11	2025-04-21 21:45:16 +00:00
Jamil	368ace2c6e	ci: Release Android 1.4.7 (#8878 ) App is live on Play store.	2025-04-21 21:12:27 +00:00
Thomas Eizinger	4d20856d21	chore(connlib): record GRO batch-size as histogram metric (#8875 ) This will allow us to test, how many batches we typically read from the UDP socket in a single syscall. Knowing that should help in profiling #8874.	2025-04-21 13:17:25 +00:00
dependabot[bot]	0ad7cc5b93	build(deps): bump log from 0.4.26 to 0.4.27 in /rust (#8870 ) Bumps [log](https://github.com/rust-lang/log) from 0.4.26 to 0.4.27. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/log/releases">log's releases</a>.</em></p> <blockquote> <h2>0.4.27</h2> <h2>What's Changed</h2> <ul> <li>A few minor lint fixes by <a href="https://github.com/nyurik"><code>@nyurik</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/671">rust-lang/log#671</a></li> <li>Enable clippy support for format-like macros by <a href="https://github.com/nyurik"><code>@nyurik</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/665">rust-lang/log#665</a></li> <li>Add an optional logger param by <a href="https://github.com/tisonkun"><code>@tisonkun</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/664">rust-lang/log#664</a></li> <li>Pass global logger by value, supplied logger by ref by <a href="https://github.com/KodrAus"><code>@KodrAus</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/673">rust-lang/log#673</a></li> <li>Prepare for 0.4.27 release by <a href="https://github.com/KodrAus"><code>@KodrAus</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/674">rust-lang/log#674</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/log/compare/0.4.26...0.4.27">https://github.com/rust-lang/log/compare/0.4.26...0.4.27</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/log/blob/master/CHANGELOG.md">log's changelog</a>.</em></p> <blockquote> <h2>[0.4.27] - 2025-03-24</h2> <h3>What's Changed</h3> <ul> <li>A few minor lint fixes by <a href="https://github.com/nyurik"><code>@nyurik</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/671">rust-lang/log#671</a></li> <li>Enable clippy support for format-like macros by <a href="https://github.com/nyurik"><code>@nyurik</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/665">rust-lang/log#665</a></li> <li>Add an optional logger param by <a href="https://github.com/tisonkun"><code>@tisonkun</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/664">rust-lang/log#664</a></li> <li>Pass global logger by value, supplied logger by ref by <a href="https://github.com/KodrAus"><code>@KodrAus</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/673">rust-lang/log#673</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/log/compare/0.4.26...0.4.27">https://github.com/rust-lang/log/compare/0.4.26...0.4.27</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`35161d0d25`"><code>35161d0</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/674">#674</a> from rust-lang/cargo/0.4.27</li> <li><a href="`cc131ef268`"><code>cc131ef</code></a> prepare for 0.4.27 release</li> <li><a href="`ea6f54d395`"><code>ea6f54d</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/673">#673</a> from rust-lang/feat/logger-by-ref</li> <li><a href="`d229c7355b`"><code>d229c73</code></a> fix unclosed code block</li> <li><a href="`02486e458c`"><code>02486e4</code></a> fill in more tests for logger argument</li> <li><a href="`71e034ffa6`"><code>71e034f</code></a> expand logger tests</li> <li><a href="`dfa067e65c`"><code>dfa067e</code></a> fix up kv passing</li> <li><a href="`39d4c3ab88`"><code>39d4c3a</code></a> run fmt</li> <li><a href="`7aacc8fea3`"><code>7aacc8f</code></a> pass global logger by value, supplied logger by ref</li> <li><a href="`a438c6ed08`"><code>a438c6e</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/664">#664</a> from tisonkun/logger-field</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/log/compare/0.4.26...0.4.27">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=log&package-manager=cargo&previous-version=0.4.26&new-version=0.4.27)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-21 12:19:13 +00:00
dependabot[bot]	04a3cf1a33	build(deps): bump keyring from 3.6.1 to 3.6.2 in /rust (#8869 ) Bumps [keyring](https://github.com/hwchen/keyring-rs) from 3.6.1 to 3.6.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hwchen/keyring-rs/releases">keyring's releases</a>.</em></p> <blockquote> <h2>v3.6.2: better docs, lighter-weight tests</h2> <p>Thanks to <a href="https://github.com/unkcpz"><code>@unkcpz</code></a>, this release fully documents all the platform-specific modules in each platform on <a href="https://docs.rs/keyring/latest/keyring/">docs.rs</a>.</p> <p>The dev dependencies (used for testing) have been switched from using <code>rand</code> to using the lighter-weight module <code>fastrand</code>.</p> <p>There are no functional code changes in this release, only test changes.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/open-source-cooperative/keyring-rs/blob/master/CHANGELOG.md">keyring's changelog</a>.</em></p> <blockquote> <h2>Version 3.6.2</h2> <ul> <li>Have docs.rs build docs for all modules on all platforms (thanks to <a href="https://github.com/unkcpz"><code>@unkcpz</code></a> - see <a href="https://redirect.github.com/hwchen/keyring-rs/issues/235">#235</a>).</li> <li>Switch to <code>fastrand</code> for tests (see <a href="https://redirect.github.com/hwchen/keyring-rs/issues/237">#237</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`ee3f80d0d3`"><code>ee3f80d</code></a> Merge pull request <a href="https://redirect.github.com/hwchen/keyring-rs/issues/238">#238</a> from brotskydotcom/issue-236</li> <li><a href="`766c8bc4e6`"><code>766c8bc</code></a> Switch to using fastrand for testing.</li> <li><a href="`f1b7ec192e`"><code>f1b7ec1</code></a> Merge pull request <a href="https://redirect.github.com/hwchen/keyring-rs/issues/237">#237</a> from unkcpz/fix/235/keyring-doc-xplat</li> <li><a href="`09c9c0dd94`"><code>09c9c0d</code></a> using matrix for targets in doctest.yaml</li> <li><a href="`307e575e2f`"><code>307e575</code></a> Move to doctest.yaml as ind CI and run inline from action</li> <li><a href="`8a5c6dd838`"><code>8a5c6dd</code></a> fast-fail test-docsrs-build.sh</li> <li><a href="`a40bd956fd`"><code>a40bd95</code></a> r-brot</li> <li><a href="`ac2a3b474d`"><code>ac2a3b4</code></a> experiment doccfg with attr docrs</li> <li><a href="`3d8da9603c`"><code>3d8da96</code></a> multi-target toolchain CI</li> <li><a href="`a994584d9b`"><code>a994584</code></a> remove -Zbuild-std which not required on docs.rs</li> <li>Additional commits viewable in <a href="https://github.com/hwchen/keyring-rs/compare/v3.6.1...v3.6.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=keyring&package-manager=cargo&previous-version=3.6.1&new-version=3.6.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-21 12:19:09 +00:00
dependabot[bot]	23c0db825e	build(deps): bump tauri from 2.5.0 to 2.5.1 in /rust in the tauri group (#8868 ) Bumps the tauri group in /rust with 1 update: [tauri](https://github.com/tauri-apps/tauri). Updates `tauri` from 2.5.0 to 2.5.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases">tauri's releases</a>.</em></p> <blockquote> <h2>tauri-runtime v2.5.1</h2> <!-- raw HTML omitted --> <pre><code>Updating git repository `https://github.com/tauri-apps/schemars.git` Updating crates.io index warning: Patch `schemars_derive v0.8.21 (https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)` was not used in the crate graph. Check that the patched package version and available features are compatible with the dependency requirements. If the patch has a different version from what is locked in the Cargo.lock file, run `cargo update` to use the new version. This may also occur with an optional dependency that is not enabled. Locking 1021 packages to latest compatible versions Adding apple-codesign v0.27.0 (available: v0.29.0) Adding axum v0.7.9 (available: v0.8.3) Adding colored v2.2.0 (available: v3.0.0) Adding ctor v0.2.9 (available: v0.4.1) Adding getrandom v0.2.15 (available: v0.3.2) Adding html5ever v0.26.0 (available: v0.30.0) Adding itertools v0.13.0 (available: v0.14.0) Adding json-patch v3.0.1 (available: v4.0.0) Adding minisign v0.7.3 (available: v0.7.9) Adding oxc_allocator v0.36.0 (available: v0.61.2) Adding oxc_ast v0.36.0 (available: v0.61.2) Adding oxc_parser v0.36.0 (available: v0.61.2) Adding oxc_span v0.36.0 (available: v0.61.2) Adding proc-macro-crate v2.0.0 (available: v2.0.2) Adding rand v0.8.5 (available: v0.9.0) Adding rpm v0.16.0 (available: v0.17.0) Adding serialize-to-javascript v0.1.1 (available: v0.1.2) Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2) Adding tauri-utils v1.6.0 (available: v1.6.2) Adding tiny_http v0.11.0 (available: v0.12.0) Adding webview2-com v0.36.0 (available: v0.37.0) Adding windows v0.60.0 (available: v0.61.1) Adding x509-certificate v0.23.1 (available: v0.24.0) Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 748 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1046 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Dependency tree: atk 0.18.2 └── gtk 0.18.2 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`766bccc341`"><code>766bccc</code></a> apply version updates (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13243">#13243</a>)</li> <li><a href="`31becbd1d1`"><code>31becbd</code></a> enhance(core): respect <code>data-tauri-drag-region="false"</code> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13269">#13269</a>)</li> <li><a href="`da2a6ae5e3`"><code>da2a6ae</code></a> fix(core): raw channel message type regression (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13268">#13268</a>)</li> <li><a href="`87fdc3b9cd`"><code>87fdc3b</code></a> chore(deps): update rust crate jsonschema to 0.30 (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13249">#13249</a>)</li> <li><a href="`30e76c7d3a`"><code>30e76c7</code></a> chore(deps): update rust crate brotli to v8 (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13264">#13264</a>)</li> <li><a href="`85b1912529`"><code>85b1912</code></a> Make tauri-runtime-wry optional with features (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13241">#13241</a>)</li> <li><a href="`82da4f17f5`"><code>82da4f1</code></a> fix(ci): ubuntu 20.04 no longer exists (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13240">#13240</a>)</li> <li>See full diff in <a href="https://github.com/tauri-apps/tauri/compare/tauri-v2.5.0...tauri-v2.5.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tauri&package-manager=cargo&previous-version=2.5.0&new-version=2.5.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-21 12:19:07 +00:00
Thomas Eizinger	0a620d20ca	build(rust): bump `iana-time-zone` (#8863 ) This eliminates one duplicate version of the `windows` crate in our dependency tree.	2025-04-20 22:59:22 +00:00
dependabot[bot]	80cf386a3a	build(deps): bump tempfile from 3.13.0 to 3.19.1 in /rust (#8845 ) Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.13.0 to 3.19.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md">tempfile's changelog</a>.</em></p> <blockquote> <h2>3.19.1</h2> <ul> <li>Don't unlink temporary files immediately on Windows (fixes <a href="https://redirect.github.com/Stebalien/tempfile/issues/339">#339</a>). Unfortunately, this seemed to corrupt the file object (possibly a Windows kernel bug) in rare cases and isn't strictly speaking necessary.</li> </ul> <h2>3.19.0</h2> <ul> <li>Remove direct dependency on <code>cfg-if</code>. It's still in the tree, but we didn't really need to use it in this crate.</li> <li>Add an unstable feature (<code>unstable-windows-keep-open-tempfile</code>) to test a potential fix to <a href="https://redirect.github.com/Stebalien/tempfile/issues/339">#339</a>.</li> </ul> <h2>3.18.0</h2> <ul> <li>Update <code>rustix</code> to 1.0.0.</li> <li>Make <code>NamedTempFile::persist_noclobber</code> atomic on Apple operating systems. It's now atomic on MacOS, Windows, and Linux (depending on the OS version and filesystem used).</li> </ul> <h2>3.17.1</h2> <ul> <li>Fix build with <code>windows-sys</code> 0.52. Unfortunately, we have no CI for older <code>windows-sys</code> versions at the moment...</li> </ul> <h2>3.17.0</h2> <ul> <li>Make sure to use absolute paths in when creating unnamed temporary files (avoids a small race in the "immediate unlink" logic) and in <code>Builder::make_in</code> (when creating temporary files of arbitrary types).</li> <li>Prevent a theoretical crash that could (maybe) happen when a temporary file is created from a drop function run in a TLS destructor. Nobody has actually reported a case of this happening in practice and I have been unable to create this scenario in a test.</li> <li>When reseeding with <code>getrandom</code>, use platform (e.g., CPU) specific randomness sources where possible.</li> <li>Clarify some documentation.</li> <li>Unlink unnamed temporary files on windows <em>immediately</em> when possible instead of waiting for the handle to be closed. We open files with "Unix" semantics, so this is generally possible.</li> </ul> <h2>3.16.0</h2> <ul> <li>Update <code>getrandom</code> to <code>0.3.0</code> (thanks to <a href="https://github.com/paolobarbolini"><code>@paolobarbolini</code></a>).</li> <li>Allow <code>windows-sys</code> versions <code>0.59.x</code> in addition to <code>0.59.0</code> (thanks <a href="https://github.com/ErichDonGubler"><code>@ErichDonGubler</code></a>).</li> <li>Improved security documentation (thanks to <a href="https://github.com/n0toose"><code>@n0toose</code></a> for collaborating with me on this).</li> </ul> <h2>3.15.0</h2> <p>Re-seed the per-thread RNG from system randomness when we repeatedly fail to create temporary files (<a href="https://redirect.github.com/Stebalien/tempfile/issues/314">#314</a>). This resolves a potential DoS vector (<a href="https://redirect.github.com/Stebalien/tempfile/issues/178">#178</a>) while avoiding <code>getrandom</code> in the common case where it's necessary. The feature is optional but enabled by default via the <code>getrandom</code> feature.</p> <p>For libc-free builds, you'll either need to disable this feature or opt-in to a different <a href="https://github.com/rust-random/getrandom?tab=readme-ov-file#opt-in-backends"><code>getrandom</code> backend</a>.</p> <h2>3.14.0</h2> <ul> <li>Make the wasip2 target work (requires tempfile's "nightly" feature to be enabled). <a href="https://redirect.github.com/Stebalien/tempfile/pull/305">#305</a>.</li> <li>Allow older windows-sys versions <a href="https://redirect.github.com/Stebalien/tempfile/pull/304">#304</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`95540ed3fc`"><code>95540ed</code></a> chore: release v3.19.1</li> <li><a href="`b60aae49c1`"><code>b60aae4</code></a> fix(windows): don't automatically delete files on open (<a href="https://redirect.github.com/Stebalien/tempfile/issues/344">#344</a>)</li> <li><a href="`167f544abe`"><code>167f544</code></a> ci(cargo-deny): remove windows-sys exception (<a href="https://redirect.github.com/Stebalien/tempfile/issues/343">#343</a>)</li> <li><a href="`42fff6813d`"><code>42fff68</code></a> chore: release v3.19.0</li> <li><a href="`61b4283c20`"><code>61b4283</code></a> feat(windows): add a feature to immediate tempfile deletion (<a href="https://redirect.github.com/Stebalien/tempfile/issues/340">#340</a>)</li> <li><a href="`c2d16b3bc3`"><code>c2d16b3</code></a> ci: downgrade once-cell on old rustc versions (<a href="https://redirect.github.com/Stebalien/tempfile/issues/342">#342</a>)</li> <li><a href="`35c204d7c2`"><code>35c204d</code></a> chore: remove cfg-if dependency (<a href="https://redirect.github.com/Stebalien/tempfile/issues/338">#338</a>)</li> <li><a href="`b8bddaf0cf`"><code>b8bddaf</code></a> release 3.18.0</li> <li><a href="`0e17869470`"><code>0e17869</code></a> update rustix (<a href="https://redirect.github.com/Stebalien/tempfile/issues/336">#336</a>)</li> <li><a href="`6cf65365a4`"><code>6cf6536</code></a> doc: fix markdown</li> <li>Additional commits viewable in <a href="https://github.com/Stebalien/tempfile/compare/v3.13.0...v3.19.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tempfile&package-manager=cargo&previous-version=3.13.0&new-version=3.19.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Thomas Eizinger <thomas@eizinger.io>	2025-04-20 22:49:41 +00:00
Thomas Eizinger	4c5fd9b256	feat(connlib): prefer relay candidates of same IP version (#8798 ) When calculating preferences for candidates, `str0m` currently always prefer IPv6 over IPv4. This is as per the ICE spec. Howver, this can lead to sub-optimal situations when a connection ends up using a TURN server. TURN allows a client to allocate an IPv4 and an IPv6 address in the same allocation. This makes it possible for e.g. an IPv4-only client to connect to an IPv6-only peer as long as the TURN server runs in dual-stack AND the client requests an IPv6 address in addition to an IPv4 address with the `ADDITIONAL-ADDRESS-FAMILY` attribute. Assume that a client sits behind symmetric NAT and therefore needs to rely on a TURN server to communicate with its peers. The TURN server as well as all the peers operate in dual-stack mode. The current priority calculation will yield a communication path that uses IPv4 to talk to the TURN server (as that is the only one available) but due to the preference ordering of IPv6 over IPv4, will use an IPv6 path to the peer, despite the peer also supporting IPv4. This isn't a problem per-se but makes our life unnecessarily difficult. Our TURN servers use eBPF to efficiently deal with TURN's channel-data messages. This however is at present only implemented for the IPv4 <> IPv4 and IPv6 <> IPv6 path. Implementing the other paths is possible but complicates the eBPF code because we need to also translate IP headers between versions and not just update the source and destination IPs. We have since patched `str0m` to extend the `Candidate::relayed` constructor to also take a `base` address which is - similar to the other candidate types - the address the client is sending from in order to use this candidate. In the context of relayed candidates, this is the address the client is using to talk to the TURN server. We can use this information in the candidate's priority calculation to prefer candidates that allow traffic to remain within one IP version, i.e. if the client talks to the TURN server over IPv4, the candidate with an allocated IPv4 address will have a higher priority than the one with the IPv6 address because we are applying a "punishment" factor as part of the local-preference component in the priority formula. Staying within the same IP version whilst relaying traffic allows our TURN servers to use their eBPF kernel which results in a better UX due to lower latency and higher throughput. The final candidate ordering is ultimately decided by the controlling ICE agent which in our case is the Firezone Client. Thus, we don't necessarily need to update Gateways in order to test / benefit from this. Building a Client with this patch included should be enough to benefit from this change. Related: https://github.com/algesten/str0m/pull/640 Related: https://github.com/algesten/str0m/pull/644	2025-04-20 22:41:56 +00:00
dependabot[bot]	4a81aed3cb	build(deps): bump domain from 0.10.3 to 0.10.4 in /rust (#8856 ) Bumps [domain](https://github.com/nlnetlabs/domain) from 0.10.3 to 0.10.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nlnetlabs/domain/releases">domain's releases</a>.</em></p> <blockquote> <h2>0.10.4</h2> <p>Other changes</p> <ul> <li>Fix a build issue with <a href="https://time-rs.github.io/"><em>time</em></a> 0.3.41. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/505">#505</a>, backported from <a href="https://redirect.github.com/nlnetlabs/domain/issues/503">#503</a> by [<a href="https://github.com/PSeitz"><code>@PSeitz</code></a>])</li> </ul> <p><a href="https://redirect.github.com/nlnetlabs/domain/issues/503">#503</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/503">NLnetLabs/domain#503</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/505">#505</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/505">NLnetLabs/domain#505</a> [<a href="https://github.com/PSeitz"><code>@PSeitz</code></a>]: <a href="https://github.com/PSeitz">https://github.com/PSeitz</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/NLnetLabs/domain/blob/main/Changelog.md">domain's changelog</a>.</em></p> <blockquote> <h2>0.10.4</h2> <p>Released 2025-03-31.</p> <p>Other changes</p> <ul> <li>Fix a build issue with <a href="https://time-rs.github.io/"><em>time</em></a> 0.3.41. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/505">#505</a>, backported from <a href="https://redirect.github.com/nlnetlabs/domain/issues/503">#503</a> by [<a href="https://github.com/PSeitz"><code>@PSeitz</code></a>])</li> </ul> <p><a href="https://redirect.github.com/nlnetlabs/domain/issues/503">#503</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/503">NLnetLabs/domain#503</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/505">#505</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/505">NLnetLabs/domain#505</a> [<a href="https://github.com/PSeitz"><code>@PSeitz</code></a>]: <a href="https://github.com/PSeitz">https://github.com/PSeitz</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`b851eeb543`"><code>b851eeb</code></a> Release 0.10.4. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/509">#509</a>)</li> <li><a href="`556255bcef`"><code>556255b</code></a> Update dependencies. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/508">#508</a>)</li> <li><a href="`1aae138ebd`"><code>1aae138</code></a> Explicit cast in comparison (series 0.10) (<a href="https://redirect.github.com/nlnetlabs/domain/issues/505">#505</a>)</li> <li><a href="`bffb0d97c9`"><code>bffb0d9</code></a> Clippy-suggested fixes introduces in Rust 1.85. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/506">#506</a>)</li> <li>See full diff in <a href="https://github.com/nlnetlabs/domain/compare/v0.10.3...v0.10.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=domain&package-manager=cargo&previous-version=0.10.3&new-version=0.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-20 11:58:20 +00:00
dependabot[bot]	6bae165302	build(deps-dev): bump @types/node from 22.13.9 to 22.14.1 in /rust/gui-client (#8833 ) Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 22.13.9 to 22.14.1. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/node&package-manager=npm_and_yarn&previous-version=22.13.9&new-version=22.14.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-20 11:16:56 +00:00
dependabot[bot]	ea53eebb74	build(deps): bump serde_json from 1.0.135 to 1.0.140 in /rust (#8857 ) Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.135 to 1.0.140. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.140</h2> <ul> <li>Documentation improvements</li> </ul> <h2>v1.0.139</h2> <ul> <li>Documentation improvements</li> </ul> <h2>v1.0.138</h2> <ul> <li>Documentation improvements</li> </ul> <h2>v1.0.137</h2> <ul> <li>Turn on "float_roundtrip" and "unbounded_depth" features for serde_json in play.rust-lang.org (<a href="https://redirect.github.com/serde-rs/json/issues/1231">#1231</a>)</li> </ul> <h2>v1.0.136</h2> <ul> <li>Optimize serde_json::value::Serializer::serialize_map by using Map::with_capacity (<a href="https://redirect.github.com/serde-rs/json/issues/1230">#1230</a>, thanks <a href="https://github.com/goffrie"><code>@goffrie</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`762783414e`"><code>7627834</code></a> Release 1.0.140</li> <li><a href="`d77a498c80`"><code>d77a498</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1245">#1245</a> from serde-rs/powerpc</li> <li><a href="`b34d317089`"><code>b34d317</code></a> Delete unused gcc installation</li> <li><a href="`f7200c3cf6`"><code>f7200c3</code></a> Ignore unbuffered_bytes clippy lint</li> <li><a href="`76cd4fb383`"><code>76cd4fb</code></a> Ignore elidable_lifetime_names pedantic clippy lint</li> <li><a href="`400eaa977f`"><code>400eaa9</code></a> Point standard library links to stable</li> <li><a href="`4d4f53c3b7`"><code>4d4f53c</code></a> Release 1.0.139</li> <li><a href="`5d6b32f378`"><code>5d6b32f</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1242">#1242</a> from dtolnay/writefloat</li> <li><a href="`e5bb8bd38f`"><code>e5bb8bd</code></a> Document behavior of write_f32/f64 on non-finite floats</li> <li><a href="`7a797810d2`"><code>7a79781</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1241">#1241</a> from dtolnay/doclink</li> <li>Additional commits viewable in <a href="https://github.com/serde-rs/json/compare/v1.0.135...v1.0.140">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.135&new-version=1.0.140)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-20 11:14:40 +00:00
Thomas Eizinger	92534ae4ec	test(connlib): ensure we have gaps in port ranges (#8862 ) This should fix the flaky proptest.	2025-04-20 11:02:55 +00:00
Thomas Eizinger	1af7f4f8c1	fix(rust): don't use jemalloc on ARMv7 (#8859 ) Doesn't compile on ARMv7 so we just fallback to the default allocator there.	2025-04-19 22:20:05 +00:00
Thomas Eizinger	ae4b7d9d08	test(connlib): correctly assert in `Io` unit-test (#8861 ) Not sure what I was smoking when I wrote this test but the current assertion makes no sense for what we actually want to test. As the test name says, we want to assert that if we are given an `Instant` in the past, we do in fact return a more recent one and therefore what is returned in `Input::Timeout` is at least as recent as `now`.	2025-04-19 22:17:51 +00:00
dependabot[bot]	9c10fbf8b5	build(deps-dev): bump typescript from 5.7.3 to 5.8.3 in /rust/gui-client (#8855 ) Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.7.3 to 5.8.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/microsoft/TypeScript/releases">typescript's releases</a>.</em></p> <blockquote> <h2>TypeScript 5.8.3</h2> <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-8/">release announcement</a>.</p> <ul> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.8.0%22+is%3Aclosed+">fixed issues query for Typescript 5.8.0 (Beta)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.8.1%22+is%3Aclosed+">fixed issues query for Typescript 5.8.1 (RC)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.8.2%22+is%3Aclosed+">fixed issues query for Typescript 5.8.2 (Stable)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.8.3%22+is%3Aclosed+">fixed issues query for Typescript 5.8.3 (Stable)</a>.</li> </ul> <p>Downloads are available on:</p> <ul> <li><a href="https://www.npmjs.com/package/typescript">npm</a></li> </ul> <h2>TypeScript 5.8</h2> <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-8/">release announcement</a>.</p> <ul> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.8.0%22+is%3Aclosed+">fixed issues query for Typescript 5.8.0 (Beta)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.8.1%22+is%3Aclosed+">fixed issues query for Typescript 5.8.1 (RC)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.8.2%22+is%3Aclosed+">fixed issues query for Typescript 5.8.2 (Stable)</a>.</li> </ul> <p>Downloads are available on:</p> <ul> <li><a href="https://www.npmjs.com/package/typescript">npm</a></li> </ul> <h2>TypeScript 5.8 RC</h2> <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-8-rc/">release announcement</a>.</p> <ul> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.8.0%22+is%3Aclosed+">fixed issues query for Typescript 5.8.0 (Beta)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.8.1%22+is%3Aclosed+">fixed issues query for Typescript 5.8.1 (RC)</a>.</li> </ul> <p>Downloads are available on:</p> <ul> <li><a href="https://www.npmjs.com/package/typescript">npm</a></li> </ul> <h2>TypeScript 5.8 Beta</h2> <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-8-beta/">release announcement</a>.</p> <ul> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+5.8.0%22+is%3Aclosed+">fixed issues query for Typescript 5.8.0 (Beta)</a>.</li> </ul> <p>Downloads are available on:</p> <ul> <li><a href="https://www.npmjs.com/package/typescript">npm</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`83dc0bb2ed`"><code>83dc0bb</code></a> Convert release publishing inputs into parameters (<a href="https://redirect.github.com/microsoft/TypeScript/issues/61523">#61523</a>)</li> <li><a href="`ba663f6ac2`"><code>ba663f6</code></a> Exclude completions of binding pattern variable initializers (<a href="https://redirect.github.com/microsoft/TypeScript/issues/52723">#52723</a>)</li> <li><a href="`7205eda454`"><code>7205eda</code></a> Bump github/codeql-action from 3.28.12 to 3.28.13 in the github-actions group...</li> <li><a href="`89c572ca0c`"><code>89c572c</code></a> Fixed a symbol display crash on expando members write locations (<a href="https://redirect.github.com/microsoft/TypeScript/issues/55478">#55478</a>)</li> <li><a href="`7b26d2eba5`"><code>7b26d2e</code></a> Fix incorrect name in new release pipeline (<a href="https://redirect.github.com/microsoft/TypeScript/issues/61514">#61514</a>)</li> <li><a href="`c7a559eeae`"><code>c7a559e</code></a> Add new release publisher yaml (<a href="https://redirect.github.com/microsoft/TypeScript/issues/61491">#61491</a>)</li> <li><a href="`29e6d6689d`"><code>29e6d66</code></a> Fix <code>lib.includes('dom')</code> check in <code>containerSeemsToBeEmptyDomElement</code> (<a href="https://redirect.github.com/microsoft/TypeScript/issues/61481">#61481</a>)</li> <li><a href="`19b777260b`"><code>19b7772</code></a> Bump the github-actions group with 4 updates (<a href="https://redirect.github.com/microsoft/TypeScript/issues/61474">#61474</a>)</li> <li><a href="`4dc677b292`"><code>4dc677b</code></a> Fix errors on type assertions in erasableSyntaxOnly (<a href="https://redirect.github.com/microsoft/TypeScript/issues/61452">#61452</a>)</li> <li><a href="`ee3dd7264b`"><code>ee3dd72</code></a> fix(60908): Unexpected "'Type' is declared but its value is never read." erro...</li> <li>Additional commits viewable in <a href="https://github.com/microsoft/TypeScript/compare/v5.7.3...v5.8.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript&package-manager=npm_and_yarn&previous-version=5.7.3&new-version=5.8.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-19 21:02:27 +00:00
dependabot[bot]	a3c221d7c2	build(deps): bump the tauri group in /rust/gui-client with 2 updates (#8825 ) Bumps the tauri group in /rust/gui-client with 2 updates: [@tauri-apps/api](https://github.com/tauri-apps/tauri) and [@tauri-apps/cli](https://github.com/tauri-apps/tauri). Updates `@tauri-apps/api` from 2.4.1 to 2.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases"><code>@tauri-apps/api</code>'s releases</a>.</em></p> <blockquote> <h2><code>@tauri-apps/api</code> v2.5.0</h2> <!-- raw HTML omitted --> <pre><code>No known vulnerabilities found </code></pre> <!-- raw HTML omitted --> <h2>[2.5.0]</h2> <h3>New Features</h3> <ul> <li> <p><a href="`66e6325f43`"><code>66e6325f4</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13136">#13136</a>) Allow passing the callback as the parameter of constructor of <code>Channel</code> so you can use it like this <code>new Channel((message) => console.log(message))</code></p> </li> <li> <p><a href="`ea36294cbc`"><code>ea36294cb</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13208">#13208</a>) Added <code>disableInputAccessoryView: bool</code> config for iOS.</p> </li> <li> <p><a href="`c1cd0a2ddb`"><code>c1cd0a2dd</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13090">#13090</a>) macOS/iOS: add option to disable or enable link previews when building a webview (the webkit api has it enabled by default)</p> <ul> <li><code>WindowOptions::allowLinkPreview</code></li> <li><code>WebviewOptions::allowLinkPreview</code></li> </ul> </li> <li> <p><a href="`b072e2b296`"><code>b072e2b29</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/9687">#9687</a>) Add <code>preventOverflow</code> config option to prevent the window from overflowing the monitor size on creation</p> </li> <li> <p><a href="`dd4f13ce4b`"><code>dd4f13ce4</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13185">#13185</a>) Added <code>app.setDockVisibility</code> for macOS.</p> </li> </ul> <h3>Enhancements</h3> <ul> <li><a href="`b8f86669ab`"><code>b8f86669a</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13145">#13145</a>) <code>core.isTauri</code> now leverages <code>globalThis</code> instead of <code>window</code> in order to be used in unit tests.</li> </ul> <h3>Bug Fixes</h3> <ul> <li><a href="`66e6325f43`"><code>66e6325f4</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13136">#13136</a>) Fix <code>Channel</code>'s callback attached to <code>window</code> never cleaned up</li> </ul> <!-- raw HTML omitted --> <pre><code>> @tauri-apps/api@2.5.0 npm-publish /home/runner/work/tauri/tauri/packages/api > pnpm build && cd ./dist && pnpm publish --access public --loglevel silly --no-git-checks <p>> <code>@tauri-apps/api</code><a href="https://github.com/2"><code>@2</code></a>.5.0 build /home/runner/work/tauri/tauri/packages/api > rollup -c --configPlugin typescript</p> <p>[36m [1m./src/app.ts, ./src/core.ts, ./src/dpi.ts, ./src/event.ts, ./src/image.ts, ./src/index.ts, ./src/menu.ts, ./src/mocks.ts, ./src/path.ts, ./src/tray.ts, ./src/webview.ts, ./src/webviewWindow.ts, ./src/window.ts[22m → [1m./dist, ./dist[22m...[39m [32mcreated [1m./dist, ./dist[22m in [1m1.7s[22m[39m [36m [1msrc/index.ts[22m → [1m../../crates/tauri/scripts/bundle.global.js[22m...[39m [32mcreated [1m../../crates/tauri/scripts/bundle.global.js[22m in [1m1.9s[22m[39m npm verbose cli /opt/hostedtoolcache/node/20.19.0/x64/bin/node /opt/hostedtoolcache/node/20.19.0/x64/bin/npm npm info using npm@10.8.2 </tr></table> </code></pre></p> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`977c4b496c`"><code>977c4b4</code></a> apply version updates (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li> <li><a href="`48b12b4404`"><code>48b12b4</code></a> chore: bump crates depending on tauri-utils as minor</li> <li><a href="`9356fa15d8`"><code>9356fa1</code></a> feat(core): include type name in state panic message (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li> <li><a href="`2dccfab532`"><code>2dccfab</code></a> fix: fileAssociations missing LSHandlerRank on macOS (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>) (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li> <li><a href="`5d3687e8c3`"><code>5d3687e</code></a> chore(tauri-driver): update README</li> <li><a href="`0cf2d9933f`"><code>0cf2d99</code></a> fix(tauri-driver): append .exe ext on app path on Windows, closes <a href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li> <li><a href="`1734273bbe`"><code>1734273</code></a> fix: using center and overflow together crashes (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li> <li><a href="`690146e311`"><code>690146e</code></a> fix(macros): invoke handler stack overflow (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li> <li><a href="`f888502fd2`"><code>f888502</code></a> fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li> <li><a href="`577c7ffc45`"><code>577c7ff</code></a> fix(webdriver): windows: make native webdriver close with parent process (fix...</li> <li>Additional commits viewable in <a href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/api-v2.4.1...@tauri-apps/api-v2.5.0">compare view</a></li> </ul> </details> <br /> Updates `@tauri-apps/cli` from 2.4.1 to 2.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases"><code>@tauri-apps/cli</code>'s releases</a>.</em></p> <blockquote> <h2><code>@tauri-apps/cli</code> v2.5.0</h2> <h2>[2.5.0]</h2> <h3>New Features</h3> <ul> <li><a href="`0aa48fb9e4`"><code>0aa48fb9e</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13030">#13030</a>) Added <code>bundleVersion</code> to iOS and macOS configuration to support specifying a <code>CFBundleVersion</code>.</li> </ul> <h3>Enhancements</h3> <ul> <li><a href="`ad3fd3890f`"><code>ad3fd3890</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13152">#13152</a>) Detect package manager from environment variable <code>npm_config_user_agent</code> first</li> <li><a href="`82406c61e0`"><code>82406c61e</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13231">#13231</a>) Improve iOS simulator usage, checking if Xcode iOS SDK is installed and allowing usage of Simulator for older iOS releases (previously only supported when running on Xcode via <code>ios dev --open</code>).</li> </ul> <h3>Bug Fixes</h3> <ul> <li><a href="`2dccfab532`"><code>2dccfab53</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13236">#13236</a>) Fix <code>fileAssociations</code> missing <code>LSHandlerRank</code> on macOS.</li> <li><a href="`0802529031`"><code>080252903</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13210">#13210</a>) Fixes iOS dev not working on Xcode 16.3 simulators. To apply the fix, either regenerate the Xcode project with <code>rm -r src-tauri/gen/apple && tauri ios init</code> or remove the <code>arm64-sim</code> architecture from the Xcode project.</li> </ul> <h3>Dependencies</h3> <ul> <li>Upgraded to <code>tauri-cli@2.5.0</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`977c4b496c`"><code>977c4b4</code></a> apply version updates (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li> <li><a href="`48b12b4404`"><code>48b12b4</code></a> chore: bump crates depending on tauri-utils as minor</li> <li><a href="`9356fa15d8`"><code>9356fa1</code></a> feat(core): include type name in state panic message (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li> <li><a href="`2dccfab532`"><code>2dccfab</code></a> fix: fileAssociations missing LSHandlerRank on macOS (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>) (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li> <li><a href="`5d3687e8c3`"><code>5d3687e</code></a> chore(tauri-driver): update README</li> <li><a href="`0cf2d9933f`"><code>0cf2d99</code></a> fix(tauri-driver): append .exe ext on app path on Windows, closes <a href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li> <li><a href="`1734273bbe`"><code>1734273</code></a> fix: using center and overflow together crashes (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li> <li><a href="`690146e311`"><code>690146e</code></a> fix(macros): invoke handler stack overflow (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li> <li><a href="`f888502fd2`"><code>f888502</code></a> fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li> <li><a href="`577c7ffc45`"><code>577c7ff</code></a> fix(webdriver): windows: make native webdriver close with parent process (fix...</li> <li>Additional commits viewable in <a href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/cli-v2.4.1...@tauri-apps/cli-v2.5.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-19 13:41:04 +00:00
Thomas Eizinger	a41395a165	feat(eBPF): embed BTF information in eBPF kernel (#8842 ) It turns out that the Rust compiler doesn't always say that it is adding debug information to a binary even when it does! The build output only displays `[optimized]` when in fact it does actually emit debug information. Adding an additional linker flag configures `bpf-linker` to include the necessary BTF information in our kernel. This makes debugging verifier errors much easier as the program output contains source code annotiations. It also should make it easier to debug issues using `xdpdump` which relies on BTF information. Resolves: #8503	2025-04-19 12:38:59 +00:00
dependabot[bot]	024b0b36ed	build(deps): bump the tauri group across 1 directory with 5 updates (#8841 ) Bumps the tauri group with 2 updates in the /rust directory: [tauri](https://github.com/tauri-apps/tauri) and [tauri-winrt-notification](https://github.com/tauri-apps/winrt-notification). Updates `tauri` from 2.4.1 to 2.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases">tauri's releases</a>.</em></p> <blockquote> <h2>tauri-runtime v2.5.0</h2> <!-- raw HTML omitted --> <pre><code>Updating git repository `https://github.com/tauri-apps/schemars.git` Updating crates.io index warning: Patch `schemars_derive v0.8.21 (https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)` was not used in the crate graph. Check that the patched package version and available features are compatible with the dependency requirements. If the patch has a different version from what is locked in the Cargo.lock file, run `cargo update` to use the new version. This may also occur with an optional dependency that is not enabled. Locking 1020 packages to latest compatible versions Adding apple-codesign v0.27.0 (available: v0.29.0) Adding axum v0.7.9 (available: v0.8.1) Adding colored v2.2.0 (available: v3.0.0) Adding ctor v0.2.9 (available: v0.4.1) Adding getrandom v0.2.15 (available: v0.3.2) Adding html5ever v0.26.0 (available: v0.30.0) Adding itertools v0.13.0 (available: v0.14.0) Adding json-patch v3.0.1 (available: v4.0.0) Adding minisign v0.7.3 (available: v0.7.9) Adding oxc_allocator v0.36.0 (available: v0.61.0) Adding oxc_ast v0.36.0 (available: v0.61.0) Adding oxc_parser v0.36.0 (available: v0.61.0) Adding oxc_span v0.36.0 (available: v0.61.0) Adding proc-macro-crate v2.0.0 (available: v2.0.2) Adding rand v0.8.5 (available: v0.9.0) Adding serialize-to-javascript v0.1.1 (available: v0.1.2) Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2) Adding tauri-utils v1.6.0 (available: v1.6.2) Adding tiny_http v0.11.0 (available: v0.12.0) Adding webview2-com v0.36.0 (available: v0.37.0) Adding windows v0.60.0 (available: v0.61.1) Adding x509-certificate v0.23.1 (available: v0.24.0) Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 742 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1045 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Dependency tree: atk 0.18.2 └── gtk 0.18.2 ├── wry 0.50.5 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`977c4b496c`"><code>977c4b4</code></a> apply version updates (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li> <li><a href="`48b12b4404`"><code>48b12b4</code></a> chore: bump crates depending on tauri-utils as minor</li> <li><a href="`9356fa15d8`"><code>9356fa1</code></a> feat(core): include type name in state panic message (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li> <li><a href="`2dccfab532`"><code>2dccfab</code></a> fix: fileAssociations missing LSHandlerRank on macOS (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>) (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li> <li><a href="`5d3687e8c3`"><code>5d3687e</code></a> chore(tauri-driver): update README</li> <li><a href="`0cf2d9933f`"><code>0cf2d99</code></a> fix(tauri-driver): append .exe ext on app path on Windows, closes <a href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li> <li><a href="`1734273bbe`"><code>1734273</code></a> fix: using center and overflow together crashes (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li> <li><a href="`690146e311`"><code>690146e</code></a> fix(macros): invoke handler stack overflow (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li> <li><a href="`f888502fd2`"><code>f888502</code></a> fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li> <li><a href="`577c7ffc45`"><code>577c7ff</code></a> fix(webdriver): windows: make native webdriver close with parent process (fix...</li> <li>Additional commits viewable in <a href="https://github.com/tauri-apps/tauri/compare/tauri-v2.4.1...tauri-v2.5.0">compare view</a></li> </ul> </details> <br /> Updates `tauri-build` from 2.1.1 to 2.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases">tauri-build's releases</a>.</em></p> <blockquote> <h2>tauri-build v2.2.0</h2> <!-- raw HTML omitted --> <pre><code>Updating git repository `https://github.com/tauri-apps/schemars.git` Updating crates.io index warning: Patch `schemars_derive v0.8.21 (https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)` was not used in the crate graph. Check that the patched package version and available features are compatible with the dependency requirements. If the patch has a different version from what is locked in the Cargo.lock file, run `cargo update` to use the new version. This may also occur with an optional dependency that is not enabled. Locking 1021 packages to latest compatible versions Adding apple-codesign v0.27.0 (available: v0.29.0) Adding axum v0.7.9 (available: v0.8.3) Adding colored v2.2.0 (available: v3.0.0) Adding ctor v0.2.9 (available: v0.4.1) Adding getrandom v0.2.15 (available: v0.3.2) Adding html5ever v0.26.0 (available: v0.31.0) Adding itertools v0.13.0 (available: v0.14.0) Adding json-patch v3.0.1 (available: v4.0.0) Adding minisign v0.7.3 (available: v0.7.9) Adding oxc_allocator v0.36.0 (available: v0.63.0) Adding oxc_ast v0.36.0 (available: v0.63.0) Adding oxc_parser v0.36.0 (available: v0.63.0) Adding oxc_span v0.36.0 (available: v0.63.0) Adding proc-macro-crate v2.0.0 (available: v2.0.2) Adding rand v0.8.5 (available: v0.9.0) Adding rpm v0.16.0 (available: v0.17.0) Adding serialize-to-javascript v0.1.1 (available: v0.1.2) Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2) Adding tauri-utils v1.6.0 (available: v1.6.2) Adding tiny_http v0.11.0 (available: v0.12.0) Adding x509-certificate v0.23.1 (available: v0.24.0) Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 752 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1046 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Dependency tree: atk 0.18.2 └── gtk 0.18.2 ├── wry 0.51.2 │ └── tauri-runtime-wry 2.6.0 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`977c4b496c`"><code>977c4b4</code></a> apply version updates (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li> <li><a href="`48b12b4404`"><code>48b12b4</code></a> chore: bump crates depending on tauri-utils as minor</li> <li><a href="`9356fa15d8`"><code>9356fa1</code></a> feat(core): include type name in state panic message (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li> <li><a href="`2dccfab532`"><code>2dccfab</code></a> fix: fileAssociations missing LSHandlerRank on macOS (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>) (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li> <li><a href="`5d3687e8c3`"><code>5d3687e</code></a> chore(tauri-driver): update README</li> <li><a href="`0cf2d9933f`"><code>0cf2d99</code></a> fix(tauri-driver): append .exe ext on app path on Windows, closes <a href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li> <li><a href="`1734273bbe`"><code>1734273</code></a> fix: using center and overflow together crashes (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li> <li><a href="`690146e311`"><code>690146e</code></a> fix(macros): invoke handler stack overflow (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li> <li><a href="`f888502fd2`"><code>f888502</code></a> fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li> <li><a href="`577c7ffc45`"><code>577c7ff</code></a> fix(webdriver): windows: make native webdriver close with parent process (fix...</li> <li>Additional commits viewable in <a href="https://github.com/tauri-apps/tauri/compare/tauri-build-v2.1.1...tauri-build-v2.2.0">compare view</a></li> </ul> </details> <br /> Updates `tauri-runtime` from 2.5.1 to 2.6.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases">tauri-runtime's releases</a>.</em></p> <blockquote> <h2>tauri-runtime v2.6.0</h2> <!-- raw HTML omitted --> <pre><code>Updating git repository `https://github.com/tauri-apps/schemars.git` Updating crates.io index warning: Patch `schemars_derive v0.8.21 (https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)` was not used in the crate graph. Check that the patched package version and available features are compatible with the dependency requirements. If the patch has a different version from what is locked in the Cargo.lock file, run `cargo update` to use the new version. This may also occur with an optional dependency that is not enabled. Locking 1021 packages to latest compatible versions Adding apple-codesign v0.27.0 (available: v0.29.0) Adding axum v0.7.9 (available: v0.8.3) Adding colored v2.2.0 (available: v3.0.0) Adding ctor v0.2.9 (available: v0.4.1) Adding getrandom v0.2.15 (available: v0.3.2) Adding html5ever v0.26.0 (available: v0.31.0) Adding itertools v0.13.0 (available: v0.14.0) Adding json-patch v3.0.1 (available: v4.0.0) Adding minisign v0.7.3 (available: v0.7.9) Adding oxc_allocator v0.36.0 (available: v0.63.0) Adding oxc_ast v0.36.0 (available: v0.63.0) Adding oxc_parser v0.36.0 (available: v0.63.0) Adding oxc_span v0.36.0 (available: v0.63.0) Adding proc-macro-crate v2.0.0 (available: v2.0.2) Adding rand v0.8.5 (available: v0.9.0) Adding rpm v0.16.0 (available: v0.17.0) Adding serialize-to-javascript v0.1.1 (available: v0.1.2) Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2) Adding tauri-utils v1.6.0 (available: v1.6.2) Adding tiny_http v0.11.0 (available: v0.12.0) Adding x509-certificate v0.23.1 (available: v0.24.0) Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 752 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1046 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Dependency tree: atk 0.18.2 └── gtk 0.18.2 ├── wry 0.51.2 │ └── tauri-runtime-wry 2.6.0 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`977c4b496c`"><code>977c4b4</code></a> apply version updates (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li> <li><a href="`48b12b4404`"><code>48b12b4</code></a> chore: bump crates depending on tauri-utils as minor</li> <li><a href="`9356fa15d8`"><code>9356fa1</code></a> feat(core): include type name in state panic message (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li> <li><a href="`2dccfab532`"><code>2dccfab</code></a> fix: fileAssociations missing LSHandlerRank on macOS (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>) (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li> <li><a href="`5d3687e8c3`"><code>5d3687e</code></a> chore(tauri-driver): update README</li> <li><a href="`0cf2d9933f`"><code>0cf2d99</code></a> fix(tauri-driver): append .exe ext on app path on Windows, closes <a href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li> <li><a href="`1734273bbe`"><code>1734273</code></a> fix: using center and overflow together crashes (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li> <li><a href="`690146e311`"><code>690146e</code></a> fix(macros): invoke handler stack overflow (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li> <li><a href="`f888502fd2`"><code>f888502</code></a> fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li> <li><a href="`577c7ffc45`"><code>577c7ff</code></a> fix(webdriver): windows: make native webdriver close with parent process (fix...</li> <li>Additional commits viewable in <a href="https://github.com/tauri-apps/tauri/compare/tauri-runtime-v2.5.1...tauri-runtime-v2.6.0">compare view</a></li> </ul> </details> <br /> Updates `tauri-utils` from 2.3.1 to 2.4.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases">tauri-utils's releases</a>.</em></p> <blockquote> <h2>tauri-utils v2.4.0</h2> <!-- raw HTML omitted --> <pre><code>Updating git repository `https://github.com/tauri-apps/schemars.git` Updating crates.io index warning: Patch `schemars_derive v0.8.21 (https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)` was not used in the crate graph. Check that the patched package version and available features are compatible with the dependency requirements. If the patch has a different version from what is locked in the Cargo.lock file, run `cargo update` to use the new version. This may also occur with an optional dependency that is not enabled. Locking 1021 packages to latest compatible versions Adding apple-codesign v0.27.0 (available: v0.29.0) Adding axum v0.7.9 (available: v0.8.3) Adding colored v2.2.0 (available: v3.0.0) Adding ctor v0.2.9 (available: v0.4.1) Adding getrandom v0.2.15 (available: v0.3.2) Adding html5ever v0.26.0 (available: v0.31.0) Adding itertools v0.13.0 (available: v0.14.0) Adding json-patch v3.0.1 (available: v4.0.0) Adding minisign v0.7.3 (available: v0.7.9) Adding oxc_allocator v0.36.0 (available: v0.63.0) Adding oxc_ast v0.36.0 (available: v0.63.0) Adding oxc_parser v0.36.0 (available: v0.63.0) Adding oxc_span v0.36.0 (available: v0.63.0) Adding proc-macro-crate v2.0.0 (available: v2.0.2) Adding rand v0.8.5 (available: v0.9.0) Adding rpm v0.16.0 (available: v0.17.0) Adding serialize-to-javascript v0.1.1 (available: v0.1.2) Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2) Adding tauri-utils v1.6.0 (available: v1.6.2) Adding tiny_http v0.11.0 (available: v0.12.0) Adding x509-certificate v0.23.1 (available: v0.24.0) Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 752 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1046 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Dependency tree: atk 0.18.2 └── gtk 0.18.2 ├── wry 0.51.2 │ └── tauri-runtime-wry 2.6.0 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`977c4b496c`"><code>977c4b4</code></a> apply version updates (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13123">#13123</a>)</li> <li><a href="`48b12b4404`"><code>48b12b4</code></a> chore: bump crates depending on tauri-utils as minor</li> <li><a href="`9356fa15d8`"><code>9356fa1</code></a> feat(core): include type name in state panic message (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13239">#13239</a>)</li> <li><a href="`2dccfab532`"><code>2dccfab</code></a> fix: fileAssociations missing LSHandlerRank on macOS (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13159">#13159</a>) (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13236">#13236</a>)</li> <li><a href="`5d3687e8c3`"><code>5d3687e</code></a> chore(tauri-driver): update README</li> <li><a href="`0cf2d9933f`"><code>0cf2d99</code></a> fix(tauri-driver): append .exe ext on app path on Windows, closes <a href="https://redirect.github.com/tauri-apps/tauri/issues/11317">#11317</a> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13">#13</a>...</li> <li><a href="`1734273bbe`"><code>1734273</code></a> fix: using center and overflow together crashes (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13235">#13235</a>)</li> <li><a href="`690146e311`"><code>690146e</code></a> fix(macros): invoke handler stack overflow (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13217">#13217</a>)</li> <li><a href="`f888502fd2`"><code>f888502</code></a> fix(core): use <code>Headers</code> in <code>sendIpcMessage</code> (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13227">#13227</a>)</li> <li><a href="`577c7ffc45`"><code>577c7ff</code></a> fix(webdriver): windows: make native webdriver close with parent process (fix...</li> <li>Additional commits viewable in <a href="https://github.com/tauri-apps/tauri/compare/tauri-utils-v2.3.1...tauri-utils-v2.4.0">compare view</a></li> </ul> </details> <br /> Updates `tauri-winrt-notification` from 0.7.1 to 0.7.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/winrt-notification/releases">tauri-winrt-notification's releases</a>.</em></p> <blockquote> <h2>tauri-winrt-notification v0.7.2</h2> <p>Updating crates.io index Locking 20 packages to latest compatible versions</p> <!-- raw HTML omitted --> <pre><code>Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 751 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (21 crate dependencies) </code></pre> <!-- raw HTML omitted --> <h2>[0.7.2]</h2> <ul> <li><a href="`a7ec5622c4`"><code>a7ec562</code></a> (<a href="https://redirect.github.com/tauri-apps/winrt-notification/pull/46">#46</a> by <a href="https://github.com/tauri-apps/winrt-notification/../../renovate"><code>@renovate</code></a>) Update <code>windows</code> crate to <code>0.61</code>.</li> </ul> <!-- raw HTML omitted --> <pre><code>Updating crates.io index Packaging tauri-winrt-notification v0.7.2 (/home/runner/work/winrt-notification/winrt-notification) Updating crates.io index Packaged 33 files, 100.8KiB (45.7KiB compressed) Uploading tauri-winrt-notification v0.7.2 (/home/runner/work/winrt-notification/winrt-notification) Uploaded tauri-winrt-notification v0.7.2 to registry `crates-io` note: waiting for `tauri-winrt-notification v0.7.2` to be available at registry `crates-io`. You may press ctrl-c to skip waiting; the crate should be available shortly. Published tauri-winrt-notification v0.7.2 at registry `crates-io` </code></pre> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/winrt-notification/blob/dev/CHANGELOG.md">tauri-winrt-notification's changelog</a>.</em></p> <blockquote> <h2>[0.7.2]</h2> <ul> <li><a href="`a7ec5622c4`"><code>a7ec562</code></a> (<a href="https://redirect.github.com/tauri-apps/winrt-notification/pull/46">#46</a> by <a href="https://github.com/tauri-apps/winrt-notification/../../renovate"><code>@renovate</code></a>) Update <code>windows</code> crate to <code>0.61</code>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`1cbe2d98ec`"><code>1cbe2d9</code></a> publish new versions (<a href="https://redirect.github.com/tauri-apps/winrt-notification/issues/48">#48</a>)</li> <li><a href="`b835cab9e6`"><code>b835cab</code></a> ci: Update action dependencies</li> <li><a href="`a7ec5622c4`"><code>a7ec562</code></a> chore(deps): update rust crate windows to 0.61 (<a href="https://redirect.github.com/tauri-apps/winrt-notification/issues/46">#46</a>)</li> <li><a href="`2893beae07`"><code>2893bea</code></a> ci: Create renovate.json</li> <li><a href="`f25d9114a1`"><code>f25d911</code></a> ci: Delete renovate.json</li> <li><a href="`daeb2631ab`"><code>daeb263</code></a> chore: Add <code>unpackaged-app</code> example (<a href="https://redirect.github.com/tauri-apps/winrt-notification/issues/45">#45</a>)</li> <li>See full diff in <a href="https://github.com/tauri-apps/winrt-notification/compare/tauri-winrt-notification-v0.7.1...tauri-winrt-notification-v0.7.2">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Thomas Eizinger <thomas@eizinger.io>	2025-04-19 12:33:24 +00:00
Thomas Eizinger	34f28e2ae6	feat(rust): use jemalloc for Gateway and Relay (#8846 ) `jemalloc` is a modern allocator that is designed for multi-threaded systems and can better handle smaller allocations that may otherwise fragment the heap. Firezone's components, especially Relays and Gateways are intended to operate with a long uptime and therefore need to handle memory efficiently.	2025-04-19 12:25:46 +00:00
dependabot[bot]	54f04108b2	build(deps-dev): bump vite from 6.2.6 to 6.3.2 in /rust/gui-client (#8829 ) Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 6.2.6 to 6.3.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/releases">vite's releases</a>.</em></p> <blockquote> <h2>v6.3.2</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.3.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>create-vite@6.3.1</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/create-vite@6.3.1/packages/create-vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v6.3.1</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.3.1/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>create-vite@6.3.0</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/create-vite@6.3.0/packages/create-vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v6.3.0</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.3.0/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v6.3.0-beta.2</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.3.0-beta.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v6.3.0-beta.1</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.3.0-beta.1/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v6.3.0-beta.0</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.3.0-beta.0/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md">vite's changelog</a>.</em></p> <blockquote> <h2><!-- raw HTML omitted -->6.3.2 (2025-04-18)<!-- raw HTML omitted --></h2> <ul> <li>fix: match default asserts case insensitive (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19852">#19852</a>) (<a href="`cbdab1d6a3`">cbdab1d</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19852">#19852</a></li> <li>fix: open first url if host does not match any urls (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19886">#19886</a>) (<a href="`6abbdce3d7`">6abbdce</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19886">#19886</a></li> <li>fix(css): respect <code>css.lightningcss</code> option in css minification process (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19879">#19879</a>) (<a href="`b5055e0dd4`">b5055e0</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19879">#19879</a></li> <li>fix(deps): update all non-major dependencies (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19698">#19698</a>) (<a href="`bab4cb9224`">bab4cb9</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19698">#19698</a></li> <li>feat(css): improve lightningcss messages (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19880">#19880</a>) (<a href="`c713f79b5a`">c713f79</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19880">#19880</a></li> </ul> <h2><!-- raw HTML omitted -->6.3.1 (2025-04-17)<!-- raw HTML omitted --></h2> <ul> <li>fix: avoid using <code>Promise.allSettled</code> in preload function (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19805">#19805</a>) (<a href="`35c7f35e2b`">35c7f35</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19805">#19805</a></li> <li>fix: backward compat for internal plugin <code>transform</code> calls (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19878">#19878</a>) (<a href="`a152b7cbac`">a152b7c</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19878">#19878</a></li> </ul> <h2>6.3.0 (2025-04-16)</h2> <ul> <li>fix(hmr): avoid infinite loop happening with <code>hot.invalidate</code> in circular deps (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19870">#19870</a>) (<a href="`d4ee5e8655`">d4ee5e8</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19870">#19870</a></li> <li>fix(preview): use host url to open browser (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19836">#19836</a>) (<a href="`5003434040`">5003434</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19836">#19836</a></li> </ul> <h2>6.3.0-beta.2 (2025-04-11)</h2> <ul> <li>fix: addWatchFile doesn't work if base is specified (fixes <a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19792">#19792</a>) (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19794">#19794</a>) (<a href="`8bed1de571`">8bed1de</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19792">#19792</a> <a href="https://redirect.github.com/vitejs/vite/issues/19794">#19794</a></li> <li>fix: correct the behavior when multiple transform filter options are specified (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19818">#19818</a>) (<a href="`7200deec91`">7200dee</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19818">#19818</a></li> <li>fix: fs check with svg and relative paths (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782">#19782</a>) (<a href="`62d7e81ee1`">62d7e81</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19782">#19782</a></li> <li>fix: keep entry asset files imported by other files (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19779">#19779</a>) (<a href="`2fa1495801`">2fa1495</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19779">#19779</a></li> <li>fix: reject requests with <code>#</code> in request-target (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830">#19830</a>) (<a href="`175a83909f`">175a839</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19830">#19830</a></li> <li>fix: unbundle <code>fdir</code> to fix <code>commonjsOptions.dynamicRequireTargets</code> (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19791">#19791</a>) (<a href="`71227be9aa`">71227be</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19791">#19791</a></li> <li>fix(css): remove empty chunk imports correctly when chunk file name contained special characters (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/1">#1</a> (<a href="`b1251720d4`">b125172</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19814">#19814</a></li> <li>fix(dev): make query selector regexes more inclusive (fix <a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19213">#19213</a>) (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19767">#19767</a>) (<a href="`f530a72246`">f530a72</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19213">#19213</a> <a href="https://redirect.github.com/vitejs/vite/issues/19767">#19767</a></li> <li>fix(hmr): run HMR handler sequentially (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19793">#19793</a>) (<a href="`380c10e665`">380c10e</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19793">#19793</a></li> <li>fix(module-runner): allow already resolved id as entry (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19768">#19768</a>) (<a href="`e2e11b15a6`">e2e11b1</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19768">#19768</a></li> <li>fix(types): remove the <code>keepProcessEnv</code> from the <code>DefaultEnvironmentOptions</code> type (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19796">#19796</a>) (<a href="`36935b58ea`">36935b5</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19796">#19796</a></li> <li>refactor: simplify pluginFilter implementation (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19828">#19828</a>) (<a href="`0a0c50a7ed`">0a0c50a</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19828">#19828</a></li> <li>perf(css): avoid constructing <code>renderedModules</code> (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19775">#19775</a>) (<a href="`59d0b35b30`">59d0b35</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19775">#19775</a></li> <li>test: tweak generateCodeFrame test (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19812">#19812</a>) (<a href="`8fe3538d90`">8fe3538</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19812">#19812</a></li> <li>docs(vite): fix description of <code>transformIndexHtml</code> hook (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19799">#19799</a>) (<a href="`a0e1a04026`">a0e1a04</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19799">#19799</a></li> <li>chore: remove unused eslint directive (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19781">#19781</a>) (<a href="`cb4f5b4b6b`">cb4f5b4</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19781">#19781</a></li> </ul> <h2>6.3.0-beta.1 (2025-04-03)</h2> <ul> <li>fix: align plugin hook filter behavior with pluginutils (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19736">#19736</a>) (<a href="`0bbdd2c133`">0bbdd2c</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19736">#19736</a></li> <li>fix: fs check in transform middleware (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761">#19761</a>) (<a href="`59673137c4`">5967313</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19761">#19761</a></li> <li>fix(hmr): throw non-standard error info causes logical error (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19776">#19776</a>) (<a href="`6b648c73ae`">6b648c7</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/19776">#19776</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`4bc17b4683`"><code>4bc17b4</code></a> release: v6.3.2</li> <li><a href="`b5055e0dd4`"><code>b5055e0</code></a> fix(css): respect <code>css.lightningcss</code> option in css minification process (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19879">#19879</a>)</li> <li><a href="`c713f79b5a`"><code>c713f79</code></a> feat(css): improve lightningcss messages (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19880">#19880</a>)</li> <li><a href="`cbdab1d6a3`"><code>cbdab1d</code></a> fix: match default asserts case insensitive (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19852">#19852</a>)</li> <li><a href="`6abbdce3d7`"><code>6abbdce</code></a> fix: open first url if host does not match any urls (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19886">#19886</a>)</li> <li><a href="`bab4cb9224`"><code>bab4cb9</code></a> fix(deps): update all non-major dependencies (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19698">#19698</a>)</li> <li><a href="`a7349ef31e`"><code>a7349ef</code></a> release: v6.3.1</li> <li><a href="`a152b7cbac`"><code>a152b7c</code></a> fix: backward compat for internal plugin <code>transform</code> calls (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19878">#19878</a>)</li> <li><a href="`35c7f35e2b`"><code>35c7f35</code></a> fix: avoid using <code>Promise.allSettled</code> in preload function (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19805">#19805</a>)</li> <li><a href="`5fdcfe77a9`"><code>5fdcfe7</code></a> release: v6.3.0</li> <li>Additional commits viewable in <a href="https://github.com/vitejs/vite/commits/v6.3.2/packages/vite">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=6.2.6&new-version=6.3.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-19 12:17:01 +00:00
dependabot[bot]	5698e5167e	build(deps): bump @tailwindcss/cli from 4.1.3 to 4.1.4 in /rust/gui-client (#8832 ) Bumps [@tailwindcss/cli](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-cli) from 4.1.3 to 4.1.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/releases"><code>@tailwindcss/cli</code>'s releases</a>.</em></p> <blockquote> <h2>v4.1.4</h2> <h3>Added</h3> <ul> <li>Add experimental <code>@tailwindcss/oxide-wasm32-wasi</code> target for running Tailwind in browser environments like StackBlitz (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17558">#17558</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Ensure <code>color-mix(…)</code> polyfills do not cause used CSS variables to be removed (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17555">#17555</a>)</li> <li>Ensure <code>color-mix(…)</code> polyfills create fallbacks for theme variables that reference other theme variables (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17562">#17562</a>)</li> <li>Fix brace expansion in declining ranges like <code>{10..0..5}</code> and <code>{0..10..-5}</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17591">#17591</a>)</li> <li>Work around a Chrome rendering bug when using the <code>skew-</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17627">#17627</a>)</li> <li>Ensure container query variant names can contain hyphens (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17628">#17628</a>)</li> <li>Ensure <code>shadow-inherit</code>, <code>inset-shadow-inherit</code>, <code>drop-shadow-inherit</code>, and <code>text-shadow-inherit</code> inherit the shadow color (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17647">#17647</a>)</li> <li>Ensure compatibility with array tuples used in <code>fontSize</code> JS theme keys (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li> <li>Ensure folders with binary file extensions in their names are scanned for utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17595">#17595</a>)</li> <li>Upgrade: Convert <code>fontSize</code> array tuple syntax to CSS theme variables (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md"><code>@tailwindcss/cli</code>'s changelog</a>.</em></p> <blockquote> <h2>[4.1.4] - 2025-04-14</h2> <h3>Added</h3> <ul> <li>Add experimental <code>@tailwindcss/oxide-wasm32-wasi</code> target for running Tailwind in browser environments like StackBlitz (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17558">#17558</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Ensure <code>color-mix(…)</code> polyfills do not cause used CSS variables to be removed (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17555">#17555</a>)</li> <li>Ensure <code>color-mix(…)</code> polyfills create fallbacks for theme variables that reference other theme variables (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17562">#17562</a>)</li> <li>Fix brace expansion in declining ranges like <code>{10..0..5}</code> and <code>{0..10..-5}</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17591">#17591</a>)</li> <li>Work around a Chrome rendering bug when using the <code>skew-</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17627">#17627</a>)</li> <li>Ensure container query variant names can contain hyphens (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17628">#17628</a>)</li> <li>Ensure <code>shadow-inherit</code>, <code>inset-shadow-inherit</code>, <code>drop-shadow-inherit</code>, and <code>text-shadow-inherit</code> inherit the shadow color (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17647">#17647</a>)</li> <li>Ensure compatibility with array tuples used in <code>fontSize</code> JS theme keys (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li> <li>Ensure folders with binary file extensions in their names are scanned for utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17595">#17595</a>)</li> <li>Upgrade: Convert <code>fontSize</code> array tuple syntax to CSS theme variables (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17630">#17630</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`aa836d3442`"><code>aa836d3</code></a> Prepare v4.1.4 release (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-cli/issues/17669">#17669</a>)</li> <li>See full diff in <a href="https://github.com/tailwindlabs/tailwindcss/commits/v4.1.4/packages/@tailwindcss-cli">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@tailwindcss/cli&package-manager=npm_and_yarn&previous-version=4.1.3&new-version=4.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-19 12:16:43 +00:00

1 2 3 4 5 ...

2278 Commits