To make releases even more smoother, this PR creates a bit of automation
that automatically bumps the versions in the `scripts/bump-versions.sh`
script and opens a PR for it.
When working on the Swift codebase, I noticed that running the formatter
produced a massive diff. This PR re-formats the Swift code with `swift
format . --recursive --in-place` and adds a CI check to enforce it going
forward.
Resolves: #9534
---------
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
- Adds a timeout to the required_checks workflow
- Expects all jobs to run, exiting the script early for main branch runs
- Adds `set -xe` so we catch script errors going forward
This CI run is running for over an hour, not sure which job it's waiting
on:
https://github.com/firezone/firezone/actions/runs/15565464294
When a CI job is running as part of a merge group, it's possible the
base ref is a few commits away if the merge queue has items in it. So we
update the fetch depth to 20.
We don't need to rebuild the Tauri clients every time we change Rust
code but we almost certainly want to rebuild them if we change any code
in the client itself so we can smoke test them.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
When evaluating the status of all required checks, we currently only look at the very first one. This is error prone and may result in `required-check` to be marked as successful too early. Instead of iterating through the list of jobs we have scheduled, we now instead look at all jobs that are running as part of the CI run. The idea here is:
- Any job that got started need to complete (one way or another)
- If _any_ job fails, we fail the required check
- If all jobs complete without a single failure, we pass the check
This plays well with "skipped" jobs which we sometimes have as part of CI.
This PR optimises our CI pipeline to only run workflows when certain
files change. To achieve this, we introduce a top-level `planner` job
that all other jobs primarily depend on. The `planner` job then computes
which other jobs to run and creates an output with a list of those.
Running only certain jobs is only the first half of the problem. The
second half is creating a dedicated job that we can mark as "required"
in GitHub. Without such a "required" check, the merge queue wouldn't
know, when a PR is good to be merged.
Jobs cannot have dynamic dependencies on other jobs. We therefore need
to emulate this by creating a polling loop that hits the GitHub API
every 10s and evaluates, whether all "required" jobs, i.e. the ones we
planned to run, have finished successfully.
---------
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Bumps
[taiki-e/install-action](https://github.com/taiki-e/install-action) from
2.52.4 to 2.52.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/releases">taiki-e/install-action's
releases</a>.</em></p>
<blockquote>
<h2>2.52.6</h2>
<ul>
<li>
<p>Update <code>cargo-udeps@latest</code> to 0.1.56.</p>
</li>
<li>
<p>Update <code>git-cliff@latest</code> to 2.9.1.</p>
</li>
</ul>
<h2>2.52.5</h2>
<ul>
<li>
<p>Update <code>typos@latest</code> to 1.33.1.</p>
</li>
<li>
<p>Update <code>git-cliff@latest</code> to 2.9.0.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.3.1.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md">taiki-e/install-action's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>This project adheres to <a href="https://semver.org">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased]</h2>
<h2>[2.52.6] - 2025-06-04</h2>
<ul>
<li>
<p>Update <code>cargo-udeps@latest</code> to 0.1.56.</p>
</li>
<li>
<p>Update <code>git-cliff@latest</code> to 2.9.1.</p>
</li>
</ul>
<h2>[2.52.5] - 2025-06-03</h2>
<ul>
<li>
<p>Update <code>typos@latest</code> to 1.33.1.</p>
</li>
<li>
<p>Update <code>git-cliff@latest</code> to 2.9.0.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.3.1.</p>
</li>
</ul>
<h2>[2.52.4] - 2025-05-31</h2>
<ul>
<li>
<p>Update <code>cargo-binstall@latest</code> to 1.12.6.</p>
</li>
<li>
<p>Update <code>wash@latest</code> to 0.42.0.</p>
</li>
</ul>
<h2>[2.52.3] - 2025-05-30</h2>
<ul>
<li>
<p>Update <code>cargo-nextest@latest</code> to 0.9.97.</p>
</li>
<li>
<p>Update <code>trivy@latest</code> to 0.63.0.</p>
</li>
<li>
<p>Update <code>protoc@latest</code> to 3.31.1.</p>
</li>
</ul>
<h2>[2.52.2] - 2025-05-27</h2>
<ul>
<li>Update <code>mdbook@latest</code> to 0.4.51.</li>
</ul>
<h2>[2.52.1] - 2025-05-25</h2>
<ul>
<li>
<p>Update <code>taplo@latest</code> to 0.10.0.</p>
</li>
<li>
<p>Update <code>mdbook@latest</code> to 0.4.50.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1cefd1553b"><code>1cefd15</code></a>
Release 2.52.6</li>
<li><a
href="6741c847f5"><code>6741c84</code></a>
Update <code>cargo-udeps@latest</code> to 0.1.56</li>
<li><a
href="821228b8ca"><code>821228b</code></a>
Update <code>git-cliff@latest</code> to 2.9.1</li>
<li><a
href="7bf3bbf310"><code>7bf3bbf</code></a>
Release 2.52.5</li>
<li><a
href="fcb7f36651"><code>fcb7f36</code></a>
Update <code>typos@latest</code> to 1.33.1</li>
<li><a
href="84dd63d16a"><code>84dd63d</code></a>
Update <code>git-cliff@latest</code> to 2.9.0</li>
<li><a
href="4871b28862"><code>4871b28</code></a>
Update <code>cargo-shear@latest</code> to 1.3.1</li>
<li>See full diff in <a
href="735e593394...1cefd1553b">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Now that our infra-as-code is moved into another repo, we need a
mechanism to trigger the staging deploy. We can use
`repository_dispatch` for that, which allows us to trigger the staging
workflow by sending an HTTP API request that matches the configuration
of the `repository_dispatch` workflow trigger on that repo.
Related: https://github.com/firezone/infra/pull/36
Bumps
[taiki-e/install-action](https://github.com/taiki-e/install-action) from
2.52.2 to 2.52.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/releases">taiki-e/install-action's
releases</a>.</em></p>
<blockquote>
<h2>2.52.4</h2>
<ul>
<li>
<p>Update <code>cargo-binstall@latest</code> to 1.12.6.</p>
</li>
<li>
<p>Update <code>wash@latest</code> to 0.42.0.</p>
</li>
</ul>
<h2>2.52.3</h2>
<ul>
<li>
<p>Update <code>cargo-nextest@latest</code> to 0.9.97.</p>
</li>
<li>
<p>Update <code>trivy@latest</code> to 0.63.0.</p>
</li>
<li>
<p>Update <code>protoc@latest</code> to 3.31.1.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md">taiki-e/install-action's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>This project adheres to <a href="https://semver.org">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased]</h2>
<h2>[2.52.4] - 2025-05-31</h2>
<ul>
<li>
<p>Update <code>cargo-binstall@latest</code> to 1.12.6.</p>
</li>
<li>
<p>Update <code>wash@latest</code> to 0.42.0.</p>
</li>
</ul>
<h2>[2.52.3] - 2025-05-30</h2>
<ul>
<li>
<p>Update <code>cargo-nextest@latest</code> to 0.9.97.</p>
</li>
<li>
<p>Update <code>trivy@latest</code> to 0.63.0.</p>
</li>
<li>
<p>Update <code>protoc@latest</code> to 3.31.1.</p>
</li>
</ul>
<h2>[2.52.2] - 2025-05-27</h2>
<ul>
<li>Update <code>mdbook@latest</code> to 0.4.51.</li>
</ul>
<h2>[2.52.1] - 2025-05-25</h2>
<ul>
<li>
<p>Update <code>taplo@latest</code> to 0.10.0.</p>
</li>
<li>
<p>Update <code>mdbook@latest</code> to 0.4.50.</p>
</li>
<li>
<p>Update <code>deepsource@latest</code> to 0.9.0.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.3.0.</p>
</li>
</ul>
<h2>[2.52.0] - 2025-05-22</h2>
<ul>
<li>
<p>Support <code>trivy</code>. (<a
href="https://redirect.github.com/taiki-e/install-action/pull/970">#970</a>,
thanks <a
href="https://github.com/jayvdb"><code>@jayvdb</code></a>)</p>
</li>
<li>
<p>Update <code>syft@latest</code> to 1.26.1.</p>
</li>
<li>
<p>Update <code>rclone@latest</code> to 1.69.3.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.2.8.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="735e593394"><code>735e593</code></a>
Release 2.52.4</li>
<li><a
href="4f4abc772a"><code>4f4abc7</code></a>
Update <code>cargo-binstall@latest</code> to 1.12.6</li>
<li><a
href="a13cc1aa67"><code>a13cc1a</code></a>
Update <code>wash@latest</code> to 0.42.0</li>
<li><a
href="2ee2c006bb"><code>2ee2c00</code></a>
Release 2.52.3</li>
<li><a
href="5e38d7308e"><code>5e38d73</code></a>
Update <code>cargo-nextest@latest</code> to 0.9.97</li>
<li><a
href="14dbe17742"><code>14dbe17</code></a>
Update <code>trivy@latest</code> to 0.63.0</li>
<li><a
href="097a2e7fdd"><code>097a2e7</code></a>
Update <code>protoc@latest</code> to 3.31.1</li>
<li>See full diff in <a
href="84c20235be...735e593394">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[vedantmgoyal9/winget-releaser](https://github.com/vedantmgoyal9/winget-releaser)
from 3e78d7ff0f525445bca5d6a989d31cdca383372e to
19e706d4c9121098010096f9c495a70a7518b30f.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="19e706d4c9"><code>19e706d</code></a>
fix: pwsh doesn't sort sometimes (resolves <a
href="https://redirect.github.com/vedantmgoyal9/winget-releaser/issues/323">#323</a>)</li>
<li>See full diff in <a
href="3e78d7ff0f...19e706d4c9">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The frontend of the GUI client is written in TypeScript and communicates
with the backend via event listeners. Currently, we only have
type-safety within either of those parts of the codebase but not across
it. The payloads of these events are JSON-encoded. Any change to this
interface therefore needs to be applied on either end.
To avoid this, we add `tslink` to the GUI client which generates
TypeScript interfaces from Rust structs. We still check those into Git
into order to make local builds easy (otherwise every dev would have to
set `TSLINK_BUILD=true` on their machine). Our Tauri CI build already
has a check to ensure the Git workspace isn't modified after building so
any changes to these generated files will fail CI.
This adds a bit more type-safety to the codebase and makes refactorings
on the GUI client easier.
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.17.0 to 6.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.18.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.61.0 to 0.62.1 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1381">docker/build-push-action#1381</a></li>
</ul>
<blockquote>
<p>[!NOTE]
<a
href="https://docs.docker.com/build/ci/github-actions/build-summary/">Build
summary</a> is now supported with <a
href="https://docs.docker.com/build-cloud/">Docker Build Cloud</a>.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0">https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="263435318d"><code>2634353</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1381">#1381</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="c0432d2e01"><code>c0432d2</code></a>
chore: update generated content</li>
<li><a
href="0bb1f27d6b"><code>0bb1f27</code></a>
set builder driver and endpoint attributes for dbc summary support</li>
<li><a
href="5f9dbf956c"><code>5f9dbf9</code></a>
chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.61.0 to
0.62.1</li>
<li><a
href="0788c444d8"><code>0788c44</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1375">#1375</a>
from crazy-max/remove-gcr</li>
<li><a
href="aa179ca4f4"><code>aa179ca</code></a>
e2e: remove GCR</li>
<li>See full diff in <a
href="1dc7386353...263435318d">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
musl.cc wholesale blocked GitHub Actions due to "abuse" so we need a
stop-gap measure to obtain these tools in CI runs.
Unfortunately there are no publicly-listed mirror for these build tools,
and any cron job we attempt to run to update these is going to be
blocked as well, so I simply uploaded them manually to a GCP bucket for
now.
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.16.0 to 6.17.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.17.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.59.0 to 0.61.0 by
<a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1364">docker/build-push-action#1364</a></li>
</ul>
<blockquote>
<p>[!NOTE]
Build record is now exported using the <a
href="https://docs.docker.com/reference/cli/docker/buildx/history/export/"><code>buildx
history export</code></a> command instead of the legacy export-build
tool.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0">https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1dc7386353"><code>1dc7386</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1364">#1364</a>
from crazy-max/history-export-cmd</li>
<li><a
href="9c9803f364"><code>9c9803f</code></a>
chore: update generated content</li>
<li><a
href="db1f6c46e8"><code>db1f6c4</code></a>
DOCKER_BUILD_EXPORT_LEGACY env var to opt-in for legacy export</li>
<li><a
href="721e8c79de"><code>721e8c7</code></a>
Bump <code>@docker/actions-toolkit</code> from 0.59.0 to 0.61.0</li>
<li>See full diff in <a
href="14487ce63c...1dc7386353">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[taiki-e/install-action](https://github.com/taiki-e/install-action) from
2.50.4 to 2.52.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/releases">taiki-e/install-action's
releases</a>.</em></p>
<blockquote>
<h2>2.52.2</h2>
<ul>
<li>Update <code>mdbook@latest</code> to 0.4.51.</li>
</ul>
<h2>2.52.1</h2>
<ul>
<li>
<p>Update <code>taplo@latest</code> to 0.10.0.</p>
</li>
<li>
<p>Update <code>mdbook@latest</code> to 0.4.50.</p>
</li>
<li>
<p>Update <code>deepsource@latest</code> to 0.9.0.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.3.0.</p>
</li>
</ul>
<h2>2.52.0</h2>
<ul>
<li>
<p>Support <code>trivy</code>. (<a
href="https://redirect.github.com/taiki-e/install-action/pull/970">#970</a>,
thanks <a
href="https://github.com/jayvdb"><code>@jayvdb</code></a>)</p>
</li>
<li>
<p>Update <code>syft@latest</code> to 1.26.1.</p>
</li>
<li>
<p>Update <code>rclone@latest</code> to 1.69.3.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.2.8.</p>
</li>
</ul>
<h2>2.51.3</h2>
<ul>
<li>
<p>Update <code>wasmtime@latest</code> to 33.0.0.</p>
</li>
<li>
<p>Update <code>cargo-tarpaulin@latest</code> to 0.32.7.</p>
</li>
<li>
<p>Update <code>espup@latest</code> to 0.15.1.</p>
</li>
<li>
<p>Update <code>dprint@latest</code> to 0.50.0.</p>
</li>
</ul>
<h2>2.51.2</h2>
<ul>
<li>
<p>Update <code>syft@latest</code> to 1.25.1.</p>
</li>
<li>
<p>Update <code>release-plz@latest</code> to 0.3.135.</p>
</li>
</ul>
<h2>2.51.1</h2>
<ul>
<li>
<p>Update <code>syft@latest</code> to 1.25.0.</p>
</li>
<li>
<p>Update <code>cargo-binstall@latest</code> to 1.12.5.</p>
</li>
</ul>
<h2>2.51.0</h2>
<ul>
<li>
<p>Support <code>cargo-shear</code>. (<a
href="https://redirect.github.com/taiki-e/install-action/pull/962">#962</a>,
thanks <a
href="https://github.com/vivienm"><code>@vivienm</code></a>)</p>
</li>
<li>
<p>Update <code>grcov@latest</code> to 0.10.0.</p>
</li>
<li>
<p>Update <code>cargo-nextest@latest</code> to 0.9.96.</p>
</li>
<li>
<p>Update <code>protoc@latest</code> to 3.31.0.</p>
</li>
<li>
<p>Update <code>syft@latest</code> to 1.24.0.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md">taiki-e/install-action's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>This project adheres to <a href="https://semver.org">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased]</h2>
<h2>[2.52.2] - 2025-05-27</h2>
<ul>
<li>Update <code>mdbook@latest</code> to 0.4.51.</li>
</ul>
<h2>[2.52.1] - 2025-05-25</h2>
<ul>
<li>
<p>Update <code>taplo@latest</code> to 0.10.0.</p>
</li>
<li>
<p>Update <code>mdbook@latest</code> to 0.4.50.</p>
</li>
<li>
<p>Update <code>deepsource@latest</code> to 0.9.0.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.3.0.</p>
</li>
</ul>
<h2>[2.52.0] - 2025-05-22</h2>
<ul>
<li>
<p>Support <code>trivy</code>. (<a
href="https://redirect.github.com/taiki-e/install-action/pull/970">#970</a>,
thanks <a
href="https://github.com/jayvdb"><code>@jayvdb</code></a>)</p>
</li>
<li>
<p>Update <code>syft@latest</code> to 1.26.1.</p>
</li>
<li>
<p>Update <code>rclone@latest</code> to 1.69.3.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.2.8.</p>
</li>
</ul>
<h2>[2.51.3] - 2025-05-20</h2>
<ul>
<li>
<p>Update <code>wasmtime@latest</code> to 33.0.0.</p>
</li>
<li>
<p>Update <code>cargo-tarpaulin@latest</code> to 0.32.7.</p>
</li>
<li>
<p>Update <code>espup@latest</code> to 0.15.1.</p>
</li>
<li>
<p>Update <code>dprint@latest</code> to 0.50.0.</p>
</li>
</ul>
<h2>[2.51.2] - 2025-05-18</h2>
<ul>
<li>Update <code>syft@latest</code> to 1.25.1.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="84c20235be"><code>84c2023</code></a>
Release 2.52.2</li>
<li><a
href="3e74d077d9"><code>3e74d07</code></a>
Update <code>mdbook@latest</code> to 0.4.51</li>
<li><a
href="6c6479b498"><code>6c6479b</code></a>
Release 2.52.1</li>
<li><a
href="fd087fdc9a"><code>fd087fd</code></a>
Update <code>taplo@latest</code> to 0.10.0</li>
<li><a
href="64cb046fe5"><code>64cb046</code></a>
Update <code>mdbook@latest</code> to 0.4.50</li>
<li><a
href="5de533f2e9"><code>5de533f</code></a>
Update <code>deepsource@latest</code> to 0.9.0</li>
<li><a
href="657fe8a2ad"><code>657fe8a</code></a>
Update cargo-sort manifest</li>
<li><a
href="27f9e86c40"><code>27f9e86</code></a>
Update <code>cargo-shear@latest</code> to 1.3.0</li>
<li><a
href="4be883217e"><code>4be8832</code></a>
codegen: Mark cargo-sort 2.0.0 and 2.0.1 broken for now</li>
<li><a
href="52039f2329"><code>52039f2</code></a>
Release 2.52.0</li>
<li>Additional commits viewable in <a
href="33734a1186...84c20235be">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
When opening a PR with a lengthy title, the `pr-lint` check will fail.
Fixing the title and re-running the check didn't fix it because it was
always referencing the original title that triggered the run.
To fix it, we need to fetch the title fresh on each run of the workflow.
Recently GitHub actions seems to have installed a buggy version of
compose that [fails with
`fatalError`](https://github.com/firezone/firezone/actions/runs/15181224905/job/42691214402?pr=9203)
on this line `docker compose up -d relay-1 relay-2 --no-build`.
Since those point to the same underlying image, I speculate that
separating these out will temporary alleviate this issue for us.
