Firezone Versions Save

WireGuard®-based zero-trust access platform with OIDC auth, identity sync, and NAT traversal.

1.0.1

2 weeks ago

✨ Features

feat(portal): Allow creating resources from Resources page @AndrewDryga (#4775)
feat(portal): Add legal_name field to accounts and sync it with new stripe metadata key @AndrewDryga (#4771)

🐛 Bug Fixes

fix(windows-client): package name should be "Firezone" not "firezone-client-gui" @ReactorScram (#4814)
fix(snownet): don't nominate discarded candidates @thomaseizinger (#4806)
fix(portal): Update site deletion modal message @bmanifold (#4795)
fix(gateway): Fix conditional used to check for upgrades @jamilbk (#4796)
fix(portal): Fix traffic filtering to send port-less rules @AndrewDryga (#4778)
fix(headless-client): clean up and exit gracefully when on_disconnect called @ReactorScram (#4785)
fix(windows-client): allow sign out while connlib is raising the tunnel @ReactorScram (#4766)
fix(website): fix linux client link @jamilbk (#4774)

🧰 Maintenance

chore(gui-client): use new download links @ReactorScram (#4754)
chore(gui-client/linux): fix notifications @ReactorScram (#4803)
revert(android): revert to unpublished version @jamilbk (#4807)
chore(gui-client/linux): fix DNS @ReactorScram (#4802)
perf: increase UDP send rate for performance test @jamilbk (#4793)
chore(connlib): make peer pure by taking utc time from parameters @conectado (#4773)
chore(gui-client): enable keyring for Linux @ReactorScram (#4799)
chore(devops): Add client monitor VM @bmanifold (#4794)
chore(gui-client): proof of concept for process splitting @ReactorScram (#4788)
chore(website): Update intro video @jamilbk (#4786)
chore(gateway): Handle edge cases where gateway binary couldn't be downloaded @jamilbk (#4783)
ci: use consistent binary dest path naming @jamilbk (#4772)
ci: Bump versions and fix release overwrites @jamilbk (#4769)
ci: bootstrap browser test harness if missing @jamilbk (#4767)
Fix: Correct typo in Terraform links @mdp (#4768)
build(deps): Bump tracing-panic from 0.1.1 to 0.1.2 in /rust @dependabot (#4811)
build(deps): Bump tauri from 1.6.1 to 1.6.2 in /rust @dependabot (#4809)
refactor(linux-client): package systemd unit for IPC service @ReactorScram (#4752)
refactor: Remove multiqueue flag for tun on Linux @jamilbk (#4798)
build(deps): Bump serde_json from 1.0.115 to 1.0.116 in /rust @dependabot (#4731)
build(deps): Bump async-trait from 0.1.79 to 0.1.80 in /rust @dependabot (#4732)
refactor(linux-client): remove FIREZONE_ID from example systemd file @ReactorScram (#4714)
refactor: Make published artifact names consistent and use permalinks @ReactorScram (#4746)

📝 Documentation

docs: Update egress table to include www.firezone.dev @jamilbk (#4805)
docs: Clarify rollback procedure for systemd-installed gateways @jamilbk (#4797)
docs: Fix ambiguity in saas access use case prereqs @jamilbk (#4762)

1.0.0

3 weeks ago

✨ Features

fix(snownet): properly handle dual-stack relays @thomaseizinger (#4750)
feat(website): Add battlecard to landing page @jamilbk (#4744)
feat(connlib): smoothly migrate relayed connections @thomaseizinger (#4568)
docs: Add common use cases @jamilbk (#4677)
feat(docs): Add Cloudflare WARP known incompatibility issue @jamilbk (#4704)
feat(portal): Broadcast relays presence to gateways and add invalidate_ice_candidates messages @AndrewDryga (#4685)
ci: Only build debug images for linux/amd64 @jamilbk (#4612)
ci: Enable client compatibility tests @jamilbk (#4610)

🐛 Bug Fixes

fix(linux-client): forbid passing the token as a CLI arg @ReactorScram (#4683)
fix(snownet): invalidate host candidates on reconnect @thomaseizinger (#4755)
fix(snownet): properly handle dual-stack relays @thomaseizinger (#4750)
fix(portal): Hide API clients sidebar link in UI when feature disabled @bmanifold (#4747)
fix(relay): clear channel bindings when allocation is deleted @thomaseizinger (#4705)
fix(portal): Fix bug with preset values in policies dropdowns @AndrewDryga (#4693)
fix(website): Add missing sidebar link @jamilbk (#4676)
fix(linux-client): don't show the token in --help @ReactorScram (#4654)
fix(website): Fix broken links @jamilbk (#4645)
fix(apple): Append to Swift logfile instead of overwriting each time @jamilbk (#4633)
fix(windows-client): remove spurious "Connected to Firezone" notifications @ReactorScram (#4603)
fix(windows): patch some DNS leaks @ReactorScram (#4530)
fix(portal): remove typo in manual command var @jamilbk (#4614)
fix(ci): Override release_drafter commitish since we run on PRs now @jamilbk (#4608)
fix(ci): autolabeler to fix changelog drafting @jamilbk (#4591)

🧰 Maintenance

chore(connlib): forward panics containing an owned string @thomaseizinger (#4760)
chore: remove test lib bash sourcing from customer-run scripts @jamilbk (#4753)
chore(snownet): free memory of allocation without valid credentials @thomaseizinger (#4720)
chore(ip-packet): address PR feedback @thomaseizinger (#4721)
revert: Revert removal of GitHub link in the navbar @jamilbk (#4734)
chore(website): revert split-horizon DNS terming @jamilbk (#4703)
ci: Don't run browser tests on release images @jamilbk (#4722)
test(client): add reconnection tests from a client using a headless browser @conectado (#4569)
chore(snownet): don't update remote socket from WG activity @thomaseizinger (#4615)
chore(website): Publish macOS client @jamilbk (#4719)
chore(docs): Update sizing recs for Gateways @jamilbk (#4708)
chore(website): Use sales / sign up for CTA in navbar @jamilbk (#4711)
chore(linux-client): allow custom token path @ReactorScram (#4666)
chore: extract common ip-packet crate @thomaseizinger (#4702)
ci: remove setting of unused env variable @thomaseizinger (#4710)
chore(relay): restore request metadata for control messages @thomaseizinger (#4699)
chore(relay): log all failed requests on warn @thomaseizinger (#4700)
chore(connlib): remove MTU refreshing @thomaseizinger (#4698)
test(linux-client): move linux-group test out of integration tests @ReactorScram (#4692)
chore(snownet): assert that we can send ICMP packets through the tunnel @thomaseizinger (#4675)
test(connlib): assert connection intents using property-based state machine test @thomaseizinger (#4597)
ci: run assertions inside docker container @thomaseizinger (#4680)
ci(fix): replace more invalid ref chars @jamilbk (#4687)
test(linux-client): disable failing test @ReactorScram (#4689)
chore(docs): fix FAQ link to architecture @jamilbk (#4684)
test(linux-client): fix linux-group integration test @ReactorScram (#4671)
chore(phoenix-channel): don't log message on deserialisation error @thomaseizinger (#4673)
chore(relay): parse init message @thomaseizinger (#4672)
chore(linux-client): print resources with tracing::debug @ReactorScram (#4658)
test(linux-client): temporarily disable failing linux-group integration test @ReactorScram (#4670)
chore(connlib): add unit test for deserializing broadcast_ice_candidates @thomaseizinger (#4646)
chore(linux): only allow IPC connections from members of the firezone group @ReactorScram (#4628)
test(linux-client): check if we can add the user to a group in a CI test @ReactorScram (#4600)
chore(docs): formalize the rule for logging sensitive info @ReactorScram (#4663)
chore(linux): ask systemd to limit our privileges @ReactorScram (#4630)
chore(docs): Recommend 3 gateways @jamilbk (#4649)
chore(website): update wireguard impl @jamilbk (#4648)
chore(rust): fix local docker development @conectado (#4642)
chore(ci): build docker dev images with main @jamilbk (#4643)
chore(ci): Use netstat instead of ss for release image tests @jamilbk (#4640)
chore(devops): Fix GH overriding main branch statuses @AndrewDryga (#4639)
chore(portal): Add one more test for relays lb @AndrewDryga (#4638)
chore(portal): Change name and structure of relays presence event @AndrewDryga (#4623)
chore(ci): .env not available in with shared workflow context @jamilbk (#4631)
ci: Add tag name to build-dev-images @jamilbk (#4629)
chore(connlib): upsert relays from "init" message @thomaseizinger (#4567)
test(linux-client): separate the token from the systemd unit file @ReactorScram (#4626)
refactor(perf-tests): add prefixes 'base' and 'head' @ReactorScram (#4598)
test(integration): remove redundant integration-test- prefix @ReactorScram (#4601)
feat(portal): Broadcast relays presence updates to the client and return them in init @AndrewDryga (#4596)
docs(client): how to read logs with jq @ReactorScram (#4599)
chore(relay): perform graceful shutdown upon receiving SIGTERM @thomaseizinger (#4552)
chore(relay): connect to portal in the background during startup @thomaseizinger (#4594)
chore(snownet): add unit-test for roaming networks @thomaseizinger (#4585)
chore(portal): Try new LoggerJSON implementation @AndrewDryga (#4595)
ci: reduce duplication in integration tests @thomaseizinger (#4583)
chore(clients): Bump Apple to 1.0.2; Android 1.0.1 @jamilbk (#4590)
fix(website): Add metadatas for site links to generate @jamilbk (#4593)
build(deps): Bump rustls from 0.22.3 to 0.22.4 in /rust in the cargo group @dependabot (#4715)
build(deps): Bump time from 0.3.34 to 0.3.36 in /rust @dependabot (#4730)
refactor(connlib): remove PacketTransform abstraction @thomaseizinger (#4709)
refactor(docs): Refactor KbSideBar to more accurately reflect content @jamilbk (#4712)
build(deps): Bump either from 1.10.0 to 1.11.0 in /rust @dependabot (#4621)
refactor(portal): Allow concurrent updates to synced actor/actor identities during sync @AndrewDryga (#4409)
refactor(linux-client): rename daemon subcommand to ipc-service @ReactorScram (#4656)
refactor(portal): Refactor client login to use HTML meta refresh and cookie @bmanifold (#4617)
refactor(test): use 'set -euox' instead of manual echos @ReactorScram (#4637)
build(deps): Bump redis from 0.25.2 to 0.25.3 in /rust @dependabot (#4622)
refactor(apple): Don't log error if calling stop on stopped tunnel @jamilbk (#4632)
refactor: Discord -> Slack @jamilbk (#4616)
refactor(headless-client): change CLI args for the IPC daemon @ReactorScram (#4604)
build(deps): Bump hostname from 0.3.1 to 0.4.0 in /rust @dependabot (#4620)
refactor(headless-client): use Tokio codec instead of hand-rolled length-delimited codec @ReactorScram (#4606)
build(deps): Bump the windows group in /rust with 2 updates @dependabot (#4619)

📝 Documentation

docs: Fix a few typos / wording issues @jamilbk (#4735)
docs: Add user/group limit info to Entra connector @jamilbk (#4725)
docs: Adjust format size based on screen size @jamilbk (#4724)
docs: Add common use cases @jamilbk (#4677)
docs: Architecture @jamilbk (#4605)

1.0.0-pre.14

1 month ago

Features

feat(docs): Add link to Terraform examples @jamilbk (#4508)
feat(docs): Show page last updated at for each doc page @jamilbk (#4587)
feat(website): GA updates @jamilbk (#3988)
feat(portal): Allow completely deleting accounts @AndrewDryga (#4557)

🧰 Maintenance

build(deps): Bump h2 from 0.3.25 to 0.3.26 in /rust @dependabot (#4525)
build(deps): Bump quinn-udp from a2a214b to cc0d2e9 in /rust @dependabot (#4540)
build(deps): Bump swift-bridge from 0.1.52 to 0.1.53 in /rust @dependabot (#4541)
build(deps): Bump swift-bridge-build from 0.1.52 to 0.1.53 in /rust @dependabot (#4434)
build(deps): Bump reqwest from 0.12.1 to 0.12.2 in /rust @dependabot (#4436)
build(deps): Bump chrono from 0.4.35 to 0.4.37 in /rust @dependabot (#4432)
style(docs): Use simple <pre> for monospace blocks @jamilbk (#4582)
chore(snownet): capture emitted events in test harness @thomaseizinger (#4584)
chore(ci): Allow versioning components separately @jamilbk (#4493)
test(ci): Remove e2e false start @jamilbk (#4580)
refactor(connlib): add property-based tests for adding and removing of resources @thomaseizinger (#4503)
refactor(docs): Docs polish iteration, add DoH known issue @jamilbk (#4579)
refactor(linux-client): replace client-tunnel with headless-client which is the same thing @ReactorScram (#4516)
chore(snownet): add unit-test for relayed connection @thomaseizinger (#4570)
chore(website): Add more feature popovers to pricing page and "Customize account slug" feature @jamilbk (#4574)
chore(portal): Send metrics to Google Cloud Monitoring @AndrewDryga (#4564)
chore(windows): bump Rust to handle CVE-2024-24576 @ReactorScram (#4576)
chore(client-tunnel): hook up placeholder IPC server for Linux @ReactorScram (#4465)
chore(portal): normal weight for helptext @jamilbk (#4572)
chore(connlib): fix test deps for 'connlib-client-shared' @ReactorScram (#4518)
chore(gateway): remove unused derives and messages @thomaseizinger (#4563)
chore(ci): Configure relay with new IP on restart tests @jamilbk (#4571)
build(deps): switch to released tracing-stackdriver @thomaseizinger (#4547)
build(deps): bump str0m dependency @thomaseizinger (#4555)
chore(website): april update @jamilbk (#4565)
refactor(snownet): remove allow-list of STUN and TURN servers @thomaseizinger (#4551)
chore(relay): fail health-check with 400 on being partitioned for > 15min @thomaseizinger (#4553)
chore(snownet): add required feature to dev-dependency @thomaseizinger (#4536)
chore(connlib): remove stale code @thomaseizinger (#4562)
chore(portal): Show support options on the billing page and remove features table @AndrewDryga (#4559)
fix(portal): Show count of returned records instead of page size @AndrewDryga (#4558)
chore(rust): activate more lints for redundant code @thomaseizinger (#4492)
feat(portal): Add API Client UI @bmanifold (#4023)
chore(relay): remove stale arg @thomaseizinger (#4554)
ci: assert that nothing busy loops after the perf tests @thomaseizinger (#4546)
refactor(portal): Update actor group selection in portal @bmanifold (#4467)
refactor(relay): favor Instant over SystemTime @thomaseizinger (#4468)
chore: document DNS stub functions @ReactorScram (#4526)
fix(snownet): invalidate allocation on invalid credentials @thomaseizinger (#4537)
chore(website): Clarify billing cycle a bit more @jamilbk (#4544)
chore(portal): Fix flaky tests @AndrewDryga (#4543)
fix(website): fix billing FAQ for Team plan @jamilbk (#4542)
chore(rust): enforce no wildcard matching @thomaseizinger (#4491)
chore(nix): add Rust nightly dev-shell and cargo-udeps @thomaseizinger (#4474)
chore(ci): Add portal and relay downtime DNS resource tests @jamilbk (#4517)
fix(portal): Ship hotfixes for various crash reports discovered in logs @AndrewDryga (#4538)
chore(docs): Add Team plan badge to appropriate docs pages @jamilbk (#4533)
chore(docs): macOS test flight link @jamilbk (#4534)
chore(portal): Save MAU billing for a future feature update @jamilbk (#4414)
chore(portal): Add Sign in from sign up form @jamilbk (#4529)
docs: Mention signup in README and clarify self-hosting @jamilbk (#4528)
chore(website): Use 'User' not 'Seat' when referring to pricing @jamilbk (#4524)
chore(portal): Add users limit and use it as default limit for accounts @AndrewDryga (#4527)
chore(devops): Change relay log level to match prod @jamilbk (#4520)
chore(ci): Use target-specific cache when cross building @jamilbk (#4519)
refactor(relay): remove heap-allocations from hotpath @thomaseizinger (#4457)
chore(ci): scope cache by arch too @jamilbk (#4512)
chore(ci): Scope GH rust cache per os type @jamilbk (#4504)
chore(connlib): remove stale callback @thomaseizinger (#4501)
refactor(apple): Collapse SwiftUI codepaths across platforms and remove dead code @jamilbk (#4417)

🔐 Security

fix(portal): Bump jose @jamilbk (#4581)

1.0.0-pre.13

1 month ago

fix(relay): don't busy-loop on poll_timeout @thomaseizinger (#4497)
fix(relay): always continue after ready events @thomaseizinger (#4494)
fix(relay): only unbind a channel if it is actually bound @thomaseizinger (#4495)
fix(gateway): don't erroneously suspend eventloop @thomaseizinger (#4486)

1.0.00-pre.12

1 month ago

chore(connlib): remove Mutex from windows TUN device @thomaseizinger (#4472)
chore(rust): remove unused dependencies @thomaseizinger (#4475)
chore(rust): lint against redundant async @thomaseizinger (#4466)
fix(gateway): Publish all platforms for Gateway, not just amd64 @jamilbk (#4459)
refactor(relay): replace Command::Wake with poll_timeout @thomaseizinger (#4455)
refactor(relay): reduce allocations during relaying @thomaseizinger (#4453)
test(gui-client): unit test for Linux IPC @ReactorScram (#4277)
refactor(linux-client): extract all code to firezone-client-tunnel @ReactorScram (#4448)
chore(portal): Send alert notifications to mobile channels @AndrewDryga (#4463)
chore(portal): Fix flaky test @AndrewDryga (#4454)
fix(docs): fix broken link to service accounts @jamilbk (#4456)
chore(portal): Enable CDN and WAF @AndrewDryga (#4450)
chore(relay): reduce instrumentation overhead @thomaseizinger (#4426)
chore(relay): make profiling in release build possible @thomaseizinger (#4441)
chore(relay): remove per-packet logs on debug level @thomaseizinger (#4439)
chore(relay): apply log target consistently @thomaseizinger (#4440)
chore(deps): Don't create duplicate dependabot groups @jamilbk (#4443)
chore(gui-client): support cargo-mutants @ReactorScram (#4387)
feat(website): Add team plan @jamilbk (#4416)
fix(portal): Correct Edit account page title and label @jamilbk (#4412)
fix(gateway): Fix systemd gateway install script @jamilbk (#4407)
build(rust): Use Rust base image and bump to 1.77 @jamilbk (#4401)
build(apple): Strip unused symbols from apple lib @jamilbk (#4404)
build(connlib): Enable lto for release profile @jamilbk (#4398)
fix(portal): Persist first user email to Stripe during account sign up @AndrewDryga (#4408)
feat(android): UI notification for reauth @jasonboukheir (#3621)
chore(portal): Increase page size to maximum when using MS Graph API @AndrewDryga (#4399)
chore(apple): Add PrivacyManifest @jamilbk (#4400)
chore(connlib): Remove atomicwrites and tokio::fs from apple compile path @jamilbk (#4395)
refactor(portal): Move actor groups to own table in actor show page @bmanifold (#4392)
fix(portal): Reuse code across sync jobs, only lock one row per job and fetch data asynchronously @AndrewDryga (#4396)
chore(portal): Add billing.firezone.dev Stripe checkout domains @jamilbk (#4389)
fix(connlib): Don't roll log files @jamilbk (#4390)
Create everyone group on account sign up @AndrewDryga (#4388)

🧰 Maintenance

refactor(gui-client): insert abstraction layer to put connlib behind IPC @ReactorScram (#4460)
build(deps): Bump serde_json from 1.0.114 to 1.0.115 in /rust @dependabot (#4435)
build(deps): Bump clap from 4.5.3 to 4.5.4 in /rust @dependabot (#4433)
refactor(ci): move DNS control method up to docker-compose.yml @ReactorScram (#4341)
build(deps): Bump flowbite-react from 0.7.2 to 0.7.8 in /website @dependabot (#4447)
build(deps-dev): Bump tailwindcss from 3.4.1 to 3.4.3 in /rust/gui-client @dependabot (#4419)
build(deps): Bump @types/react from 18.2.64 to 18.2.73 in /website @dependabot (#4431)
build(deps): Bump @types/react-dom from 18.2.21 to 18.2.23 in /website @dependabot (#4428)
build(deps): Bump @next/mdx from 14.1.3 to 14.1.4 in /website @dependabot (#4429)
build(deps): Bump tailwindcss from 3.4.1 to 3.4.3 in /website @dependabot (#4430)
build(deps-dev): Bump @types/node from 20.11.25 to 20.12.2 in /rust/gui-client @dependabot (#4418)
build(deps-dev): Bump typescript from 5.4.2 to 5.4.3 in /rust/gui-client @dependabot (#4420)
build(deps): Bump the retrofit group in /kotlin/android with 2 updates @dependabot (#4445)
build(deps): Bump com.google.firebase:firebase-bom from 32.7.4 to 32.8.0 in /kotlin/android @dependabot (#4446)
build(deps): Bump the hilt group in /kotlin/android with 3 updates @dependabot (#4444)

1.0.0-pre.11

1 month ago

fix(portal): Serve static files with digests at root @AndrewDryga (#4386)
fix(porta): Greatly improve HTTP 500 error page @AndrewDryga (#4382)
fix(portal): Do not redact userpass virtual state (its a virtual field anyway) @AndrewDryga (#4370)
fix(portal): Filter group actors by group id @AndrewDryga (#4369)
fix(Windows client): fix "Tauri error" to "Firezone is already running" @ReactorScram (#4364)- feat(connlib): react to config updates @conectado (#4322)- fix(apple client): sign in crash, closes #4350 @ReactorScram (#4353)
fix(portal): Fix bug in actor edit page preventing updates @bmanifold (#4347)
fix(portal): Allow deleting synced actors after all identities are removed @AndrewDryga (#4346)
fix(portal): Fix pagination issues with flows and activities, improve error handling around live tables @AndrewDryga (#4330)- fix(apple): sync tunnel configuration after saving @jamilbk (#4338)
fix(connlib): only update the interface when setting dns if the effective dns changed @conectado (#4327)- fix(apple): Use keychain from the tunnel process *only* @jamilbk (#4335)
fix(apple): Avoid getting stuck at the "load resources" view @jamilbk (#4336)
fix(apple): Debounce sign in button @jamilbk (#4334)
feat(apple): Handle network changes reliably on macOS and iOS @jamilbk (#4133)
feat(phoenix-channel): fail on missing heartbeat after 5s @thomaseizinger (#4296)- fix(phoenix-channel): re-queue message upon send failure @thomaseizinger (#4294)- fix(portal): Fix online status on clients page @AndrewDryga (#4307)- fix(connlib): use quinn fork for quinn to work on ios @conectado (#4279)
fix(gateway): answer with empty list of addresses on DNS resolution failure @thomaseizinger (#4266)- feat(portal): Add styled errors pages (404, 422, 500) @bmanifold (#4231)
feat(android): changing managed config restarts TunnelService @jasonboukheir (#4181)
feat(snownet): minimize delay when roaming @thomaseizinger (#4246)- feat(android): use device serial for deviceName @jasonboukheir (#4180)
fix(phoenix-channel): queue join message before others @thomaseizinger (#4242)
feat(android): detect network and dns changes and send them to connlib @conectado (#4163)
feat(portal): Sync accounts between stripe and portal @AndrewDryga (#4173)- fix(portal): Fix various issues with presence-triggered table reloads @AndrewDryga (#4228)
fix(connlib): remove outdated assertion due to possibility of network changes @conectado (#4222)- feat(portal): Track protocol in activities @AndrewDryga (#4215)
feat(gui-client): Tauri welcome screen @ReactorScram (#4013)
feat(connlib): reduce packet drops @thomaseizinger (#4168)
fix(connlib): exclude sentinel dns range for resources ips @conectado (#4200)
feat(portal): Add sign up override in portal @bmanifold (#3739)- feat(portal): Filtering, Fulltext Search, Pagination, Preloads @AndrewDryga (#3751)- feat(connlib): introduce Session::reconnect @thomaseizinger (#4116)
feat(snownet): introduce connection span to capture str0m and boringtun logs @thomaseizinger (#4144)
fix(android): send Cidr format instead of IpNetwork format @conectado (#4134)- fix(android): spawn dedicated thread for connlib @thomaseizinger (#4145)
fix(apple): spawn new thread for runtime to prevent it from being taken down @conectado (#4141)
feat(gateway): add HTTP health check @thomaseizinger (#4120)
feat(connlib): reduce stack size usage @thomaseizinger (#3958)- fix(portal): Increase group name max length @AndrewDryga (#4128)
feat(linux): make deep link auth work @ReactorScram (#4102)
Fix typo in _deploy_production.yml @jamilbk (#4113)- feat(docs): Example Gateway terraform module for GCP @jamilbk (#4011)- fix(relay): actually expire channels which allows re-binding them @thomaseizinger (#4094)
feat(relay): improve logs for expiry and deletion of channel bindings @thomaseizinger (#4089)- fix(portal): Prevent invalid characters when entering account slug at sign in @AndrewDryga (#3917)
fix(connlib): ignore certain multicast addresses @thomaseizinger (#4062)
feat(snownet): log duration since intent after WG handshake completes @thomaseizinger (#3991)- feat(connlib): decrease connection setup latency @thomaseizinger (#4022)
feat(snownet): timeout connections if we don't receive a candidate within 10s @thomaseizinger (#3790)
feat(linux-client): generate firezone-id (device ID) automatically if it's not provided at launch @ReactorScram (#3920)
fix(apple): Ignore expired login status @roop (#4052)
feat(apple): In resources list, tapping on a list item shows a 'Copy Address' menu @roop (#4050)
fix(apple): Align fields in Advanced Settings @roop (#4025)
fix: let Tauri know about hiDPI icons @ReactorScram (#4039)
fix(portal): Fix broken link to DNS docs @jamilbk (#4036)
feat(snownet): always force a handshake when we change the socket @thomaseizinger (#3985)
feat(apple): UI notification for reauth @roop (#3684)
feat(windows): code sign Windows client @jamilbk (#3891)
fix(ipad): Allow NavigationView to occupy entire screen @jamilbk (#3908)
fix(android): Handle empty strings for allowed and disallowed VPN apps @jamilbk (#3918)
fix(android): Fix crash on start due to Hilt 2.51 @jamilbk (#3916)
fix: use atomicwrites to back up /etc/resolv.conf more robustly @ReactorScram (#3828)
feat(linux-client): load token from /etc/dev.firezone.client ... @ReactorScram (#4328)
feat(windows): listen for DNS change events @ReactorScram (#4198)

1.0.0-pre.10

2 months ago

New features

feat(phoenix-channel): remove concept of "inbound requests" @thomaseizinger (#3831)
feat(phoenix-channel): support the wire log target @thomaseizinger (#3832)
feat(phoenix-channel): log host as part of connection @thomaseizinger (#3836)
feat(website): March Product Update @jamilbk (#3886)
feat(snownet): set wireguard keep-alive @thomaseizinger (#3829)
feat(website): add product download links to footer @jamilbk (#3820)
refactor(docs): Clarify initial docs sync @jamilbk (#3819)
feat(snownet): print some basic stats for STUN overhead @thomaseizinger (#3806)
feat(gui-client): make all modules Linux-friendly @ReactorScram (#3737)

🐛 Bug Fixes

fix(ci): Fix Android dependabot groups @jamilbk (#3869)
fix(phoenix-channel): don't double join room @thomaseizinger (#3833)
fix(docs): Add DNS docs for Linux @jamilbk (#3810)
fix(portal): Fix IdP syncs @AndrewDryga (#3816)
fix(portal): Use local image for logo path @jamilbk (#3814)
fix(dependencies): Catch groups that dependabot missed @jamilbk (#3883)
fix(website): Manually fix issues with new NodeJS libs @jamilbk (#3885)
fix(phoenix-channel): retain order of messages to be sent to the portal @thomaseizinger (#3834)
fix(ci): Publish images even for hotfixes @jamilbk (#3897)
fix(website): Fix typos, clarify connection benefits mar 2024 blogpost @jamilbk (#3894)
fix(tauri clients): apply auth base URL and API URL settings without app restart @ReactorScram (#3868)

🧰 Maintenance

refactor: Reduce log levels for production releases to avoid filling customer's… @jamilbk (#3899)
chore: Revert "fix(ci): Publish images even for hotfixes" @jamilbk (#3898)
build(deps-dev): Bump floki from 0.35.3 to 0.35.4 in /elixir @dependabot (#3842)
build(deps): Bump tempfile from 3.10.0 to 3.10.1 in /rust @dependabot (#3878)
build(deps): Bump tauri from 1.6.0 to 1.6.1 in /rust @dependabot (#3881)
build(deps): Bump walkdir from 2.4.0 to 2.5.0 in /rust @dependabot (#3882)
refactor(linux): make a place for reverting /etc/resolv.conf @ReactorScram (#3822)
build(deps): Bump next-hubspot from 1.2.0 to 1.3.0 in /website @dependabot (#3875)
build(deps): Bump fast-xml-parser from 4.3.3 to 4.3.5 in /website @dependabot (#3876)
build(deps): Bump @types/node from 20.11.0 to 20.11.24 in /website @dependabot (#3877)
build(deps): Bump lycheeverse/lychee-action from 1.9.0 to 1.9.3 @dependabot (#3850)
build(deps): Bump asciinema-player from 3.6.3 to 3.7.0 in /website @dependabot (#3852)
build(deps): Bump flowbite from 2.2.1 to 2.3.0 in /website @dependabot (#3854)
build(deps): Bump flowbite from 2.2.1 to 2.3.0 in /elixir/apps/web/assets @dependabot (#3846)
build(deps): Bump release-drafter/release-drafter from 5 to 6 @dependabot (#3849)
build(deps): Bump @types/react from 18.2.51 to 18.2.61 in /website @dependabot (#3851)
build(deps): Bump postcss from 8.4.33 to 8.4.35 in /website @dependabot (#3853)
build(deps): Bump the com-android group in /kotlin/android with 1 update @dependabot (#3856)
build(deps): Bump androidx.security:security-crypto from 1.1.0-alpha05 to 1.1.0-alpha06 in /kotlin/android @dependabot (#3857)
build(deps): Bump androidx.hilt:hilt-compiler from 1.0.0 to 1.2.0 in /kotlin/android @dependabot (#3858)
build(deps): Bump com.google.firebase:firebase-bom from 32.7.1 to 32.7.3 in /kotlin/android @dependabot (#3859)
build(deps): Bump com.google.gms.google-services from 4.4.0 to 4.4.1 in /kotlin/android @dependabot (#3860)
test(windows client): Add stack trace printing to smoke test @ReactorScram (#3813)
chore(asdf-vm): add shellcheck version @ReactorScram (#3823)
refactor(docs): Update SECURITY.md to mention opening GitHub security advisories @jamilbk (#3787)
refactor(portal): unify format of error payloads in websocket connection @AndrewDryga (#3697)
build(connlib): suppress clippy::unnecessary_cast lint on aarch64 Linux @ReactorScram (#3824)
deps: point to correct hash of str0m fork @thomaseizinger (#3827)

1.0.0-pre.9

2 months ago

Changelog

fix(portal|website): Fix static paths for website and elixir @jamilbk (#3802)
fix(connlib): update resource list on resource removal @conectado (#3796)
Handle disconnect messages in LV @AndrewDryga (#3795)
feat(snownet): only keep the best possible candidate pair alive @thomaseizinger (#3792)
refactor(connlib): replace intent timer with explicit throttling @thomaseizinger (#3778)
feat(snownet): reduce connection setup latency @thomaseizinger (#3772)
chore: add nix scripts @thomaseizinger (#3771)
chore(connlib): Tune log filters to enable debug in dev and info for gateway deployments @jamilbk (#3788)
chore(snownet): reduce log levels @thomaseizinger (#3777)
fix(portal|website): Fix favicons for dark mode @jamilbk (#3785)
chore(repo): Move other dotfiles to reduce directory size of root @jamilbk (#3780)
feat(android): add settings button to the session view @jasonboukheir (#3755)
feat(connlib): support resource updates from the portal @conectado (#3754)
chore: move markdown files into docs/ directory @thomaseizinger (#3773)
refactor(connlib): unify handling of IP packets @thomaseizinger (#3762)
chore: remove markdownlint config files @thomaseizinger (#3774)
fix(gui-client): fix some papercuts @ReactorScram (#3769)
feat(android): use Android ShareSheet for sharing logs @jasonboukheir (#3756)
fix(android): delete log zip on finish and on create @jasonboukheir (#3757)
refactor(connlib): unify peer storage @conectado (#3738)
fix(connlib): correctly handle GRO @thomaseizinger (#3732)
refactor(snownet): be more explicit about dispatching messages @thomaseizinger (#3741)
build: enable Tauri dep for Linux and alphabetize deps @ReactorScram (#3742)
fix(ci): phoenix channel tests not running @conectado (#3749)
fix(gui-client): remove duplicated script @ReactorScram (#3745)
fix(ci): run relay tests @conectado (#3747)
fix(relay): update tests for current values @conectado (#3746)
ci: change cargo chef call so it will ignore the GUI client @ReactorScram (#3740)
connlib: remove tun mutex @conectado (#3743)
feat(ci): Test that relay restarts don't break existing connected entities @jamilbk (#3671)
feat(dev): add dev yml for rust development @conectado (#3670)
chore: make rtnetlink versions explicit @ReactorScram (#3736)
chore(snownet): reuse RingBuffer @thomaseizinger (#3725)
refactor: rename windows-client to gui-client @ReactorScram (#3721)
fix(ci): Fix flaky iperf3 "Bad file descriptor" @jamilbk (#3731)
Remove assertions in sign-in success acceptance tests @bmanifold (#3733)
refactor(portal): Remove assertions in sign-in success acceptance tests @bmanifold (#3730)
fix(snownet): don't log addresses twice @thomaseizinger (#3711)
feat(relay): increase number of allowed requests per nonce @thomaseizinger (#3726)
refactor(portal): Add website_link component @jamilbk (#3715)
fix(gateway): expire resources @conectado (#3722)
feat(snownet): optimise which channels we bind @thomaseizinger (#3709)
Disable sign up in staging @bmanifold (#3723)
Add sign-in success page for clients @bmanifold (#3714)
fix(connlib): set the real packet length before putting it into the device @conectado (#3718)
fix(ci): Use default NDK on GH runners @jamilbk (#3716)
fix(ci): Use workflow id to fetch perf results @jamilbk (#3710)
fix(snownet): make TURN channel bindings more reliable @thomaseizinger (#3708)
feat(connlib): filter out relays based on our locally created sockets @thomaseizinger (#3705)
refactor(connlib): simplify resource ordering by implementing Ord trait @conectado (#3696)
refactor(ci): Merge perf results into one comment @jamilbk (#3707)
feat!(portal): return relays as plain socket addresses @thomaseizinger (#3665)
chore(ci): enforce shellscript formatting and style @jamilbk (#3679)
fix(ci): Fix js typo @jamilbk (#3704)
fix(connlib): set socket to IPv6 only before binding address @thomaseizinger (#3701)
fix(ci): Fix typo preventing perf-results from being calculated @jamilbk (#3703)
fix(ci): Fix result overwrite @jamilbk (#3700)
fix(ci): Run each perf test in its own matrix job @jamilbk (#3695)
feat(portal): Billing system @AndrewDryga (#3642)
refactor(connlib): replace webrtc-rs with snownet @conectado (#3391)
fix(snownet): don't trigger busy loop upon refreshing allocation @conectado (#3693)
chore(repo): Update issue template with support links @jamilbk (#3678)
Revert "feat(portal): Add sign-in success page for clients" @jamilbk (#3692)
feat(portal): Add sign-in success page for clients @bmanifold (#3659)
fix(ci): Ensure integration-tests allow for at least 30 seconds to establish a connection @jamilbk (#3676)
Revert "fix(gateway): Remove /dev/net/tun requirement and clean up upgrade script @AndrewDryga (#3691)
fix(android): move log zip file outside of log folder @jasonboukheir (#3677)
chore(portal): Add okta as IdP in dev @jamilbk (#3675)
feat(android): Add support for per-app VPN configurable through MDM @jamilbk (#3657)
fix(ci): Be explicit about service start order @jamilbk (#3673)
refactor(ci): Use curl for connectivity tests in CI @jamilbk (#3674)
chore(snownet): expose Server and Client @thomaseizinger (#3664)
feat(snownet): instrument public API using tracing @thomaseizinger (#3663)
feat(linux): Control DNS with systemd-resolved @ReactorScram (#3643)
ci: upgrade iperf @thomaseizinger (#3662)
fix(snownet): generate candidates only after we accept the ICE answer @conectado (#3658)
refactor(connlib): move DNS resolution into tunnel @thomaseizinger (#3652)
refactor(ci): simplify dns resources in ci @jamilbk (#3653)
fix(gateway): re-implement resource address resolution in eventloop @conectado (#3656)
feat(linux): Notify systemd when we've started @ReactorScram (#3628)
feat(android): add Reset to Defaults button and add space to settings activity @jasonboukheir (#3651)
feat(snownet): timeout connections without a handshake after 20 seconds @thomaseizinger (#3633)
ci: don't ping gateway before running perf @thomaseizinger (#3649)
feat(snownet): attempt to make new allocation when refresh fails @thomaseizinger (#3631)
refactor(gateway): perform DNS resolution of resources in eventloop @thomaseizinger (#3622)
feat(snownet): invalidate candidates @thomaseizinger (#3604)
chore(snownet): better logging @thomaseizinger (#3646)
Update Okta IDP adapter in portal @bmanifold (#3647)
ci: move tests to bash scripts @thomaseizinger (#3648)
refactor(android): Clean up tunnel fd establishment @jamilbk (#3645)
fix(android): prevent null pointer segfault on 32-bit platforms @jamilbk (#3619)
ci(linux): add CI setup script for NetworkManager @ReactorScram (#3641)
feat(linux): Add FIREZONE_DNS_CONTROL env var to choose which DNS control method to use @ReactorScram (#3629)
fix(snownet): remove debug_assert! for timed-out connections @thomaseizinger (#3635)
feat(snownet): only emit ConnectionEstablished upon the first connection @thomaseizinger (#3634)
feat(snownet): remove wireguard keep-alives @thomaseizinger (#3630)
chore(connlib): Make request ioctl mutable @jamilbk (#3644)
refactor(android): Simplify tunnel implementation and fix tunnel lifecycle @jamilbk (#3583)
chore(website): Update team @jamilbk (#3638)
ci(windows): test crash handling as part of smoke test @ReactorScram (#3624)
chore: bump Rust version to 1.76 @thomaseizinger (#3632)
Add Okta directory sync @bmanifold (#3614)
Add dynamic/managed groups and default Everyone one @AndrewDryga (#3346)
chore(ci): update Node to 20 in the Windows CI jobs @ReactorScram (#3611)
ci(windows): add 'firezone' to the MSI names @ReactorScram (#3610)
feat(portal): Broadcast resource sites @AndrewDryga (#3466)
chore(ci): Fix CI deprecation and workflow warnings @jamilbk (#3612)
ci(windows): fix warning about CONNLIB_LOG_UPLOAD_INTERVAL_SECS @ReactorScram (#3606)
chore(apple): Add logs about accessing firezone-id in disk @roop (#3607)
feat(connlib): remove duplication from logs @thomaseizinger (#3596)
feat(snownet): refresh allocation upon each new connection @thomaseizinger (#3591)
fix(snownet): replace Allocation if credentials to relay change @thomaseizinger (#3590)
refactor(snownet): introduce CandidateEvent @thomaseizinger (#3592)
feat(snownet): instrument the handle_input function with tracing @thomaseizinger (#3594)
refactor(connlib): remove unnecessary Serialize derive @thomaseizinger (#3595)
fix(snownet): don't try to re-authorize forever @thomaseizinger (#3589)
feat(windows): split up signing-in state, closes #3597 @ReactorScram (#3599)
chore(snownet): remove obsolete TODO @thomaseizinger (#3593)
fix(snownet): don't mangle source IP to determine use of relay @thomaseizinger (#3556)
fix(snownet): properly cleanup connections before adding a new one @conectado (#3587)
fix(windows): Ensure crashes, errors, and panics are all logged to file @ReactorScram (#3572)
fix(ci): wait for Vault to load sign in form before filling it out @jamilbk (#3585)
Revert "chore(android): Remove i686 android target" @jamilbk (#3586)
feat(devops): Add Trisha to staging GCP @jamilbk (#3584)
refactor(portal): log in -> sign in @jamilbk (#3577)
fix(snownet): don't attempt to bind a channel if we don't have a matching allocation @thomaseizinger (#3575)
fix: don't initialize relay with non-existent interface @thomaseizinger (#3582)
fix(snownet): always clear state of failed connections @thomaseizinger (#3581)
feat(snownet): retry TURN allocations using exponential backoffs @thomaseizinger (#3530)
chore(portal): Enable Microsoft Entra by default in all envs @jamilbk (#3576)
ci(windows): run the Windows smoke test in CI @ReactorScram (#3542)
fix(android): Use persistent device ID @jamilbk (#3566)
chore(portal): Misc sign in UX fixes @jamilbk (#3564)
fix(connlib): Enable ansi colors for the windows client debug console @conectado (#3552)
fix(windows): save actor name to disk and reload it on startup @ReactorScram (#3546)
feat(windows): add smoke test subcommand @ReactorScram (#3541)
chore(infra): Limit relays to used regions and expected load @jamilbk (#3540)
feat(portal): Add Microsoft Entra IDP sync to portal @bmanifold (#3433)
feat(snownet): return MutableIpPacket from decapsulate @thomaseizinger (#3555)
chore(snownet): fix bad caching base after rename @thomaseizinger (#3557)
feat(snownet): retry STUN bindings using exponential backoff @thomaseizinger (#3529)
deps: update to latest upstream version of str0m @thomaseizinger (#3554)
feat(snownet): automatically discover host candidates @thomaseizinger (#3528)
feat(windows): check Github for updates on startup @ReactorScram (#3527)
fix(windows): show user-friendly error if a 2nd instance tries to start @ReactorScram (#3548)
chore(android): Remove i686 android target @jamilbk (#3547)
fix(firezone-tunnel(windows)): don't panic if the sending ring buffer is full @ReactorScram (#3544)
feat(windows): log have_internet changes and API base URL at INFO level @ReactorScram (#3543)
fix(android): Load library before starting tunnel only @jamilbk (#3539)
chore(portal): Add helptext explaning auth identities/tokens @jamilbk (#3515)
fix(windows): fix counting / exporting / clearing log files @ReactorScram (#3535)
feat(windows): add CLI flag to test a clickable update notification @ReactorScram (#3526)
refactor(windows): simplify how CLI args are passed to the GUI @ReactorScram (#3525)
fix(android): Allow bypassing AlwaysOn VPN @jamilbk (#3522)
feat(portal): Sync transitive memberships for Google Workspace @AndrewDryga (#3524)
Fix bug with restoring deleted identities and actors @AndrewDryga (#3523)
refactor(windows): Add context to errors, add SAFETY comments, update TODOs @ReactorScram (#3517)
fix(windows): install and load wintun.dll from a well-known path instead of setting the current directory @ReactorScram (#3430)
Reactorscram/fix webview2 crash @ReactorScram (#3464)
fix(docs): Fix Docsearch recordExtractors, sitemap, and cookie banner script load @jamilbk (#3512)
feat(portal): Broadcast state changes to connected clients and gateways @AndrewDryga (#2240)
fix(android): Fix typo from refactor @jamilbk (#3511)
chore(ci): Update dependabot android groups @jamilbk (#3501)
refactor(website): Add punchier website headline @jamilbk (#3473)
fix(snownet): don't try to allocate a new channel if we already have one @thomaseizinger (#3476)
fix(snownet): don't use unbound channels for relaying @thomaseizinger (#3474)
fix(relay): correctly separate channel state for different peers @thomaseizinger (#3472)
refactor(windows): change some anyhow errors into thiserror errors @ReactorScram (#3461)
ci(windows): hide bare Windows exe from releases page @ReactorScram (#3471)
ci(windows): Upload Windows debug symbols @ReactorScram (#3467)
feat(firezone-tunnel): sort resources alphabetically @ReactorScram (#3465)
chore(ci): Bump sccache; remove IPC debug build @jamilbk (#3468)
refactor(windows): remove IPC code which is now unused @ReactorScram (#3469)
refactor: Remove user-facing parts of STUN-only feature @jamilbk (#3453)
fix(windows): don't crash if the saved log filter is invalid @ReactorScram (#3460)
feat(android): Add Android Headless Operation @jasonboukheir (#3438)
feat(ci): Standardize matrix job names to prevent dupes, move jobs to macos-14 @jamilbk (#3447)
fix(windows): CSS nit @ReactorScram (#3463)
fix(windows): Take the default button shade darker a notch @jamilbk (#3462)
Apple: Add 'debug' to network extension name in debug configuration @roop (#3459)
fix(ci): Fix perf test names @jamilbk (#3454)
fix(connlib): handle null-termination of TUN device path string correctly @jamilbk (#3449)
fix(connection): only emit Transmit.src that correspond to local sockets @thomaseizinger (#3411)
feat(relay): allow channel bindings to IPv6 addresses @thomaseizinger (#3434)
feat(connection): rebrand to snownet @thomaseizinger (#3435)
feat(docs): Add docs overview content @jamilbk (#3440)
docs(windows): Update docs for Windows VM testing / resetting files Firezone creates @ReactorScram (#3448)
fix(windows): use a well-known path for the crash handler socket @ReactorScram (#3444)
feat(windows): enable crash handling on release builds @ReactorScram (#3441)
refactor(windows): handle tray menu events in the main loop @ReactorScram (#3446)
fix(windows): Ensure production exes / MSIs don't show "-modified" Git versions @ReactorScram (#3432)
refactor(windows): use 'use' statements better in crash handling @ReactorScram (#3442)
feat(connection): allocate IPv6 address @thomaseizinger (#3436)
chore(relay): update docs in regards to spec-compliance @thomaseizinger (#3437)
feat(apple): Write app and tunnel log to disk @roop (#3322)
Add SSH public key to AWS Terraform @bmanifold (#3439)
refactor(windows): set absolute paths for logs and wintun.dll @ReactorScram (#3428)
feat(phoenix-channel): reconnect on missed heartbeat from portal @thomaseizinger (#3410)
fix(windows): Show "Signing in..." menu during auto-sign-in @ReactorScram (#3431)
fix(windows): move crash dumps into logs dir so they get exported in the zip, closes #3263 @ReactorScram (#3426)
feat(relay): print stats every 10s @thomaseizinger (#3408)
fix(ci): Increase test nonce length to reduce collisions @jamilbk (#3373)
feat(ops): Add support provisioning helper @jamilbk (#3422)
feat(windows): UI notification for reauth (#3329) @ReactorScram (#3416)
fix(ci): Setup pnpm before use @jamilbk (#3423)
fix(gateway): Remove /dev/net/tun requirement and clean up upgrade script @jamilbk (#3392)
refactor(infra): Make relay and gateway logs sane on prod @jamilbk (#3400)
fix(portal): fix otlp exporter initialization @Intuinewin (#3375)
fix(connection): buffer channel bindings until we have an allocation @thomaseizinger (#3417)
feat(relay): print a log for error responses we send to the client @thomaseizinger (#3413)
chore(relay): change run_smoke_test.sh to use /usr/bin/env @thomaseizinger (#3409)
feat(connection): introduce keep-alive and expose last_seen @thomaseizinger (#3388)
fix(connection): accept relay traffic from non-listening interface @thomaseizinger (#3412)
feat(connection): add a very basic connection timeout @thomaseizinger (#3397)
feat(relay): improve logging and error handling @thomaseizinger (#3399)
feat(gateway): don't print stacktrace upon exit @thomaseizinger (#3404)
chore: update str0m dependency @thomaseizinger (#3402)
fix(connection-tests): avoid rare flakiness of relay test @thomaseizinger (#3394)
feat: automatically rejoin channel on portal after reconnect @thomaseizinger (#3393)
fix(gateway): tokio feature dependencies @conectado (#3396)
fix(ci): Update codespell ignorelist and fix typos @jamilbk (#3398)
fix(windows): allow user to cancel sign-in flow @ReactorScram (#3385)
feat(ci): Test client gracefully handles portal and relay disconnects @jamilbk (#3376)
refactor(gateway): Update gateway logs level @conectado (#3387)
docs(gateway): Document egress connectivity requirements for Gateways @jamilbk (#3312)
refactor(android): Move log controls to Logs section of Settings @jasonboukheir (#3315)
feat(connection): generate TURN candidates from provided relays @thomaseizinger (#3297)
fix(gateway): Use new prod Docker registry for upgrades @jamilbk (#3386)
ci(windows): call pnpm so the frontend gets built, closes #3381 @ReactorScram (#3382)
fix(devops): Fix typo in AWS bastion host TF @bmanifold (#3380)
refactor(windows): Add logo and version to About window @jamilbk (#3378)
feat(phoenix-channel): automatically reconnect based on provided ExponentialBackoff @thomaseizinger (#3364)
fix(windows): prevent a security issue @ReactorScram (#3326)
fix(devops): Update AWS gateway TF @bmanifold (#3374)

✨ Features

feat(linux): If FIREZONE_DNS_CONTROL is etc-resolv-conf, modify '/etc/resolv.conf' @ReactorScram (#3639)
test(linux): Low-risk changes to prepare for Linux DNS support @ReactorScram (#3625)

🐛 Bug Fixes

revert: 3622 to fix failing DNS CI test @ReactorScram (#3654)
fix(windows): improve logging around smoke test / log export @ReactorScram (#3600)
fix(windows): Wrap deep link URLs in SecureUrl, don't log them @ReactorScram (#3574)
fix(windows): vt100 seems to panic in CI, just print a warning instead @ReactorScram (#3573)

🧰 Maintenance

fix: Slow DNS lookups on (at least) Windows by updating to main of Hickory @ReactorScram (#3799)
build(deps): Bump socket2 from 0.5.5 to 0.5.6 in /rust @dependabot (#3766)
build(deps): Bump anyhow from 1.0.79 to 1.0.80 in /rust @dependabot (#3765)
build(deps): Bump minidumper from 0.8.1 to 0.8.2 in /rust @dependabot (#3764)
build(deps): Bump tauri-utils from 1.5.2 to 1.5.3 in /rust @dependabot (#3767)
refactor(ci): enable Linux do-nothing GUI builds (but not tests) in CI/CD, extract scripts for that @ReactorScram (#3735)
refactor(GUI clients): extract known_dirs module @ReactorScram (#3734)
test(windows): make sure files are written to the right paths during smoke tests @ReactorScram (#3727)
refactor(ci): extract scripts for GUI client smoke tests @ReactorScram (#3724)
test: add mock token storage for CI tests on Ubuntu @ReactorScram (#3720)
refactor(ci): extract setup-tauri action and generalize Windows builds @ReactorScram (#3702)
refactor: move BUNDLE_ID since it won't be Windows-specific @ReactorScram (#3706)
build(deps): Bump arboard from 3.3.0 to 3.3.1 in /rust @dependabot (#3687)
build(deps): Bump ring from 0.17.7 to 0.17.8 in /rust @dependabot (#3686)
build(deps): Bump semver from 1.0.21 to 1.0.22 in /rust @dependabot (#3685)
build(deps): Bump tokio from 1.35.1 to 1.36.0 in /rust @dependabot (#3561)
build(deps): Bump crash-handler from 0.6.0 to 0.6.1 in /rust @dependabot (#3623)
build(deps): Bump time from 0.3.32 to 0.3.34 in /rust @dependabot (#3559)
fix(windows): keep the main loop running even if a request has an error @ReactorScram (#3569)
build(deps): Bump minidumper from 0.8.0 to 0.8.1 in /rust @dependabot (#3560)
build(deps): Bump hashicorp/tfc-workflows-github from 1.1.1 to 1.2.0 @dependabot (#3477)
build(deps): Bump itertools from 0.12.0 to 0.12.1 in /rust @dependabot (#3507)
build(deps): Bump libc from 0.2.152 to 0.2.153 in /rust @dependabot (#3508)
build(deps): Bump time from 0.3.31 to 0.3.32 in /rust @dependabot (#3509)
build(deps): Bump @types/mdx from 2.0.10 to 2.0.11 in /website @dependabot (#3489)
build(deps-dev): Bump @types/node from 18.19.8 to 20.11.15 in /rust/windows-client @dependabot (#3502)
build(deps): Bump @types/react from 18.2.47 to 18.2.51 in /website @dependabot (#3505)
build(deps): Bump marocchino/tool-versions-action from 1.1.1 to 1.2.0 @dependabot (#3478)
build(deps): Bump @next/mdx from 14.0.4 to 14.1.0 in /website @dependabot (#3503)
build(deps): Bump com.google.android.material:material from 1.8.0 to 1.11.0 in /kotlin/android @dependabot (#3483)
build(deps): Bump com.squareup.moshi:moshi from 1.15.0 to 1.15.1 in /kotlin/android @dependabot (#3481)
build(deps): Bump androidx.browser:browser from 1.5.0 to 1.7.0 in /kotlin/android @dependabot (#3482)
build(deps): Bump gradle/wrapper-validation-action from 1 to 2 @dependabot (#3479)
build(deps): Bump navVersion from 2.7.4 to 2.7.6 in /kotlin/android @dependabot (#3484)
build(deps): Bump androidx.lifecycle:lifecycle-runtime-ktx from 2.6.1 to 2.7.0 in /kotlin/android @dependabot (#3485)
build(deps-dev): Bump hastscript from 8.0.0 to 9.0.0 in /website @dependabot (#3487)
build(deps): Bump react-fast-marquee from 1.6.2 to 1.6.3 in /website @dependabot (#3488)
build(deps): Bump the google group in /terraform/environments/production with 2 updates @dependabot (#3504)
build(deps): Bump the google group in /terraform/environments/staging with 2 updates @dependabot (#3510)
build(deps): Bump tailwindcss from 3.4.0 to 3.4.1 in /website @dependabot (#3490)
build(deps): Bump gradle/gradle-build-action from 2 to 3 @dependabot (#3480)
build(deps): Bump serde from 1.0.195 to 1.0.196 in /rust @dependabot (#3421)
build(deps): Bump keyring from 2.3.1 to 2.3.2 in /rust @dependabot (#3419)
build(deps): Bump actions/cache from 3 to 4 @dependabot (#3356)
build(deps): Bump telemetry_metrics from 0.6.1 to 0.6.2 in /elixir @dependabot (#3362)
build(deps): Bump winreg from 0.51.0 to 0.52.0 in /rust @dependabot (#3420)
build(deps): Bump plug_cowboy from 2.6.1 to 2.6.2 in /elixir @dependabot (#3358)
build(deps): Bump env_logger from 0.10.1 to 0.10.2 in /rust @dependabot (#3359)
build(deps): Bump ex_cldr_numbers from 2.32.3 to 2.32.4 in /elixir @dependabot (#3360)

📝 Documentation

ci: document and fix a couple things for local Docker testing @ReactorScram (#3672)
docs(linux): document default DNS setup on Debian 12 and Ubuntu 20.04 @ReactorScram (#3668)
docs(linux): document test setups for exercising all the Linux code @ReactorScram (#3660)

1.0.0-pre.8

3 months ago

fix(windows): work around possible keyring multi-threading bug for now @ReactorScram (#3363)
fix(gateway): make dns request in a new task without blocking peers @conectado (#3370)
deps: use usptream str0m @thomaseizinger (#3365)
Add explicit sysctl flags for AWS gateway command @bmanifold (#3366)
fix(apple): Enforce types when encoding getSystemDefaultResolvers to prevent tunnel crash @jamilbk (#3367)

🧰 Maintenance

build(deps): Bump clap from 4.4.17 to 4.4.18 in /rust @dependabot (#3357)
build(deps): Bump chrono from 0.4.31 to 0.4.32 in /rust @dependabot (#3361)

1.0.0-pre.7

3 months ago

🐛 Bug fixes

feat(devops): Add CoreDNS to AWS TF @bmanifold (#3351)
refactor(windows): Windows UI polish @jamilbk (#3338)
fix(connlib): Increase max partition time to handle client network partitions more gracefully @jamilbk (#3335)
test(windows): make Windows kill child processes when the parent exits @ReactorScram (#3311)
test(windows): multi-process test for IPC @ReactorScram (#3310)
feat(windows): detect network changes and log when connlib should stop / start / restart @ReactorScram (#3262)
feat(windows): prototype module for IPC @ReactorScram (#3304)
refactor(windows): move debug subcommands closer to their code and further from production subcommands @ReactorScram (#3307)
Use INFO for phoenix-channel portal connection @jamilbk (#3328)
connlib: Fix SplitDNS for some resources in web browsers @conectado (#3324)
fix(windows): #3211, start logs earlier, before Tauri starts @ReactorScram (#3296)
feat(windows): update network_changes module @ReactorScram (#3291)
Connlib multiple dns @conectado (#3317)
refactor(windows): clean up and simplify subcommands @ReactorScram (#3306)
refactor(windows): make load_advanced_settings sync so it doesn't need Tokio @ReactorScram (#3295)
Fix radio button toggle on Sites edit page @bmanifold (#3318)
feat(connection): use STUN to generate server-reflexive candidate @thomaseizinger (#3268)
refactor(windows): move CLI things inside client.rs @ReactorScram (#3305)
fix(portal): Allow users to manually provision OIDC users @AndrewDryga (#3325)

🧰 Maintenance

build(deps): Bump uuid from 1.6.1 to 1.7.0 in /rust @dependabot (#3339)
build(deps): Bump async-compression from 0.4.5 to 0.4.6 in /rust @dependabot (#3340)
build(deps): Bump shlex from 1.2.0 to 1.3.0 in /rust @dependabot (#3345)
build(deps): Bump wintun from 0.3.2 to 0.4.0 in /rust @dependabot (#3341)
build(deps): Bump h2 from 0.3.23 to 0.3.24 in /rust @dependabot (#3319)