-
Notifications
You must be signed in to change notification settings - Fork 482
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Recent Change to Dockerignore Parsing #850
Comments
Had the same issue, everything good locally but GH actions were failing for us. Figured it was **/*
!*.json
- !prisma
- !src
+ !prisma/**
+ !src/** |
Could either of you post a full example? |
@SlvrEagle23 Ok I was able to repro with buildx 0.7.0. In the meantime you can use the previous buildx release in your workflow with: -
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
with:
version: v0.6.3 |
@aaronlehmann This looks to be related to your |
This is related to moby/moby#42676 @tonistiigi: I want to confirm the expected behavior here. Given the
It sounds like we expect a file What if
In that case, would we expect the file to be ignored because there is a more specific exclude pattern? The logic currently getting applied is to use the parent dir's match result as a default if none of the patterns directly match a file. In the case here, the If we want the behavior I described above, it sounds like we need to keep track of these parent results at a per-pattern level. For example, with the
...when checking
|
I think logically this would be correct. But priority would be to fix up the regressions from the old behavior. If these cases didn't work before as well then they are not that time-critical. |
I think this matches
mkdir test && cd test
mkdir -p util/docker/web
touch util/docker/web/foo
touch util/docker/web/bar
git init Without git status
On branch main
No commits yet
Untracked files:
(use "git add <file>..." to include in what will be committed)
util/
nothing added to commit but untracked files present (use "git add" to track) Adding a cat > ./.gitignore <<'EOF'
**
!util/docker/web
util/docker/web/foo
EOF git status
On branch main
No commits yet
nothing to commit (create/copy files and use "git add" to track) Checking with git check-ignore -v util/docker/web
.gitignore:1:** util/docker/web
git check-ignore -v util/docker/web/foo
.gitignore:1:** util/docker/web/foo
git check-ignore -v util/docker/web/bar
.gitignore:1:** foo/bar/baz So to re-include a file, the parent directory that contains it must be included first, which can become complex quickly. The gitignore docs has an example to "exclude everything, except for some files, but things get complex quickly; cat > ./.gitignore <<'EOF'
/*
!/util
/util/*
!util/docker
/util/docker/web/*
!/util/docker/web/foo
EOF git check-ignore -v util/docker/web/foo
.gitignore:6:!/util/docker/web/foo util/docker/web/foo
git check-ignore -v util/docker/web/bar
.gitignore:5:/util/docker/web/* util/docker/web/bar
git status -uall
On branch main
No commits yet
Untracked files:
(use "git add <file>..." to include in what will be committed)
util/docker/web/foo
nothing added to commit but untracked files present (use "git add" to track) Changing that cat > ./.gitignore <<'EOF'
/**
!/util
/util/*
!util/docker
/util/docker/web/*
!/util/docker/web/foo
EOF git status -uall
On branch main
No commits yet
nothing to commit (create/copy files and use "git add" to track) |
That said, with BuildKit only sending files that are included in the COPY util/docker/web Unlike the classic (non-buildkit) builder, that should not send anything except for that path |
These paths still go through dockerignore filtering. |
Yes, so I meant that the .dockerignore file then wouldn't be needed in that case
… On 19 Nov 2021, at 21:24, Tõnis Tiigi ***@***.***> wrote:
That said, with BuildKit only sending files that are included in the COPY, p
These paths still go through dockerignore filtering.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
…attern The existing code does not correctly handle the case where a file matches one of the patterns, but should not match overall because of an exclude pattern that applied to a parent directory (see docker/buildx#850). Fix this by independently tracking the results of matching against each pattern. A file should be considered to match any pattern that matched a parent dir. Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
…attern The existing code does not correctly handle the case where a file matches one of the patterns, but should not match overall because of an exclude pattern that applied to a parent directory (see docker/buildx#850). Fix this by independently tracking the results of matching against each pattern. A file should be considered to match any pattern that matched a parent dir. Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
Opened moby/moby#43037 and tonistiigi/fsutil#114 to restore the old behavior. |
…attern The existing code does not correctly handle the case where a file matches one of the patterns, but should not match overall because of an exclude pattern that applied to a parent directory (see docker/buildx#850). Fix this by independently tracking the results of matching against each pattern. A file should be considered to match any pattern that matched a parent dir. Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
…attern The existing code does not correctly handle the case where a file matches one of the patterns, but should not match overall because of an exclude pattern that applied to a parent directory (see docker/buildx#850). Fix this by independently tracking the results of matching against each pattern. A file should be considered to match any pattern that matched a parent dir. Signed-off-by: Aaron Lehmann <alehmann@netflix.com> (cherry picked from commit 4555d3a)
…attern The existing code does not correctly handle the case where a file matches one of the patterns, but should not match overall because of an exclude pattern that applied to a parent directory (see docker/buildx#850). Fix this by independently tracking the results of matching against each pattern. A file should be considered to match any pattern that matched a parent dir. Signed-off-by: Aaron Lehmann <alehmann@netflix.com> Upstream-commit: 4555d3aa543ad54f0f0658337022632a26d7dd9a Component: engine
jFYI, We getting hit by this too. All of a sudden our CI is not passing with similar docker buildx errors https://github.com/abhinavsingh/proxy.py/runs/4517435825?check_suite_focus=true Will try the |
This change completely breaks our CI. We tried the workaround but nothing seems to work. Point is, Repository is here https://github.com/abhinavsingh/proxy.py. We are currently unable to submit new PRs due to broken build. |
It might be consistent but has broken a lot of builds around the world and wasted so many unnecessary man power digging into this. Can there be a better channel to communicate such breaking changes? |
@abhinavsingh Set a custom buildx version as a workaround. This issue in here should be fixed in v0.7.1 but looks like this is a different case. @aaronlehmann This looks like another case. I can repro locally. Looks like it is related to the complicated name? This fails:
This passes
|
FWIW, in our scenario, builds are broken even after removing |
Thank you @tonistiigi Didn't realize complex name can be the culprit here. Will try to rename artifact and see if it works.
Gotcha. Trying these workaround shortly, will revert back with findings. Thanks again. |
Indeed, I can confirm that. So could be something very different. Both v0.6.3 and v0.7.0 seem to work fine (notice v0.7.0 does have the issue originally reported here). v0.7.1 does not. @crazy-max Unrelated, but I noticed I can't see the buildx version on the action's output. Maybe we can improve on that for future debugging needs. |
Thank you @tonistiigi , this worked out. Ref https://github.com/abhinavsingh/proxy.py/runs/4556154387?check_suite_focus=true |
The issue in here is the If I view the diff then previously I think it did use a much simpler comparator with the Pretty bad that this complete logic switch was in a patch release. I assumed we were only fixing regressions here. |
…longer a UUID (#866) * Fix broken TLS interception because uid is now no longer a UUID * Give enough context to work id for them to be unique within a `proxy.py` instance * Use --port=0 by default within `proxy.TestCase` * Attempt to fix weird buildx issue * Add makefile targets within workflow * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci * Order? * Write scm file for make * Fetch depth * Quote patch * Try with sudo? * docker/buildx#850 * Remove sudo hack * https://github.com/docker/buildx/issues/850\#issuecomment-973270625 * Add explicit deps * Add `requirements-testing.txt` during linting phase * Pin buildx to v0.7.1 * Pin buildx to v0.7.0 * Revert back unnecessary change to dockerignore * Skip container within make workflow (because GHA lacks support for docker on macOS by default) * Repurpose make into developer workflow Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
If this becomes a problem we could get rid of |
The PR in question is tonistiigi/fsutil#108. This wasn't meant as a regression fix; the intent was to add support for I suspect what happened is that
I am confused about where this incorrect regexp is coming from. I assume you're talking about the code in
Can you elaborate on where you are seeing this?
I agree, it seems like there should be a fast path to avoid compiling a regexp when there are no wildcards. |
You might be not seeing it because of another recent PR in moby master. moby/moby@195558d#diff-709ecb416d43d86b2812c0eda71926f0af93cb7ef5f0486067a48e1e7ef90521 |
* Merge pull request #840 from abhinavsingh/release-schedule-notes Add release schedule under FAQ * Green CI (#841) * Cleanup parser & url classes (#843) * Optimize parser logic * Add `is_complete` property * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci * pre commit fixes * We need `ValueError` * wuff * useless * flake8 * Simplify url Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * pip prod(deps): bump twine from 3.6.0 to 3.7.0 (#845) Bumps [twine](https://github.com/pypa/twine) from 3.6.0 to 3.7.0. - [Release notes](https://github.com/pypa/twine/releases) - [Changelog](https://github.com/pypa/twine/blob/main/docs/changelog.rst) - [Commits](pypa/twine@3.6.0...3.7.0) --- updated-dependencies: - dependency-name: twine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * npm: bump jasmine from 3.6.3 to 3.10.0 in /dashboard (#844) Bumps [jasmine](https://github.com/jasmine/jasmine-npm) from 3.6.3 to 3.10.0. - [Release notes](https://github.com/jasmine/jasmine-npm/releases) - [Commits](jasmine/jasmine-npm@v3.6.3...v3.10.0) --- updated-dependencies: - dependency-name: jasmine dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * npm: bump chrome-devtools-frontend in /dashboard (#846) Bumps [chrome-devtools-frontend](https://github.com/ChromeDevTools/devtools-frontend) from 1.0.944903 to 1.0.947377. - [Release notes](https://github.com/ChromeDevTools/devtools-frontend/releases) - [Changelog](https://github.com/ChromeDevTools/devtools-frontend/blob/main/docs/release_management.md) - [Commits](https://github.com/ChromeDevTools/devtools-frontend/commits) --- updated-dependencies: - dependency-name: chrome-devtools-frontend dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * pip prod(deps): bump coverage from 6.1.2 to 6.2 (#847) Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.1.2 to 6.2. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@6.1.2...6.2) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * Fix GHA check-gate to properly identify failures (#849) * pip prod(deps): bump pylint from 2.12.1 to 2.12.2 (#851) Bumps [pylint](https://github.com/PyCQA/pylint) from 2.12.1 to 2.12.2. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog) - [Commits](pylint-dev/pylint@v2.12.1...v2.12.2) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * npm: bump @types/js-cookie from 2.2.6 to 3.0.1 in /dashboard (#850) Bumps [@types/js-cookie](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/js-cookie) from 2.2.6 to 3.0.1. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/js-cookie) --- updated-dependencies: - dependency-name: "@types/js-cookie" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * pip prod(deps): bump sphinx from 4.3.0 to 4.3.1 (#853) Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 4.3.0 to 4.3.1. - [Release notes](https://github.com/sphinx-doc/sphinx/releases) - [Changelog](https://github.com/sphinx-doc/sphinx/blob/4.x/CHANGES) - [Commits](sphinx-doc/sphinx@v4.3.0...v4.3.1) --- updated-dependencies: - dependency-name: sphinx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * pip prod(deps): bump paramiko from 2.8.0 to 2.8.1 (#855) * npm: bump ws from 7.4.6 to 8.3.0 in /dashboard (#854) * pip prod(deps): bump uvicorn from 0.15.0 to 0.16.0 (#857) Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.15.0 to 0.16.0. - [Release notes](https://github.com/encode/uvicorn/releases) - [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md) - [Commits](encode/uvicorn@0.15.0...0.16.0) --- updated-dependencies: - dependency-name: uvicorn dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * npm: bump chrome-devtools-frontend in /dashboard (#856) Bumps [chrome-devtools-frontend](https://github.com/ChromeDevTools/devtools-frontend) from 1.0.947377 to 1.0.949424. - [Release notes](https://github.com/ChromeDevTools/devtools-frontend/releases) - [Changelog](https://github.com/ChromeDevTools/devtools-frontend/blob/main/docs/release_management.md) - [Commits](https://github.com/ChromeDevTools/devtools-frontend/commits) --- updated-dependencies: - dependency-name: chrome-devtools-frontend dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * Process `--enable-*` flags before loading plugins (#860) * Process `--enable-*` flags before loading plugins * Fix spelling * Ignore RST299 and RST499 * npm: bump http-server from 0.12.3 to 14.0.0 in /dashboard (#858) Bumps [http-server](https://github.com/http-party/http-server) from 0.12.3 to 14.0.0. - [Release notes](https://github.com/http-party/http-server/releases) - [Commits](http-party/http-server@v0.12.3...v14.0.0) --- updated-dependencies: - dependency-name: http-server dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * pip prod(deps): bump furo from 2021.11.15 to 2021.11.23 (#859) Bumps [furo](https://github.com/pradyunsg/furo) from 2021.11.15 to 2021.11.23. - [Release notes](https://github.com/pradyunsg/furo/releases) - [Changelog](https://github.com/pradyunsg/furo/blob/main/docs/changelog.md) - [Commits](pradyunsg/furo@2021.11.15...2021.11.23) --- updated-dependencies: - dependency-name: furo dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * Update web log context fields to match proxy log context fields (#861) * Update web log context fields to match those with proxy log context for consistency * Fix spell * Fix `DEFAULT_WEB_ACCESS_LOG_FORMAT` * pip prod(deps): bump pytest-xdist from 2.4.0 to 2.5.0 (#864) Bumps [pytest-xdist](https://github.com/pytest-dev/pytest-xdist) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/pytest-dev/pytest-xdist/releases) - [Changelog](https://github.com/pytest-dev/pytest-xdist/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/pytest-xdist@v2.4.0...v2.5.0) --- updated-dependencies: - dependency-name: pytest-xdist dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * npm: bump eslint-plugin-node from 10.0.0 to 11.1.0 in /dashboard (#863) Bumps [eslint-plugin-node](https://github.com/mysticatea/eslint-plugin-node) from 10.0.0 to 11.1.0. - [Release notes](https://github.com/mysticatea/eslint-plugin-node/releases) - [Commits](mysticatea/eslint-plugin-node@v10.0.0...v11.1.0) --- updated-dependencies: - dependency-name: eslint-plugin-node dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * Fix broken TLS interception & CacheResponsesPlugin because UID is no longer a UUID (#866) * Fix broken TLS interception because uid is now no longer a UUID * Give enough context to work id for them to be unique within a `proxy.py` instance * Use --port=0 by default within `proxy.TestCase` * Attempt to fix weird buildx issue * Add makefile targets within workflow * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci * Order? * Write scm file for make * Fetch depth * Quote patch * Try with sudo? * docker/buildx#850 * Remove sudo hack * https://github.com/docker/buildx/issues/850\#issuecomment-973270625 * Add explicit deps * Add `requirements-testing.txt` during linting phase * Pin buildx to v0.7.1 * Pin buildx to v0.7.0 * Revert back unnecessary change to dockerignore * Skip container within make workflow (because GHA lacks support for docker on macOS by default) * Repurpose make into developer workflow Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * Integrate showing unreleased changelog draft (#873) * pip prod(deps): bump types-paramiko from 2.8.2 to 2.8.4 (#868) * npm: bump @types/jasmine from 3.6.1 to 3.10.2 in /dashboard (#867) * pip prod(deps): bump py-spy from 0.3.10 to 0.3.11 (#875) Bumps [py-spy](https://github.com/benfred/py-spy) from 0.3.10 to 0.3.11. - [Release notes](https://github.com/benfred/py-spy/releases) - [Changelog](https://github.com/benfred/py-spy/blob/master/CHANGELOG.md) - [Commits](benfred/py-spy@v0.3.10...v0.3.11) --- updated-dependencies: - dependency-name: py-spy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * [GHA] Add container integration test & publish containers to GHCR (#818) * Handle KBI in threadless * Remove line-length disable clause * Move `Set PROXYPY_CONTAINER_VERSION env` within pre-setup * Use step output * Use review suggestion * Break line at less essential places * Possibly fix? * alignment necessary? * :) * Fix integration * Add `v` prefix * Load buildx image within docker for integration tests to work * Run container in detached mode * Enable web server for integration test to work * Push to GHCR after successful tests * Tag & Push to GHCR * Add package permission * Login to GHCR * Login to GHCR * Login to GHCR * Explicitly use ghcr.io registry * Add a ghcr manifest creation step which depends upon docker step * Probably we need all images (tags) locally * arm not amd * Fix syntax * Fix typo * `Unable to find image ghcr.io/abhinavsingh/proxy.py:latest locally` * GHCR doesnt support manifest? * Publish multi-platform containers on GHCR (#877) * Build containers without matrix based strategy. Helps with buildx based manifest generation * Use buildx directly in workflows * Add PROXYPY_PKG_PATH arg * Add missing . * --push from buildx * Also add latest tag for GHCR * Fix typo * Explain differences between latest tag on DockerHub (stable) and GHCR (develop) * Publish multi-platform containers to DockerHub (#878) * Use `--local-executor` flag by default for Docker container (#880) * Benchmark gets packaged within wheel if set as a package * Use `--local-executor` flag by default for Docker containers * Dockerfile update * Fix mypy issues * Remove conflicting dir names * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sviatoslav Sydorenko <wk@sydorenko.org.ua>
* Merge pull request #840 from abhinavsingh/release-schedule-notes Add release schedule under FAQ * Green CI (#841) * Cleanup parser & url classes (#843) * Optimize parser logic * Add `is_complete` property * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci * pre commit fixes * We need `ValueError` * wuff * useless * flake8 * Simplify url Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * pip prod(deps): bump twine from 3.6.0 to 3.7.0 (#845) Bumps [twine](https://github.com/pypa/twine) from 3.6.0 to 3.7.0. - [Release notes](https://github.com/pypa/twine/releases) - [Changelog](https://github.com/pypa/twine/blob/main/docs/changelog.rst) - [Commits](pypa/twine@3.6.0...3.7.0) --- updated-dependencies: - dependency-name: twine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * npm: bump jasmine from 3.6.3 to 3.10.0 in /dashboard (#844) Bumps [jasmine](https://github.com/jasmine/jasmine-npm) from 3.6.3 to 3.10.0. - [Release notes](https://github.com/jasmine/jasmine-npm/releases) - [Commits](jasmine/jasmine-npm@v3.6.3...v3.10.0) --- updated-dependencies: - dependency-name: jasmine dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * npm: bump chrome-devtools-frontend in /dashboard (#846) Bumps [chrome-devtools-frontend](https://github.com/ChromeDevTools/devtools-frontend) from 1.0.944903 to 1.0.947377. - [Release notes](https://github.com/ChromeDevTools/devtools-frontend/releases) - [Changelog](https://github.com/ChromeDevTools/devtools-frontend/blob/main/docs/release_management.md) - [Commits](https://github.com/ChromeDevTools/devtools-frontend/commits) --- updated-dependencies: - dependency-name: chrome-devtools-frontend dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * pip prod(deps): bump coverage from 6.1.2 to 6.2 (#847) Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.1.2 to 6.2. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@6.1.2...6.2) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * Fix GHA check-gate to properly identify failures (#849) * pip prod(deps): bump pylint from 2.12.1 to 2.12.2 (#851) Bumps [pylint](https://github.com/PyCQA/pylint) from 2.12.1 to 2.12.2. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog) - [Commits](pylint-dev/pylint@v2.12.1...v2.12.2) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * npm: bump @types/js-cookie from 2.2.6 to 3.0.1 in /dashboard (#850) Bumps [@types/js-cookie](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/js-cookie) from 2.2.6 to 3.0.1. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/js-cookie) --- updated-dependencies: - dependency-name: "@types/js-cookie" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * pip prod(deps): bump sphinx from 4.3.0 to 4.3.1 (#853) Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 4.3.0 to 4.3.1. - [Release notes](https://github.com/sphinx-doc/sphinx/releases) - [Changelog](https://github.com/sphinx-doc/sphinx/blob/4.x/CHANGES) - [Commits](sphinx-doc/sphinx@v4.3.0...v4.3.1) --- updated-dependencies: - dependency-name: sphinx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * pip prod(deps): bump paramiko from 2.8.0 to 2.8.1 (#855) * npm: bump ws from 7.4.6 to 8.3.0 in /dashboard (#854) * pip prod(deps): bump uvicorn from 0.15.0 to 0.16.0 (#857) Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.15.0 to 0.16.0. - [Release notes](https://github.com/encode/uvicorn/releases) - [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md) - [Commits](encode/uvicorn@0.15.0...0.16.0) --- updated-dependencies: - dependency-name: uvicorn dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * npm: bump chrome-devtools-frontend in /dashboard (#856) Bumps [chrome-devtools-frontend](https://github.com/ChromeDevTools/devtools-frontend) from 1.0.947377 to 1.0.949424. - [Release notes](https://github.com/ChromeDevTools/devtools-frontend/releases) - [Changelog](https://github.com/ChromeDevTools/devtools-frontend/blob/main/docs/release_management.md) - [Commits](https://github.com/ChromeDevTools/devtools-frontend/commits) --- updated-dependencies: - dependency-name: chrome-devtools-frontend dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * Process `--enable-*` flags before loading plugins (#860) * Process `--enable-*` flags before loading plugins * Fix spelling * Ignore RST299 and RST499 * npm: bump http-server from 0.12.3 to 14.0.0 in /dashboard (#858) Bumps [http-server](https://github.com/http-party/http-server) from 0.12.3 to 14.0.0. - [Release notes](https://github.com/http-party/http-server/releases) - [Commits](http-party/http-server@v0.12.3...v14.0.0) --- updated-dependencies: - dependency-name: http-server dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * pip prod(deps): bump furo from 2021.11.15 to 2021.11.23 (#859) Bumps [furo](https://github.com/pradyunsg/furo) from 2021.11.15 to 2021.11.23. - [Release notes](https://github.com/pradyunsg/furo/releases) - [Changelog](https://github.com/pradyunsg/furo/blob/main/docs/changelog.md) - [Commits](pradyunsg/furo@2021.11.15...2021.11.23) --- updated-dependencies: - dependency-name: furo dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * Update web log context fields to match proxy log context fields (#861) * Update web log context fields to match those with proxy log context for consistency * Fix spell * Fix `DEFAULT_WEB_ACCESS_LOG_FORMAT` * pip prod(deps): bump pytest-xdist from 2.4.0 to 2.5.0 (#864) Bumps [pytest-xdist](https://github.com/pytest-dev/pytest-xdist) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/pytest-dev/pytest-xdist/releases) - [Changelog](https://github.com/pytest-dev/pytest-xdist/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/pytest-xdist@v2.4.0...v2.5.0) --- updated-dependencies: - dependency-name: pytest-xdist dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * npm: bump eslint-plugin-node from 10.0.0 to 11.1.0 in /dashboard (#863) Bumps [eslint-plugin-node](https://github.com/mysticatea/eslint-plugin-node) from 10.0.0 to 11.1.0. - [Release notes](https://github.com/mysticatea/eslint-plugin-node/releases) - [Commits](mysticatea/eslint-plugin-node@v10.0.0...v11.1.0) --- updated-dependencies: - dependency-name: eslint-plugin-node dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * Fix broken TLS interception & CacheResponsesPlugin because UID is no longer a UUID (#866) * Fix broken TLS interception because uid is now no longer a UUID * Give enough context to work id for them to be unique within a `proxy.py` instance * Use --port=0 by default within `proxy.TestCase` * Attempt to fix weird buildx issue * Add makefile targets within workflow * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci * Order? * Write scm file for make * Fetch depth * Quote patch * Try with sudo? * docker/buildx#850 * Remove sudo hack * https://github.com/docker/buildx/issues/850\#issuecomment-973270625 * Add explicit deps * Add `requirements-testing.txt` during linting phase * Pin buildx to v0.7.1 * Pin buildx to v0.7.0 * Revert back unnecessary change to dockerignore * Skip container within make workflow (because GHA lacks support for docker on macOS by default) * Repurpose make into developer workflow Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * Integrate showing unreleased changelog draft (#873) * pip prod(deps): bump types-paramiko from 2.8.2 to 2.8.4 (#868) * npm: bump @types/jasmine from 3.6.1 to 3.10.2 in /dashboard (#867) * pip prod(deps): bump py-spy from 0.3.10 to 0.3.11 (#875) Bumps [py-spy](https://github.com/benfred/py-spy) from 0.3.10 to 0.3.11. - [Release notes](https://github.com/benfred/py-spy/releases) - [Changelog](https://github.com/benfred/py-spy/blob/master/CHANGELOG.md) - [Commits](benfred/py-spy@v0.3.10...v0.3.11) --- updated-dependencies: - dependency-name: py-spy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * [GHA] Add container integration test & publish containers to GHCR (#818) * Handle KBI in threadless * Remove line-length disable clause * Move `Set PROXYPY_CONTAINER_VERSION env` within pre-setup * Use step output * Use review suggestion * Break line at less essential places * Possibly fix? * alignment necessary? * :) * Fix integration * Add `v` prefix * Load buildx image within docker for integration tests to work * Run container in detached mode * Enable web server for integration test to work * Push to GHCR after successful tests * Tag & Push to GHCR * Add package permission * Login to GHCR * Login to GHCR * Login to GHCR * Explicitly use ghcr.io registry * Add a ghcr manifest creation step which depends upon docker step * Probably we need all images (tags) locally * arm not amd * Fix syntax * Fix typo * `Unable to find image ghcr.io/abhinavsingh/proxy.py:latest locally` * GHCR doesnt support manifest? * Publish multi-platform containers on GHCR (#877) * Build containers without matrix based strategy. Helps with buildx based manifest generation * Use buildx directly in workflows * Add PROXYPY_PKG_PATH arg * Add missing . * --push from buildx * Also add latest tag for GHCR * Fix typo * Explain differences between latest tag on DockerHub (stable) and GHCR (develop) * Publish multi-platform containers to DockerHub (#878) * Use `--local-executor` flag by default for Docker container (#880) * Benchmark gets packaged within wheel if set as a package * Use `--local-executor` flag by default for Docker containers * Dockerfile update * Fix mypy issues * Remove conflicting dir names * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * Pre-evaluate `args.threadless = is_threadless` (#881) * Pre-evaluate `args.threadless = is_threadless` during flag initialization * Address some antipatterns in code * Executor pool only started for _env_threadless_compliant * ignore WPS450 * pip prod(deps): bump blacksheep from 1.2.1 to 1.2.2 (#885) Bumps [blacksheep](https://github.com/Neoteroi/BlackSheep) from 1.2.1 to 1.2.2. - [Release notes](https://github.com/Neoteroi/BlackSheep/releases) - [Changelog](https://github.com/Neoteroi/BlackSheep/blob/main/CHANGELOG.md) - [Commits](Neoteroi/BlackSheep@v1.2.1...v1.2.2) --- updated-dependencies: - dependency-name: blacksheep dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * npm: bump chrome-devtools-frontend in /dashboard (#884) Bumps [chrome-devtools-frontend](https://github.com/ChromeDevTools/devtools-frontend) from 1.0.949424 to 1.0.952784. - [Release notes](https://github.com/ChromeDevTools/devtools-frontend/releases) - [Changelog](https://github.com/ChromeDevTools/devtools-frontend/blob/main/docs/release_management.md) - [Commits](https://github.com/ChromeDevTools/devtools-frontend/commits) --- updated-dependencies: - dependency-name: chrome-devtools-frontend dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * Tag GHCR latest only when publishing from develop branch (#887) * Tag GHCR latest only when publishing from develop branch * Fix condition * Quote platforms * Fix output(s) typo * Fix conditional for latest tag on GHCR (#889) * pip prod(deps): bump mypy from 0.910 to 0.920 (#890) Bumps [mypy](https://github.com/python/mypy) from 0.910 to 0.920. - [Release notes](https://github.com/python/mypy/releases) - [Commits](python/mypy@v0.910...v0.920) --- updated-dependencies: - dependency-name: mypy dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * npm: bump chrome-devtools-frontend in /dashboard (#886) Bumps [chrome-devtools-frontend](https://github.com/ChromeDevTools/devtools-frontend) from 1.0.949424 to 1.0.952865. - [Release notes](https://github.com/ChromeDevTools/devtools-frontend/releases) - [Changelog](https://github.com/ChromeDevTools/devtools-frontend/blob/main/docs/release_management.md) - [Commits](https://github.com/ChromeDevTools/devtools-frontend/commits) --- updated-dependencies: - dependency-name: chrome-devtools-frontend dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * npm: bump jquery from 3.5.1 to 3.6.0 in /dashboard (#891) Bumps [jquery](https://github.com/jquery/jquery) from 3.5.1 to 3.6.0. - [Release notes](https://github.com/jquery/jquery/releases) - [Commits](jquery/jquery@3.5.1...3.6.0) --- updated-dependencies: - dependency-name: jquery dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abhinav Singh <126065+abhinavsingh@users.noreply.github.com> * [TLSInterception] Fix serial number generation (#892) * Fix serial number generation * Fix spellcheck-doc Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sviatoslav Sydorenko <wk@sydorenko.org.ua>
…attern The existing code does not correctly handle the case where a file matches one of the patterns, but should not match overall because of an exclude pattern that applied to a parent directory (see docker/buildx#850). Fix this by independently tracking the results of matching against each pattern. A file should be considered to match any pattern that matched a parent dir. Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
Seems to be solved since last buildkit vendoring #889 |
…er/buildx#850 Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com>
…lem specific to using buildx in GH Actions: docker/buildx#850. Attempt at fixing it.
…attern The existing code does not correctly handle the case where a file matches one of the patterns, but should not match overall because of an exclude pattern that applied to a parent directory (see docker/buildx#850). Fix this by independently tracking the results of matching against each pattern. A file should be considered to match any pattern that matched a parent dir. Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
.dockerignore: adjust for docker/buildx#850
(cherry picked from commit d710d00)
auth-4.9 .dockerignore: adjust for docker/buildx#850
…sion 5.1.0 Aki Tuomi (32): ws-auth: Extract zone from ID to macro ws-auth.cc: Split apiZoneMetadata to GET and POST variant ws-auth.cc: Split apiZoneMetadataKind to GET, PUT and DELETE variants ws-auth.cc: Split apiServerTSIGKeys to GET and POST variant ws-auth.cc: Split apiServerTSIGKeyDetail to GET, PUT and DELETE variant ws-auth.cc: Split apiServerAutoprimaries to GET and POST variants ws-auth: Add apiServerAutoprimaryDetailDELETE ws-auth.cc: Split apiServerZones to GET and POST variants ws-auth: Add NOLINTs to apiServerZonesPOST() ws-auth.cc: Split apiServerZoneDetail to GET, PATCH, PUT and DELETE variants ws-auth.cc: Prepare apiZoneCryptokeys for method routing webserver: Allow specifying supported method ext/yahttp: Move route matching to separate function ws-auth.cc: Move method checking to router ws-recursor.cc: Add methods to routes ws-recursor.cc: Split apiServerConfigACL to GET and PUT variant ws-recursor.cc: Split apiServerZones to GET and POST variant ws-recursor.cc: Split apiServerZoneDetail to GET, PUT, DELETE variants ws-recursor.cc: Remove redundant checks for method ws-api.cc: Remove redundant checks for method webserver.cc: Add resource aware OPTIONS handler regression-tests.api/test_Basics: Update to match new dynamic CORS handler ws-api: Constify some variables Remove unused req for prometheusMetrics() remotebackend: Fix example.com ID remotebackend: Use asString for serial remotebackend: Do not send extra NUL with zeromq remotebackend: Convert unit tests to python remotebackend: Convert regression tests to python remotebackend: Remove stray files tasks: Replace ruby with python tasks: Dump all remotebackend logs, including server logs Alexis Romero (1): run build-and-test-test-all workflow on debian bookworm Brian Rak (6): Add Lua function to pick records via name hash Fix typo Appease lint Update minor code/doc nits Update overload-queue-length and overload-drops documentation Update docs/performance.rst Carolin Dohmen (1): Only print config if debug flag is set Charles-Henri Bruyand (49): dnsdist: add doh3 protocol dnsdist: add beta support for incoming DNS over HTTP/3 dnsdist: add basic DoHTTP/3 test dnsdist: doh3, fix formating and clang-tidy warnings dnsdist: enable doh3 in our CI dnsdist: doh3 clarify fin usage dnsdist: refactor some common code between doq/doh3 dnsdist: add some words about doh3 in documentation dnsdist: doh3, appease the CI folks dnsdist: doh3 fix a few review points dnsdist: doh3 add support for post queries dnsdist: doh3 clean some var names dnsdist: display if DNS over HTTP/3 is enabled or not in the configure report auth: add a configurable delay for notifications dnsdist: try to increase receive and send buffers to max dnsdist: tidy variable name dnsdist: doq,doh3 make sure we enforce any ACL dnsdist: buffer h3 headers until query has been dispatched dnsdist: add content-type header information in http/3 responses, add relayed response size in http/3 vinfologs Update pdns/dnsdistdist/doh3.cc dnsdist: properly set protocol for dnstap and protobuf logging when using DoQ or DoH3 format pdns/dnsdist-lua-actions.cc pdns/dnsdist-protobuf.cc pdns/dnsdist-protobuf.hh pdns/dnstap.cc pdns/dnstap.hh dnsdist: clang-tidy fixes dnsdist: add a test for new protobuf field httpVersion dnsmessage.proto: fix naming consistency dnsdist: test protobuf protocols for DoHTTP/3 and DoQ dnsdist: revert some clang-tidy related changes auth: fix tinydnsbackend compilation issue auth: reformat communicator.hh and communicator.cc auth: a bit of tidy auth: document new delay-notifications setting dnsname: move len and offset from int to size_t dnsname: clang-tidy fix a few missing braces dnsname: tidy some implicit conversion dnsname: remove unnecessary cast as suggested by Otto auth: lua-records, add support for pickchashed function auth: tell spell check about pickchashed auth: clang-tidy fixes auth: fix typo in tests ixfrdist: send out notify ixfrdist: clang-tidy cleanup ixfrdist: add examples of notify out configuration ixfrdist: add a simple test for outgoing notify ixfrdist: clang-tidy cleanup auth: lua-records, support cleaning old hashed entries ixfrdist: fix centos build ixfrist: fix coverity report 1534483 ixfrdist: fix coverity 1534661 and 1534662 dnsdist: update test runner for mac with dynamic prefix and up to date package name for curl Chris Hofstaedtler (7): auth: add test for mixing CNAME with other types on wildcards auth api: flush all caches when flushing ws-auth: restore zone cache cleanup in apiServerZoneDetailDELETE auth: allow building in separate build directory rec: allow out-of-tree builds auth dnsproxy: fix build on s390x autoconf: allow prerelease systemd versions Doug Freed (3): tcpiohandler: Use server preference algoritm for ALPN selection rec-main: let NetmaskGroup parse dont-throttle-netmasks Fix formatting of PowerDNS SA 2024-03 Edward Dore (1): Fix country()/countryCode() mixup in example Lua Record Eli Schwartz (1): configure: remove broken bashism Ensar Sarajčić (16): rec: add `udr-ignore-list` option Add support for `udr-ignore-list-file` Remove wrong description from UDR related settings Add file option for new domain ignore list Update error on bad file name for ignorelist Remove unnecessary trims from ignore list file parsing Remove `oldname` from new settings Update doc for file ignore list variants Remove comment functionality from ignore list file Reduce nesting in NOD check Reduce nesting in UDR check Handle exceptions when reading domains from file ignorelist Add braces for if statements in ignorelist parsing for readability Use example.com instead of xyz123.tv for docs Fix formatting for settings/table.py Fix remaining formatting issues in settings/table.py Erik Winkels (5): Add auth-49, rec-50 and dnsdist-19 to repo test script. Remove Ubuntu Bionic and add Noble to repo test script. Update version regex for Python 3. Remove support for EOL versions from repo test script. Update repo test script version. Evil Eye (3): Add dnsupdate-require-tsig config option Add tests Add documentation Frank Louwers (4): clarify `also-notify-from` docs fix ref Update docs/settings.rst Update dq.rst Fred Morcos (448): Fix type qualifier warning Fix warnings with GCC and older clang Some cleanups in dnsbulktest.cc and dnstcpbench.cc Cleanup dns.hh Format DNSResourceRecord Cleanup DNSResourceRecord Fix warning about pointer with non-zero offset being freed Format ws-auth.hh Format ws-auth.cc Move Ewma impl to ws-auth.cc Whitespace cleanup Remove global StatBag from ws-auth Format ws-api.hh Format ws-api.cc Delint ws-api.cc Delint ws-auth.cc Replace the zoneFromId() macro with a ZoneData class in ws-auth.cc Get rid of some NOLINTs in ws-auth.cc Replace the TSIGKeyFromId() macro with a TSIGKeyData class in ws-auth.cc Fix formatting in ws-auth.cc Fixup Github clang-tidy helper scripts Format dnsbackend.hh and dnsbackend.cc Fixup dnsbackend.cc and dnsbackend.hh Format test-sha_hh.cc Clean up pdns/sha.hh Format test-digests_hh.cc Cleanup pdns/digests.hh Fix compilation of dnsproxy.cc due to unused macro CI: Enable verbose logging to catch errors withing DLOG macros Cleanup remotebackend testrunner script Fix remotebackend testrunner script's new_api mode Meson: Initial Meson build file Meson: Lua and lua.hpp Meson: Print build summary Meson: Cleanup Lua and lua.hpp Meson: Refactor pthread_setname variant detection Meson: Compiler and libc hardening Meson: Unsafe KISS RNG Meson: Network functions Meson: tm_gmtoff in struct tm Meson: Check for sys/mman.h and mmap Meson: libsodium signers support Meson: libdecaf signers support Meson: libcrypto signers support Meson: Minor cleanup Meson: OpenSSL ECDSA and EdDSA Meson: Compiler setup Meson: Summary Meson: time_t size Meson: time_t sign Meson: flex and bison Meson: Platform information Meson: Atomics Meson: pthread headers Meson: pthread setname Meson: strerror Meson: Lua and lua.hpp Meson: Compiler hardening features Meson: KISS RNG Meson: Network libraries and functions Meson: gmtoff member of struct tm Meson: mman.h and mmap Meson: libsodium signers Meson: libdecaf signers Meson: OpenSSL libcrypto signers Meson: Clean up main auth build file Meson: OpenSSL libssl Meson: GnuTLS Meson: DNS over TLS Meson: ipcipher Meson: Ragel Meson: clock_gettime Meson: Boost Meson: Boost program_options library Meson: Unit Tests Meson: Auth backend unit tests Meson: Reproducible builds Meson: Fuzzing targets Meson: Python venv Meson: Auth Sqlite3 Meson: From Git Meson: Auth API Swagger Meson: Auth manpages Meson: Reorder Auth build file Meson: dlopen Meson: Clean up some boost and unit test handling Meson: Auth various functions Meson: Verbose Logging Meson: PKCS11 Meson: GSS-TSIG Meson: Fix issue in Summary output Meson: Refactor some compiler hardening features Meson: Refactor platform detection Meson: Auth socket-dir Meson: Auth detect modules Meson: MySQL Meson: ODBC Meson: PostgreSQL Meson: SQLite3 Meson: LDAP Meson: cURL Meson: Auth remote backend Meson: CDB Meson: Auth tinyDNS backend Meson: Auth GeoIP backend Meson: Boost Program Options Library Meson: Add missing TODO item Meson: Boost Serialization Meson: Auth LMDB backend Meson: Auth remote backend (with and without ZeroMQ) Meson: Auth tools Meson: ixfrdist Meson: Lua records Meson: Auth bind module Meson: Auth pipe backend Meson: Move flex and bison to prog-flex and prog-bison Meson: Move ragel to prog-ragel Meson: Handle backend modules Meson: Preliminary Auth backend module build files Meson: Generate the version number Meson: Update libcrypto module outputs Meson: Fix libdecaf include dir Meson: Create flex and bison generators Meson: Define HAVE_CONFIG_H Meson: Small refactoring of how Auth modules are handled Meson: Use enabled/disabled in libcrypto instead of yes/no Meson: Product source and build dirs Meson: Small refactoring to how Auth modules are built Meson: Auth Lua2 backend build file Meson: Auth bind backend build file Meson: Systemd and its service file handling Meson: Code coverage Meson: Automatic Variable Initialization Meson: More consistent option naming Meson: Sanitizers Meson: Separate dependency args from global option args Meson: Disable some features for their meson counterpart Meson: Malloc trace Meson: LTO Meson: Use builtin feature to build PIEs Meson: Use builtin feature to handle coverage Meson: Use builtin feature to handle sanitizers Meson: Use builtin option to handle LTO Meson: Archive Meson: Cleanup main auth file Meson: Also add global compiler arguments for C files Meson: Auth version summary Meson: Ragel generator Meson: Auth backend unit tests meson module Meson: Move -DHAVE_CONFIG_H to meson build module Meson: More consistent file naming Meson: Auth socket dir Meson: Various functions needed by auth Meson: Cleanup auth meson module imports Meson: Toplevel includes Meson: ipcrypt Meson: YaHTTP Meson: ext Meson: Use gen-version for the meson project version Meson: More readable compiler command Meson: Add -Wno-ignored-attributes Meson: Redirects in meson are passed with shell escaping Meson: Bind backend dependencies Meson: json11 ext Meson: sysconfdir Meson: libdir and pkglibdir Meson: libpdns, libpdns_bindparser and libpdns_auth Meson: Toplevel include directories Meson: Fix libsystemd detection Meson: Fix lua_records handling Meson: detect some more functions Meson: Set LOCALSTATEDIR as the socket dir Meson: Turn ext/yahttp into a dependency Meson: Build ext/json11 as a static_library Meson: Build the auth bindbackend as a shared module Meson: introduce libpdns and libpdns_auth Meson: Use libpdns and libpdns_meson to build pdns_server Meson: Bump minimum version to Debian 11's 1.0 Meson: Cleanup some TODOs Meson: Cleanup pkcs11 module Meson: Cleanup GSS-TSIG module Meson: socket-dir is not specific to auth Meson: Various functions are not specific to auth Meson: Cleanup the various-functions module Meson: Minor cleanups of main auth build file Meson: Bump version to 1.2.1 Meson: License file Meson: lua2 backend cleanup Meson: ext/yahttp cleanup Meson: Auth bindbackend cleanup Meson: Replace toplevel_includes with a proper dependency Meson: fix libpdns-* names Meson: Cleanup atomics module Meson: Cleanup various modules Meson: Cleanup lua module Meson: Cleanup lua-records module Meson: rework and cleanup pdns/meson.build file Meson: Cleanup ext/json11 Meson: Cleanup ext/yahttp Meson: Cleanup systemd module Meson: Rework dependencies handling Meson: Cleanup bison, flex and ragel modules Meson: Cleanup libdir and sysconfdir modules Meson: Cleanup time_t modules Meson: Cleanup platform module Meson: Some cleanup in toplevel meson build file Meson: More cleanups to the atomics module Meson: Cleanup pthread-headers module Meson: Cleanup pthread-setname module Meson: Cleanup sterror_r module Meson: Cleanup hardening modules Meson: Cleanup the KISS RNG module Meson: Cleanup the mmap module Meson: Cleanup the netlibs module Meson: Cleanup the gmtoff module Meson: Cleanup libsodium module Meson: Cleanup libdecaf module Meson: Cleanup libcrypto modules Meson: Cleanup libssl module Meson: Cleanup ipcipher module Meson: Cleanup GnuTLS module Meson: Cleanup DoT module Meson: Cleanup librt module Meson: Cleanup boost modules Meson: Cleanup unit test modules Meson: Cleanup dlopen module Meson: Cleanup reproducible builds module Meson: Cleanup verbose logging module Meson: Cleanup from-git module Meson: Cleanup fuzz targets module Meson: Cleanup auth-tools module Meson: Cleanup python and venv module Meson: Cleanup ixfrdist module Meson: Cleanup ipcrypt ext module Meson: Reorder some deps Meson: Cleanup sanitizer modules Meson: Cleanup misc modules Meson: Get rid of using a global deps list Meson: Cleanup GeoIP module Meson: Cleanup LDAP module Meson: Rename libpdns_bindparser to libpdns_bind_parser Meson: Generate the sqlite3 bind-dnssec schema code Meson: Generate swagger api and apidocfiles.h Meson: Don't lookup the venv module for Python anymore Meson: Rework how modules are handled Meson: Cleanup the mysql dependency detection Meson: Cleanup the ODBC dependency detection Meson: Cleanup the pgsql dependency detection Meson: Cleanup the sqlite3 dependency detection Meson: Auth Backends: pipe Meson: Auth Backends: gsqlite3 Meson: Auth Backends: bind Meson: Auth Backends: gmysql Meson: Auth Backends: godbc Meson: Auth Backends: gpgsql Meson: Auth Backends: LDAP Meson: Detect ext modules before auth backend modules Meson: Add the ext arc4random module Meson: Cleanup the ZeroMQ module Meson: Cleanup pdns/ submodule Meson: Rework how modules are handled (again!) Meson: Add threads dependencies Meson: Add SSQLite3 to libpdns-auth Meson: Use link_whole for backend library archive files Meson: Properly set configuration variables for LDAP Meson: Set HAVE_ZMQ_MSG_SEND in ZeroMQ module Meson: Cleanup remote backend Meson: Cleanup CDB module Meson: Auth tinydns backend Meson: Fix geoip module Meson: Auth GeoIP backend Meson: ext lmdb-safe module Meson: link_whole ext modules Meson: Cleanup lmdb module Meson: Auth lmdb backend Meson: Handle auth module dependencies on ext modules Meson: Fix platform detection on MacOS Meson: Fix hardening not working when PIE is disabled Meson: Disable the auth mysql backend by default Meson: Use link_with for ext modules Meson: Fix lmdb-safe module linking issues Meson: Remove direct lmdb dependency from pdns_server Meson: Add boost dependency for auth bind and pipe backends Meson: Various headers module Meson: Fix bison call for MacOS Meson: Fix strerror_r detection Meson: Get rid of from-git subdir call Meson: Check python PyYAML package Meson: Separate GSS and TSIG Meson: Cleanup dlopen module Meson: Build pdnsutil Meson: Don't require EVP_PKEY_CTX_set1_scrypt_salt in libcrypto Meson: Conditionally generate dnslabeltext.cc Meson: Conditionally generate apidocfiles.h Meson: Conditionally generate bind-dnssec.schema.sqlite3.sql.h Meson: Improve warning message when PIE is disabled Meson: Improve detection of pkcs11 dependencies Meson: Add transient dependencies for the lmdb backend Meson: Get rid of libpdns_util_main Meson: Properly name libraries Meson: Build modules with all dependencies Meson: Rely on the correct pg_config variables for Postgres Meson: Use --version instead of --cc_version with mysql_config Meson: Handle bindparser lexer and parser files conditionally Meson: Minor cleanup of python module Meson: Formatting cleanup of pthread headers module Meson: Conditionally check for ragel for dnslabeltext.cc Meson: Minor cleanup in mmap module Meson: Separate python for apidocfiles and the BIND DNSSEC schema Meson: Move flex, bison, python and ragel modules to archive Meson: Move mmap, geoip and maxminddb detection to geoipbackend Meson: Change strerror_r test to a C program Meson: Move detection of tm_gmtoff to YaHTTP Meson: Minor cleanup of pdns module Meson: Replace global arguments with project arguments Meson: Get rid of from_git Meson: Restore mmap module Meson: Split the geoip, mmdb and yaml-cpp modules Meson: Revert the integration of detecting tm-gmtoff in YaHTTP Meson: Get rid of the meson modules archive Meson: Enable sqlite3 when the dep is activated by the backend Meson: Whitespace cleanup Meson: Use the .so prefix for backend modules on all platforms Meson: Small cleanup of sanitizer module Meson: Rework backend handling to fix some issues Meson: Be more accurate with which files are built for which target Meson: Don't fail on platforms where the linker doesn't support help text Meson: Fail when source fortification is requested on a debug build Meson: Better handling of relro and support full relro Meson: Fix libdecaf's detection of header file location Meson: libpdns sodium, libdecaf and sqlite3 support Meson: Don't build sqlite3 support as part of libpdns base Meson: Revert "Full RELRO" since it breaks auth backends Meson: Fix broken backends with "Full RELRO" Meson: Rename fortify-source to hardening-fortify-source Meson: Remove "Full RELRO" option Meson: Move fortify-source out of the normal set of hardening features Meson: Hardening - Control Flow Protection Meson: Hardening - Stack Clash Protection Meson: Boost: Set have_boost_1_48_0 when we find boost >=1.48.0 Meson: Boost: Define BOOST_CONTAINER_USE_STD_EXCEPTIONS Meson: protozero Meson: Cleanup the handling of unit tests and extra tools Meson: Add ext/luawrapper dependency Meson: Detect C++ filesystem library Meson: Consistent naming of dependencies wrapping generated sources Meson: Cleanup libpdns_auth_sources Meson: Introduce libpdns_common a shared library between all tools Meson: Build pdns-auth-control Meson: Small addition to libpdns_bind_parser Meson: Move more stuff to libpdns_common Meson: Build pdns-zone2sql Meson: Rename libpdns_bind_dnssec_schema Meson: Build pdns-zone2ldap Meson: Build pdns-zone2json Meson: Cleanup linking of pdns-util Meson: Make building of libpdns_tsig conditional Meson: Move libpdns-minicurl out of libpdns-lua-records Meson: Move more files to libpdns_common Meson: Build pdns-sdig Meson: Move more files to libpdns_common Meson: Build pdns-calidns Meson: Create libpdns_cdb and use it in the tinydnsbackend Meson: Build pdns-dumresp Meson: Refactor the building of tools and their libraries Meson: Build pdns-kvresp Meson: Move more files to libpdns-common Meson: Build pdns-stubquery Meson: Create libpdns_dnssecinfra and libpdns_stubresolver, Meson: Build pdns-saxfr Meson: Rename generated source file variables Meson: Properly add the yaml-cpp and boost-test dependencies Meson: Cleanup pdns/meson.build Meson: Cleanup the fuzz-targets module Meson: Cleanup and rework the platform module Meson: Fix dnslabeltext being generated several times Meson: Build all auth-related tools and tests Meson: Adapt to file renames Meson: Minor cleanup Meson: Fix when dep_cdb is not available Meson: Add apidocfiles.h to libpdns_auth build Meson: Don't make tsigutils and verifier optional Meson: Fix apidocfiles header file generation Meson: Fix bind DNSSEC schema generation Meson: Build unit tests even if backend unit tests aren't enabled Meson: Rename tsig_tests to tsig-tests Meson: Cleanup some of the tool listings Meson: Create a variable for every tool built Meson: Rework the building of conditional sources Meson: ipcipher is conditionally built by #ifdefs Meson: lua-base4 is not optional for auth Meson: Define BOOST_CONTAINER_USE_STD_EXCEPTIONS on the command-line Meson: Refactor boost test handling Meson: Refactor yaml-cpp handling Meson: Refactor sqlite3 handling for module-gsqlite3 Meson: Minor refactor of platform detection Meson: Refactor handling of module-lmdb dependencies Meson: Finish refactoring of how module dependencies are handled Meson: Rename the source file cache Meson: Add tests for remotebackend Meson: Cleanup naming scheme for some common libraries Meson: Disable libssl engine support for auth Meson: Update funnytext Meson: Rework how ext/ is handled Meson: Refactor the tools and build a single libpdns_common Meson: Don't import the fs module at the toplevel Meson: Refactor into a single file Meson: Define HAVE_CLOCK_GETTIME Meson: Move dnslabeltext to a separate library Meson: Move signers-pkcs11 to a separate library Meson: Build remotebackend tests Meson: Avoid bare static_libraries Meson: Fix remotebackend tests and add unit-tests-verbose option Meson: Change how the auth testrunner test object is created Meson: Don't add apidocfiles and bind-dnssec-schema to common sources Meson: Separate test files from common files Meson: Link decaf, sodium and openssl signers as whole Meson: Minor cleanup Meson: Create a ninja target to generate man pages Meson: Format C++ feature test files Meson: Fix when the LDAP module is disabled Meson: Fix pdns-auth-util linking against backend modules Meson: Fix when unit-tests-backends is enabled but module-remote isn't Meson: Fix curl program lookup Meson: Fix decaf/openssl/sodium signers build dependencies Meson: Silence sign compare warnings for bindlexer and bindparser Meson: Fix ssqlite3 build on MacOS Meson: Fix missing dependency for auth testrunner Revert "Meson: Fix missing dependency for auth testrunner" Meson: Fix passing thread dependency on platforms that need it Meson: Remove unit-tests-verbose and favor meson test --verbose Meson: Use include_directories for pgsqlbackend Meson: Improve (and fix) libdecaf detection Meson: Rework libdecaf header file detection Meson: Integrate libdecaf library and header detection Meson: Fix lmdb-safe needs gettime Meson: Add system build flag Meson: Add basic support for systemd service file Meson: Add systemd feature support for service files Meson: Support pdns-auth and ixfrdist service files Disable clang-tidy performance-avoid-endl check Auth: Add debug logging to UeberBackend and BackendMakerClass Meson: Move modules handling to modules/ dir UeberBackend cleanups Auth/meson: Don't fail if compiler doesn't support trivial-auto-var-init Auth: Adapt backend regression tests harness to Meson builds Meson: Integrate auth geoip backend regression test Rename PDNS_MESON_PATH to PDNS_BUILD_PATH Guillaume-Jean Herbiet (4): dnsdist: Clarify server status methods and attributes documentation dnsdist: typo in server status description dnsdist: further clarify `Server:isUp` method dnsdist: typo in `Server:isUp` description Jacob Bunk Nielsen (1): Link to existing documentation for DNSNameSet. Jasper Spaans (1): improve readability of affected versions in advisory 2024-02 Jindrich Roessler (1): updated KSK and ZSK Rollover procedures, small fixes in Algorithm Rollover procedure Josh Soref (5): Improve issue template options Improve rst for lua-records Clean up SSQLite3::~SSQLite3 Allow build-tags to run on forks Clarify workflow name Karel Bilek (1): Do shuffle TCP responses except *XFRs Kees Monshouwer (5): auth, extend the systemd startup timeout during lmdb schema migrations auth: fix cname wildcard and other records auth: wildcard CNAME trump other records auth: do not disable ns records at apex in consumer zones auth: catalog, include groups in hash calculation Ludovic Ortega (2): fix(doc): incorrect setting `query_local_address` fix: replace missing query_local_address Morten Stevens (1): Change home directory to /var/lib/pdns Nate Baker (1): Allow setting notify_allowed on zones in Recursor API Neil Cook (1): Update Dynamic DNS Update Docs with GSS-TSIG Nico Vaatstra (2): Supervisor in Auth container image Minor docs change regarding supervisord in Kubernetes Otto Moerbeek (257): rec: introduce command to set aggressive NSEC cache size rec: fix time_t truncation warnings from coverity by annotating them. The nod code sets up the SBF DBs before starting the thraed, no need for protection Another bunch of coverity fixes Another set of coverity fixes Another set of coverity fixes, these are a bit more tricky Sometimes, coverity and clang-tidy do not agree Prep for rec-5.0.0-rc1 Fine tune EOL policy Apply suggestions from code review Disabling structured logging is deprecated rec: lower default max-qperq limit. Remove redundant word US English Remove redundant coverity annotation rec: rng and entropy-source are not longer processed Respect RUNTIME_DIRECTORY as a default for socket-dir Use correct compile time values for the NOD and UDR dirs Beter default value (saying "it depends") in generated docs for settings Zap symlinks Move mtasker.?? to recursordist Reformat Tidy Move (instead of include) mtasker.cc to mtasker.hh rec: Always set the two new vars in the Makefile, follow up to 13588 Move change to version 5.1.0 More reorg and tidy Prep for rec-5.0.0-rc2 Prepare for rec-5.0.1 final release Refactor RPZ download thread code iputils: avoid unused warnings on !linux RPZ notify rec: Avoid raw pointers by using a referrence wrapper inside a variant Reformat and tidy annotations Tidy Add test, only clear cache if the notify wasn't for an RPZ 1528464 COPY_INSTEAD_OF_MOVE 1531280 COPY_INSTEAD_OF_MOVE Docs 1524930 COPY_INSTEAD_OF_MOVE 1524920 COPY_INSTEAD_OF_MOVE 1524908 Use of auto that causes a copy Cleanup of code doing SNMP OID handling Fix typos in annotations: 1524912 COPY_INSTEAD_OF_MOVE and 1524842 COPY_INSTEAD_OF_MOVE 1524889 COPY_INSTEAD_OF_MOVE 1524911 Use of 32-bit time_t 1524944 Use of 32-bit time_t Process comments from review by @rgacogne, thanks! Process comments from review by @rgacogne, thanks! Rate limit the notifies per zone to max 1 per 5 sec (less if refresh is lower) Make the refresh 1 again, to work around the new rate limiting rec: fix YAML conversion test rec: fix Coverity issues in new RPZ code rec: update to cargo 1.75 and updated Cargo dependencies Tidy filterpo.?? (reaching into iputils.hh as well). auth: fix gss regression test rec: tidy ResolveContext Actually, ResolveContext is not optional Fix async callbacks in unit tests now that ResolverContext is no longer an optional Avoid a cases of `an exception may be thrown in function '' which should not throw exceptions (bugprone-exception-escape)` one last lint dnsdist: make sure we do not allocate 16-byte aligned objects through lua(jit) Experiment rec: CVE-2023-50387 and CVE-2023-50868 Prep for 2024-01 rec: skip a few test that depend on sidnlab's public test setup that no longer works rec: fix the zoneToCache regression introduced by SA 2024-01 Test ZTC with root zone rec: add thanks to Petr Spacek to SA 2024-01 rec: dnspython's API changed wrt NSID, apply (version dependent) fix in regression test rec: log if a dnssec related limit was hit (if log_bogus is set) rec: allocate hit data in policy on demand instead of always Do not keep a ref to a lua config around in startup code Also allocate custom records via unique ptr rec: add structured logging backend that uses JSON representation rec: tidy rpzloader.?? Allow AF_INET6 as address family for framestream/dnstap streams tidy less strict cling-tidy: allow const and/or ref fields in classes rec: Don't enter wildcard qname's into the cache in the ZoneToCache function Move #define to static const string rec: prep for 5.0.3, 4.9.4 and 4.8.7 auth: on OpenBSD, try harder to send on a non-blocking socket dnsdist: update to quiche 0.20.1 rec: fix Coverity 1534473 Unintended sign extension rec: Tidy lua-recursor4.cc and lua-recursor4.hh Make a few fields (d_gettag and friends and handle) private Avoid label and goto in loop Reformat Explicit cast to do multiply in 64-bit rec: don't throttle lame servers if they are marked as dontThrottle rec: fix trace=fail regression and add regression test for it ZTC regression test does not need auths sdig: remove xpf handling rec ci: also build a rec with all optional stuff disabled Add a bunch of new compiler versions to the compiler list used by boost.m4 Pass 'full' to rec configure arg for codeql & clang-tidy run dnsdist: also handle EHOSTUNRERACH as a case for reconnecting the socket rec: fix types of two YAML settings that should be sequences of subnets Upgrade guide entry Tidy Use a single NOD / UDR DB, sahred by all threads Actually pick the newest and not the oldest file. Apply suggestions from code review Typo Make snapshot write interval settable Always check HAVE_XYZ flags with #ifdef Fix the remaining cases of #if vs #ifdef HAVE_XYZ rec: facility to resolve names via system resolver selfresolve check wip Search -lresolv (if applicable) the proper auto* way Enable explicitly only Avoid race setting serverID Comments & docs Simple test of named forward, a bit ugly as it depends on external servers Add test to also test changing forwarder. Needs ENABLE_SUDO_TESTS Apply suggestions from code review: typos in comments Sort result vector of getaddrinfo rec: remove the possiblility to disable structured logging remove unused branch in SLOG macro (ifdef RECURSOR) process review comments; move toTimestampStringMilli() to Logging namespace rec: fix netmask docs wrt deprecatd isIpX() functions Apply suggestions from code review Remove changes var and releted method, they are unused Make resolve check interval and self-resolve check settable Comment fixes, some of them only made sense for the non-shared setup Update pdns/recursordist/settings/docs-new-preamble-in.rst Use FDWrapper, modify its reset() to return the close() return value rec: fixup res-system-resolve.cc on FreeBSD: resolve.h needs netinet/in.h Explain the d_cachedir_mutex is only used for protecting init() calls rec: allow exception to proxy protocal usage for specific listen addresses Add test for proxy exception mechanism rec: mention rust compiler in compiling docs Typo rec: allow access to real/physical addresses in DNSQuestion Add basic tests for phys addresses for both regular Lua and FFI Reorder fields of DNSQuestion to avoid gaps auth docs: update primary/secondary terminology Tidy stat_t A few type fixes, mostly cosmetical rec docs: we do not have a query cache rec: a name can be present already when building the cname chain Add test for cname already present for the forward case Name the values "interface_localaddr" and "interface_remoteaddr" instead of "phys_..." Use consistent terminology in the proxy mapping docs dnsdist: syslog should be enabled by default rec: do not count RRSIGs using unsupported algorithms toward RRSIGs limit meson: don't assume libdecaf is present when declaring dependency Prep for Security Advisory 2024-02 Better wording Better wording in docs from @rgacogne dsmap_t is actually a set, rename type and a few vars Basic handling of YAML TAs and NTAs Tidy sortlist.?? Zap sortlist.?? symlinks, in preparation for move to recursordist Move sortlist.?? to recursordist YAML defs for all Lua config constructs, plus converting old-style to YAML Use a C++ array for the well-known DS record(s) Convert YAML to Lua config, including full test Build active Lua config from data structure that can be supplied by either Lua or YAML Show Lua config converted to YAML in rec_control show-yaml (re)load Lua config from either Lua or YAML Add --config support and validation of a few fields Tweaks and handle trust anchors better Basic docs of YAML specs of original Lua config Tidy Make a isValidHostname() callable from Rust that calls into DNSName::is_hostname() Better cross refs in docs, formatting Modify ZTC regression test to use YAML config Tidy rec: add a HTTPS, SVCB and NAPTR record types to be exportable via protobuf rec: fix two doc examples missing a colon Format First pass of tidy for iputils.hh Tidy iputils.cc Extra tricky part: make_unique vs new Formatting fixes One more clang-tidy case that did not happen locally: add a cast remove struct so that clang-format does not insists laying out the var init over three lines. rec: followup to 14097: missed OpenBSD specfic case Apply suggestions from code review Explain two somewhat puzzling pieces of code in comments Typo's in comments rec: mention subnets are not allowed (yet) in query-local-address/outgoing.source_address Better wording and typo rec: prep for 20240514 releases Check exit code of recursor Tweaks to make LSAN work rec: prep rec-5.1.0-alpha1 Typo in comment rec: fix version changed for incoming.edns_padding_from and incoming.proxy_protocol_from Also accept -15 (killed by SIGTERM) as exit code Fix includes Fix "var unused" warnings in tests Tidy test rec: report error when linux map limit is too low Log exceptions occuring in resolving action; do not let the worker threads die Rate limit logging for a few cases (there could be more) Use RIAA guard for d_inrun, making sure exceptions reset d_inrun Use LockGuarded construct Adjust max-mthreads if vm.max_map_count is too low Reformt Two cases of wrong var (in code not compiled) kern.max_map_count -> vm.max_map_count; from @phonedph1 Add upgrade guide item If a chain is long, refuse to add more entries to it (including metrics) Compute the auth response delay we are wiling to accept based on the number of If the chain is old, refuse to add more entries to it Rename authWaitTime() to make it explicit we're talking milliseconds Introduce a random delay before processing a request that was chained reformat Typos Stop doing a literal include of the SNMP MIB. Apply suggestions from code review rec: add a few more cases for the PB tests wrt deviceID and friends Typo in comment rec: improve docs on gettag() and gettag_ffi() typo Use actual timeout value for nsspeeds; don't throttle on short timeouts Include "notify_allowd" in zone object produced Add API test for notify_allowed rec: update to rust/cargo 1.78 and updated dependencies rec: add a few more fields to the protobuf messages Typo in comment rec: fix cases of copy instead of move, as reported by coverity rec: followup to #14221: fix timeout adjust case rec: make clippy happy Sugggestion from @rgacogne: testing the OSLimitError case should not change behaviour Format Tidy Prep for rec-5.0.6 Provide a more descriptive title for builds and leave out redundant "build" rec: prep for rec-5.1.0-beta1 rec: document vm.max_map_count can be too low Apply suggestions from code review rec: make max CNAME chain length handled settable, previously fixed at 10 rec: do not add UDR field to outgoingProtobuf answer messages rec: add nsName into outgoing protobuf request/response messages rec: count substituted remote in case of proxy protocol Add regression test for remote count when using proxy protocol rec: fix TCP case for cached policy tags Refactor test to avoid code duplciation, as suggested by @rgacogne rec: describe (roughly) memory usage dns.cc: use pdns::views::UnsignedCharView Use const ref for string arg Remove potential double SOA records if the target of a dns64 name is NODATA rec: make names of new udr settings consistent with existing scheme rec: allow recursor.conf file to contain YAML Adapt Debian packaging Adapt RH packaging Generate no more .conf-dist file Document the new approach of reading YAML from a recursor.conf file Install a small YAML default config instead of one with everything commented out rec: tweak debian install, as suggested by @zeha Add test for duplicate SOA record in the dns64/NODATA case Also use variable suffix for file when reloading YAML-Lua config rec: specialize rel/rec-5.1.x branch to rec only workflows Peter van Dijk (79): clarify that the mssql password is not a secret auth docs: add note about EL9 and SHA1 add ubuntu-noble build target and test it daily one sentence per line auth: set catalog field in gsql getAllDomains auth-4.8.4: secpoll&docs ixfrdist tests: refactor one function a bit regression-tests.auth-py/clientsubnetoption.py: fix equality operator auth-py tests: test ECS in ALIAS forwarding only use the scope from the answer add testECSNone remove isValid format dnsproxy.{cc,hh}, ednssubnet.{cc,hh}, stubresolver.cc cleanups from clang-tidy docs&secpoll for auth-4.9.0-alpha1 pdns-builder: update to newest, removes fakeroot usage auth LUA createForward: allow non-hex word prefix small refactor tidy: avoid pointer math tidy: fix short variable name tidy: use .empty() tidy: this function is not really complex, just long fix false check positive on modified submodule Revert "Debian Trixie builder: install fakeroot pkg" also recognise uppercase hex note changed query in updating.rst reference instead of copy, and move some code for clarity bit of formatting getAllDomains catalog: avoid useless copy auth LUA: new dblookup() function auth debian: adjust option names in shipped configs auth API: reject priority element in record, closes #12657 code review from otto, thanks fix formatting lmdb: remove mapasync mode, it was always a lie auth 4.9.0-beta2: docs&secpoll remotebackend tests: report exit value correctly don't log from destructors, g_log might be gone already (thanks asan) remotebackend tests: do pass empty array remotebackend tests: use unsigned domain_id (thanks ubsan) auth LUA dblookup: switch qtype argument to int nits auth debian: adjust option name in shipped postinst fix NUL string literal auth LUA: support returning empty set in filterForward simplify return type usage secpoll & docs for dnsdist 1.9.1 fix formatting .dockerignore: adjust for https://github.com/docker/buildx/issues/850 auth-4.9.0: docs&secpoll EOL auth 4.6 add ubuntu noble to default build targets add pkghashes-ubuntu-noble auth gmysql: deprecate gmysql-ssl flag, enable connection timeout ixfrdist: use IPV6_V6ONLY on listening sockets, closes #13878 auth API cryptokeys: skip SHA1 and GOST DSes, closes #13950 pdnsutil: move GOST DSes behind verbose flag, like SHA1 add NOLINT because showZone is big auth smysql: remove unused var longer variable name for clang-tidy add auth-4.9.x and dnsdist-1.9.x to daily build test accept the complexity of this function for now auth, rec: update option text and docs to clarify logging is to stderr, not stdout clang-tidy: more descriptive variable name more clang-tidy rec: also look for __res_query symbol fix typo pdnsutil check-zone: accept LUA A/AAAA as SVCB address targets auth LUA: (optionally) drop whitespace on join security advisory 2024-02: fix formatting auth docs, clarify that dnsupdate-require-tsig is new in 5.0 sdig.1: format example commands better auth-4.9.1: changelog&secpoll add entry for #14251 add 14253, add some credits builder update: better ubuntu/deb distro naming in package versioning auth geoipbackend: link C++ filesystem lib if necessary auth geoipbackend meson: link C++ fs lib if needed auth docs: remove stray backquote Remi Gacogne (371): dnsdist: Add an option to set the SSL proxy protocol TLV dnsdist: Add Proxy Protocol v2 support to `TeeAction` dnsdist: Allow setting the action from `setSuffixMatchRule{,FFI}()`'s visitor dnsdist: Document that the `responses` metric changed in 1.8 dnsdist: Add `NetmaskGroup:addNMG()` to merge Netmask groups dnsdist: Fix a spurious whitespace dnsdist: Better description suggested by Otto in the documentation dnsdist: Document the content of proxy payload added via TeeAction dnsdist: Make the max size of entries in the packet cache configurable dnsdist: Delint test-dnsdistpacketcache_cc.cc dnsdist: Delint test-dnsdistpacketcache_cc.cc a bit more dnsdist: Improve `NetmaskGroupRule`/`SuffixMatchNodeRule`, deprecate `makeRule` dnsdist: Stop using `makeRule` in our tests dnsdist: Document that passing a string to add*Action is deprecated dnsdist: Apply clang-tidy comments dnsdist: Add regression tests for the new multiple strings syntax dnsdist: Update the example configuration, as suggested by @phonedph1 dnsdist: Clarify the passing a string/list of strings to add*Action() is deprecated dnsdist: Add regression tests for deprecated but not yet removed items dnsdist: Spoof a raw response for ANY queries dnsdist: Fix clang-tidy warnings dnsdist: Remove left-over commented code in test_Caching.py rec: Fix a dangling reference in Lua's UDP Query Response callback dnsdist: Add a Lua FFI way to know if the query was received over v6 dnsdist: Add a helper to hash arbitrary data from Lua FFI dnsdist: Fix a clang-tidy warning dnsdist: Fix a small race in the NetworkListener dnsdist: Delint dnsdist-lua-network.cc dnsdist: Fix a race in the async regression tests dnsdist: Add `PayloadSizeRule` dnsdist: Implement DNSResponseAction.Truncate and TCResponseAction() dnsdist: Add unit tests for PayloadSizeRule dnsdist: Fix a clang-tidy warning dnsdist: Fix a clang-tidy warning in the rules unit tests dnsdist: Refactor QUIC tests so that they can be used for DoQ and DoH3 dnsdist: Handle HTTP/3 error responses dnsdist: Fix clang-tidy warnings dnsdist: Add showDOH3Frontends() dnsdist: Split the DoH3 event handling loop off the main one dnsdist: More delinting of the DoH3 code dnsdist: Allow enabling incoming PROXY protocol on a per-bind basis dnsdist: Fix a few clang-tidy warnings dnsdist: Delint dnsdist-tcp.cc dnsdist: Rename 'allowProxyProtocol' to 'enableProxyProtocol' dnsdist: Apply Otto's suggestion for the qtypeForAny parameter dnsdist: Fix compilation issue dnsdist: Add a cache-miss ratio dynamic block rule dnsdist: Delint test-dnsdistdynblocks_hh.cc dnsdist: Require a minimum cache-hit ratio in `DynBlockRulesGroup:setCacheMissRatio()` dnsdist: More delinting dnsdist: Format dnsdist-dynblocks.hh dnsdist: Yet more delinting dnsdist: No need to multiply 1.0 in cache-miss ratio dynblocks dnsdist: Add `QNameSuffixRule` dnsdist: Add regression tests for DNS header set/get via Lua FFI dnsdist: Send a HTTP 400 response to HTTP/1.1 clients dnsdist: ChangeLog and secpoll update for 1.9.0-alpha4 dnsdist: Document that `makeRule` and friends are deprecated in the upgrade guide dnsdist: Fix formatting issues in the documentation dnsdist: Fix documentation issues reported by Habbie dnsdist: Fix a typo in the documentation dnsdist: Clarify the Lua FFI DNS header set/get regression tests dnsdist: Uh, phrasing! tcpiohandler: Added a comment explaining the HTTP/1.1 addition to ALPN dnsdist: Clarify that `TCResponseAction` removes all records dnsdist: Add 13564, 13592 and 13594 to the ChangeLog dnsdist: Fix `DynBlockRulesGroup:removeRange`'s version in the docs dnsdist: ChangeLog and secpoll update for 1.8.3 CI: Enable more compiler hardening options during our CI run dnsdist: Fix a bug in the TCP connection metrics dnsdist: Fix Coverity warnings dnsdist: Fix clang-tidy warnings in the DownstreamState bindings dnsdist: Fix 'Bugs Fixes' -> 'Bug Fixes' in the ChangeLog dnsdist: More clang-tidy fixes dnsdist: Handle congested DoQ streams dnsdist: Set the DNS over HTTP/3 default port to 443 dnsdist: Also fix the DoH3 default port in the DoH3 guide dnsdist: Document `showDOH3Frontends` dnsdist: Document how to advertise HTTP/3 support over HTTP/2 dnsdist: Fix alt-svc typo in the documentation example dnsdist: Fall back to libcrypto for authenticated encryption dnsdist: Reformat dnsdist-crypto.cc dnsdist: Delint dnsdist-crypto.cc dnsdist: More delinting in dnsdist-lua-bindings.cc dnsdist: Delint dnsdist's console code dnsdist: Fix compilation of the console dnsdist: Split the DoQ 'readable stream' handling code to a function dnsdist: Loop on `quiche_conn_stream_recv()` until done dnsdist: Split DoQ 'socket readable' to a separate function dnsdist: Split DoH3 'socket readable' to a separate function Socket: Return the remote peer from Socket::recvFromAsync dnsdist: Read as many DoQ packets as possible dnsdist: Read as many DoH3 packets as possible Socket: Prevent alloc+copy in Socket::recvFromAsync() dnsdist: Handle early data in DoQ/DoH3 dnsdist: Try flushing egress data after processing readable streams dnsdist: Delint DoQ and DoH3 dnsdist: Re-format doh3.cc and doq.cc dnsdist: Avoid a few more allocations in the DoQ code dnsdist: Clean up the Lua objects before exiting rec: Fix the version of alabaster when building the doc dnsdist: Fix the version of alabaster when building the doc dnsdist: Enable PMTU discovery and disable fragmentation on QUIC binds dnsdist: Grant unidirectional HTTP/3 streams for DoH3 ci: Update upload-artifact and download-artifact to version 4 rec: Fix a potential null deref in MTasker::schedule() rec: Fix a clang-tidy warning in test-mtasker.cc build-packages: Fix the handling of provenance artifacts dnstap: Fix a missed optimization reported by Coverity dnsdist: Fix a missed optimization reported by Coverity dnsdist: Move the console socket instead of copying it dnsdist: Update Quiche to 0.20.0 dnsname: Optimize parsing of uncompressed labels dnsname: Use a view instead of pointer arithmetic in DNSName::packetParser() dnsname: Remove a redundant comparison reported by CodeQL dnsdist: Better error messages when failing to load the XDP map dnsdist: Prevent a false-positive warning from the compiler dnsdist: Add an option to easily disable XDP logging (default) dnsdist: Pass-through TCP packets from XDP dnsdist: Punt fragmented UDP dgrams to the kernel in xdp-filter dnsdist: Fix parameter validation with XSK dnsdist: Add comments to the XSK code dnsdist: Add a `XskSocket::getMetrics()` binding dnsdist: Fall-back to non-XSK for too large responses dnsdist: Small cleanup of the XSK code dnsdist: Better detection of libbpf and libxdp dnsdist: Fix AF_XDP (XSK) detection dnsdist: Minor clean ups in the XSK code dnsdist: Fix a UMEM corruption in XSK dnsdist: Cleanup of the XSK code, fixing alignment issues dnsdist: Refactor the XSK code into a proper namespace dnsdist: Get rid of memory allocations in the XSK hot path dnsdist: Fix XSK between dnsdist and its backends dnsdist: Clean up and reorganize XSK code dnsdist: Format and delint the XSK code dnsdist: Revert the now unneeded changes made to dnsdist-healthchecks xdp.py: The ports set is now unused in XSK mode dnsdist: Report the `AF_XDP` feature dnsdist: Document the XSK feature dnsdist: Add xsk, xskmap and umem to the spellchecker allow-list dnsdist: Fix XSK/AF_XDP detection dnsdist: We need the regular, non-XSK threads as well! dnsdist: Fix a clang-tidy warning dnsdist: Add default values for the map and number of frames in `newXsk` dnsdist: Install libbpf and libxdp in our CI image dnsdist: Log whether UDP queries are forwarded via XSK dnsdist: Fix XSK over IPv6 dnsdist: Log whether we are using XSK, and which mode (native or emulated) dnsdist: Cosmetic fixes for XSK dnsdist: Refactor XSK support between dnsdist and the backends dnsdist: Properly delay response packets in incoming-only XSK mode dnsdist: Clear the XSK responder notification queue right away dnsdist: Enable XSK (AF_XDP) on supported OSes dnsdist: Hopefully fix building with/without XDP in CI dnsdist: Switch to Debian 12 for our Docker image, enable XSK dnsdist: Relax file descriptor check for XSK-enabled backends dnsdist: Fix warnings from clang-tidy dnsdist: Implement proper parameters handling in the XDP helper dnsdist: Fix more clang-tidy warnings dnsdist: Update the XSK documentation for recent changes spell-check: Allow libxdp dnsdist: ChangeLog and secpoll update for 1.9.0-rc1 dnsdist: Properly detect whether `bpf_xdp_query` is available dnsname: Remove useless resize, we always resize again right after it dnsname: Use `static_cast` instead of C-style casts dnsdist: Add a fuzzing target for the XSK code dnsdist: Fix formatting of fuzz_xsk.cc ci: Exclude the fuzzing/corpus dir from the 'no binary files' check dnsdist: The 1.9.0-rc1 release has been moved to the 30th dnsdist: Apply Charles-Henri's suggestions (thanks!) dnsdist: Fix typos in the AF_XDP documentation dnsdist: Document AF_XDP's limitations dnsdist: Better handling of short, non-initial QUIC headers dnsdist: Fix a warning reported by Coverity dnsdist: Improve the documentation around TLS certificates and keys dnsdist: Refactor the rules (selectors and actions) documentation dnsdist: Add regression tests for eBPF blocks (static / dynamic) dnsdist: Enable eBPF regression tests in our CI dnsdist: Reduce the timeout on Dynamic Block tests expected to fail dnsdist: Preserve 'LLVM_PROFILE_FILE' in sudo-enabled regression tests dnsdist: Add a Lua maintenance hook dnsdist: Clear the Lua maintenance callbacks before exiting dnsdist: Apply suggestions from code review, delint dnsdist: Implementation reloading of TLS certs/keys for DoQ and DoH3 dnsdist: Document certs/keys reloading for DoQ and DoH3 dnsdist: Add a regression test for DoQ certs/keys reloading dnsdist: Delint the 'reloadCertificates' methods dnsdist: Fix an issue spotted by TSAN: we need to use atomic_load_explicit along with atomic_store_explicit dnsdist: Fix newServerPolicy, add regression tests for custom policies dnsdist: Prevent useless allocation+copy in `setPoolServerPolicy` dnsdist: Fix a missing explicit atomic load of the Quiche configuration dnsdist: Fix performance inefficiencies reported by Coverity dnsdist: Clarify that setSuffixMatchRule blocks per suffix, not labels dnsdist: ChangeLog and secpoll update for 1.9.0 final! dnsdist: Fix outdated definition for `addMaintenanceCallback()` dnsdist: Move `linux/*.h` headers to xsk.cc to fix warnings dnsdist: Update the EOL statements dnsdist: Fix the EOL statements (c/p paste mistake from the Recursor) rec: Fix gathering of denial of existence proof for wildcard-expanded names rec: Add a unit test for the gathering of denial of existence proof for wildcard-expanded names dnsdist: Fix HTTP/1 -> HTTP/2 mistake in the upgrade notes rec: Fix clang-tidy warnings rec: Apply Otto's suggestions dnsdist: Use a view for parsing ALPN data, add a regression test Add missing views.hh reference in the Makefiles dnsname: Fix formatting issue dnsdist: Remove symbolic links for dnsdist-specific files dnsdist: Move dnsdist-specific files dnsdist: Format moved files dnsdist: Delint dnsdist-carbon.cc dnsdist: Delint dnsdist-cache.cc dnsdist: Delint test-dnsdistpacketcache_cc.cc dnsdist: Delint dnsdist-dnscrypt.cc dnsdist: Delint test-dnsdist_cc.cc dnsdist: Delint dnsdist-dynbpf.cc dnsdist: Delint dnsdist-lua-actions.cc dnsdist: Delint dnsdist-lua-bindings-dnsquestion.cc dnsdist: Delint dnsdist-lua-bindings.cc dnsdist: Delint dnsdist-lua-rules.cc dnsdist: Delint dnsdist-lua-inspection.cc dnsdist: Delint dnsdist-rings.cc dnsdist: Fix formatting in dnsdist-lua-bindings-dnsquestion.cc dnsdist: Delint dnsdist-lua.cc and dnsdist-snmp.cc dnsdist: Delint dnsdist-protocols.cc dnsdist: Delint dnsdist-lua-vars.cc dnsdist: Fix formatting issues dnsdist: Delint dnsdist-ecs.cc dnsdist: Delint dnsdist-web.cc dnsdist: Delint dnsdist-xpf.cc dnsdist: Delint dnsdist.cc dnsdist: Delint dnsdist-protobuf.cc dnsdist: Move dnsdistconf.lua to dnsdistdist/ dnsdist: Remove dangling sodcrypto.cc and sodcrypto.hh symbolic links dnsdist: Return the correct TLS provider for DoQ and DoH3 frontends dnsdist: Simplify the handling of rule chains validate: Remove unused harvestCSPFromRecs() dnsdist: Fix clang-tidy warnings dnsdist: Fix first IPv6 console connection being rejected dnsdist: Add a regression test for IPv6 console connections dnsdist: Properly handle a failure of the first lazy health-check dnsdist: Fix exponential backoff computation in edge cases dnsdist: Fix XSK-enabled check when reconnecting a backend dnsdist: Shrink InternalQueryState's size by reordering its fields dnsdist: Add a new response chain for XFR responses misc: Implement pdns::UniqueFilePtr dnsdist: Switch to `pdns::UniqueFilePtr` rec: Switch to `pdns::UniqueFilePtr` auth: Switch to `pdns::UniqueFilePtr` Mark the `pdns::UniqueFilePtr` deleter `const noexcept` Fix clang-tidy warnings Add `pdns::openFileForWriting()` to control permissions when creating a file Fix clang-tidy warnings, again dnsdist: Properly account the failure to forward a query to a backend dnsdist: Document that cache hits go into the ring buffer since 1.8.0 auth: Wrap SSql pointers in a unique pointer earlier Move the version (and hashes) of external dependencies to JSON files Add license, publisher information to the external deps data Fix recursor builds: we now require `jq` during the `dist` phase Fix recursor builds: fix invalid path for builder-support/helpers Attempt to generate SBOMs after building packages Hopefully fix SBOM generation Disable SBOM generation on el-7 (almost EOL), fix it on el-8 Fix syntax errors SBOM: Fix the builder target variable rec: Correctly count NSEC3s considered when chasing the closest encloser SBOM: Dynamically generate the list of auth-related packages dnsdist: Increase the HTTP/1.1 query counter when DoH with 1.1 ALPN dnsdist: Remove commented out include directive dnsdist: Properly increase the HTTP connections counter w/ nghttp2 dnsdist: Add a regression test for DoH connection counters dnsdist: Fix formatting in dnsdist-nghttp2-in.cc dnsdist: Support "no server available" result from Lua FFI LB policies dnsdist: Fix a null-deref in incoming DoH w/ nghttp2 dnsdist: Release incoming TCP connection right away on backend failure dnsdist: Release failed TCP backend connections more quickly FDWrapper: Do not try to close negative file descriptors dnsdist: Add a new query rules chain triggered after a cache miss dnsdist: Add regression tests for the new cache-miss rules chain dnsdist: Clarify how to return 'no server available' from the FFI policies dnsdist: Fix clang-tidy warnings dnsdist: Delint test-dnsdistlbpolicies_cc.cc FDWrapper: Always reset the internal descriptor to -1 auth: Wrap backend factories in smart pointers auth: Properly finalize PKCS11 modules before releasing them ci: Enable LeakSanitizer during dnsdist and recursor unit tests dnsdist: Update ChangeLog and secpoll for DNSdist 1.9.2 auth: Use smart pointers in the remote backend unit tests dnsdist: Document how to generate a console key without dnsdist dnsdist: Document the `-C /dev/null` trick to generate a key as well dnsdist: Fix "C++ One Definition Rule" warnings in XSK dnsdist: Fix a crash in the Downstream TCP handler dnsdist: Update secpoll and ChangeLog for 1.9.3 dnsdist: Fix DNS over plain HTTP broken by `reloadAllCertificates()` dnsdist: Update tuning/design documentation for DoQ and DoH3 dnsdist: Use the correct source IP for outgoing QUIC datagrams dnsdist: Add regression for destination address harvesting with QUIC dnsdist: Fix clang-tidy warnings auth: Remove trailing tab in builder-support/specs/pdns.spec dnsdist: Change home directory to /var/lib/dnsdist on EL-based OSs rec: Change home directory to /var/lib/pdns-recursor on EL-based OSs dnsdist: Fix home directory location comment in the EL spec rec: Fix home directory location comment in the EL spec dnsdist: Fix a crash in incoming DoH with nghttp2 dnsdist: Update Quiche to 0.21.0 dnsdist: Reply to HTTP/2 PING frames immediately dnsdist: Fix TCP I/O timeout and callback being used for HTTP/2 dnsdist: Log the correct amount of bytes sent for DoH w/ nghttp2 dnsdist: Make `IncomingTCPConnectionState::updateIOForAsync` dnsdist: Simplify IncomingTCPConnectionState::updateIO() dnsdist: Enable memory leak detection in CI during regression tests dnsdist: Detect memory leaks during regression tests in CI dnsdist: Implement an "atExit" Lua callback to clean up leftovers dnsdist: Suppress a warning from TSAN about our signal handler build-packages: Update download-artifact to v4 dnsdist: Update the secpoll zone and the ChangeLog for 1.9.4 dnsdist: Fix handling of XFR requests over DoH dnsdist: Add security advisory 2024-03 for DNSdist dnsdist: Fix the PR number in the ChangeLog dnsdist: Fix a warning when compiling the unit tests without XSK dnsdist: Prevent a race when calling `registerWebHandler` at runtime dnsdist: Clean up DynBlock defaults dnsdist: Add the ability to set tags from dynamic block rules dnsdist: Add a regression test for the Dynamic cache miss ratio case dnsdist: Add a SetTag dynamic rule action dnsdist: Add a regression test for Dynamic rules SetTag action dnsdist: Fix formatting dnsdist: Handle dynamic rules' tag action from Lua dnsdist: Handle dynamic rules addition with the new tag action from Lua FFI dnsdist: Document the new tag action options for dynamic rules dnsdist: Fix clang-tidy warnings dnsdist: Remove XPF support dnsdist: Get rid of assert() auth: Fix memory leaks in the bind file format parser Delint the DNSCrypt code base dnsdist: Remove DNSCrypt symbolic links dnsdist: Move the DNSCrypt files to pdns/dnsdistdist/ dnsdist: Format DNSCrypt code rec: Skip NSEC records signed by a subzone when validating a denial proof rec: Check denial in positive {C,D}NAME answers expanded from a wildcard auth: Enable LeakSanitizer while running the unit tests in CI dnsdist: More delinting in test-dnscrypt_cc.cc dnsdist: Reformat dnsdist-lua-bindings-dnscrypt.cc dnsdist: Delint dnsdist-lua-bindings-dnscrypt.cc auth: Fix a memory leak report in the distributor unit tests dnsdist: Document that 'tagValue' can be omitted for tag actions dnsdist: Hopefully make the "passing the source a…
One of my GitHub Actions involves a build which uses a
.dockerignore
file that basically looks like this:The intent is to automatically ignore anything that isn't expressly specified later in the file.
Up until today, on my GitHub Actions, this worked without any issue. Today, however, I started getting failed builds:
Removing the
.dockerignore
file caused the problem to be resolved and the build to continue as normal. Something has changed in the last 24 hours with some part of the stack that enables building Docker images via Buildkit on GitHub Actions that has affected how the.dockerignore
file is parsed.My GitHub Actions report that my current version of buildkit is
moby/buildkit:buildx-stable-1 => buildkitd github.com/moby/buildkit v0.9.3 8d2625494a6a3d413e3d875a2ff7dd9b1ed1b1a9
The text was updated successfully, but these errors were encountered: