Skip to content

v1.78.1-sunos
Compare
Choose a tag to compare
@github-actions github-actions released this 08 Dec 14:17
· 1 commit to sunos-1.78 since this release
v1.78.1-sunos
3192e7c

Commits

  • acb4a22: VERSION.txt: this is v1.77.0 (tailscale#13779) (Jonathan Nobels) #13779
  • 33029d4: net/netcheck: fix netcheck cli-triggered nil pointer deref (tailscale#13782) (Jordan Whited) #13782
  • f9949cd: client/tailscale,cmd/{cli,get-authkey,k8s-operator}: set distinct User-Agents (Percy Wegmann) #13786
  • 17335d2: net/dns/resolver: forward SERVFAIL responses over PeerDNS (Nick Hill) #13691
  • e7545f2: net/dns/resolver: translate 5xx DoH server errors into SERVFAIL DNS responses (Nick Hill) #13691
  • c2144c4: net/dns/resolver: update (*forwarder).forwardWithDestChan to always return an error unless it sends a response to responseChan (Nick Hill) #13691
  • f07ff47: net/dns/resolver: add tests for using a forwarder with multiple upstream resolvers (Nick Khyl) #13691
  • ecc8035: types/bools: add Compare to compare boolean values (tailscale#13792) (Joe Tsai) #13792
  • 12e6094: ssh/tailssh: calculate passthrough environment at latest possible stage (Percy Wegmann) #13793
  • avoid Fatal in ResourceCheck to show panic (tailscale#13790) #13790 (Paul Scott)
  • instrument with usermetrics #13576 (Kristoffer Dalby)
  • e0d711c: {net/connstats,wgengine/magicsock}: fix packet counting in connstats (Kristoffer Dalby) #13549
  • update license notices #13815 (License Updater)
  • 5f22f72: hostinfo,build_docker.sh,tailcfg: more reliably detect being in a container (tailscale#13826) (Tom Proctor) #13826
  • 2aa9125: cmd/derpprobe: add /healthz endpoint (Andrew Dunham) #13830
  • ff5f233: util/syspolicy: add rsop package that provides access to the resultant policy (Nick Khyl) #13718
  • 74dd24c: cmd/tsconnect, logpolicy: fixes for wasm_js.go (Christian) #13819
  • 6a885db: wgengine/magicsock: fix CI-only test warning of missing health tracker (Brad Fitzpatrick) #13835
  • d32d742: ipn/ipnlocal: error when trying to use exit node on unsupported platform (tailscale#13726) (Mario Minardi) #13726
  • 22c89fc: cmd/tailscale,ipn,tailcfg: add tailscale advertise subcommand behind envknob (tailscale#13734) (Naman Sood) #13734
  • fa95318: tool/gocross: add support for tvOS Simulator (tailscale#13847) (Andrea Gottardo) #13847
  • c0a9895: scripts/installer.sh: support DNF5 (Andrew Dunham) #13844
  • give trusted mesh peers longer write timeouts #13853 (Brad Fitzpatrick)
  • add sclient write deadline timeout metric (tailscale#13831) #13831 (Jordan Whited)
  • 874db21: ipn/{ipnauth,ipnlocal,ipnserver}: send the auth URL to the user who started interactive login (Nick Khyl) #13297
  • 877fa50: net/netcheck: remove arbitrary deadlines from GetReport() tests (tailscale#13832) (Jordan Whited) #13832
  • e711ee5: release/dist: clamp min / max version for synology package centre (tailscale#13857) (Mario Minardi) #13857
  • fd77965: net/tlsdial: call out firewalls blocking Tailscale in health warnings (tailscale#13840) (Andrea Gottardo) #13840
  • track client-advertised non-ideal DERP connections in more places #13866 (Brad Fitzpatrick)
  • 72587ab: scripts/installer.sh: allow Archcraft for Arch packages (tailscale#13870) (Erisa A) #13870
  • remove SysDNSOS, add two Warnables for read+set system DNS config (tailscale#13874) #13874 (Andrea Gottardo)
  • 0f4c9c0: cmd/viewer: import types/views when generating a getter for a map field (Nick Khyl) #13872
  • d4d21a0: net/tstun: restore tap mode functionality (Maisem Ali) #13875
  • 85241f8: net/tstun: use /10 as subnet for TAP mode; read IP from netmap (Maisem Ali) #13876
  • fix spurious warning about DERP home region '0' #13882 (Brad Fitzpatrick)
  • b2665d9: net/netcheck: add a Now field to the netcheck Report (Andrew Dunham) #13885
  • 2122704: cmd/testwrapper: add pkg runtime to output (tailscale#13894) (Paul Scott) #13894
  • 7fe6e50: net/dns/resolver: fix test flake (Andrew Dunham) #13903
  • e815ae0: util/syspolicy, ipn/ipnlocal: update syspolicy package to utilize syspolicy/rsop (Nick Khyl) #13727
  • 6ab39b7: cmd/k8s-operator: validate that tailscale.com/tailnet-ip annotation value is a valid IP (Nick Kirby) #13836
  • 853fe3b: ipn/store/kubestore: cache state in memory (tailscale#13918) (Irbe Krumina) #13918
  • 9d1348f: ipn/store/kubestore: don't error if state cannot be preloaded (tailscale#13926) (Irbe Krumina) #13926
  • 5d07c17: net/dns: fix blank lines being added to resolv.conf on OpenBSD (tailscale#13928) (Renato Aguiar) #13928
  • update license notices #13936 (License Updater)
  • c0a1ed8: tstest/natlab: add latency & loss simulation (James Tucker) #13467
  • 0d76d7d: tool/gocross: remove trimpath from test builds (James Tucker) #13439
  • 94fa6d9: ipn/ipnlocal: log errors while fetching serial numbers (Anton Tolchanov) #13938
  • 11e9676: wgengine/magicsock: fix stats packet counter on derp egress (Anton Tolchanov) #13948
  • 38af62c: ipn/ipnlocal: remove the primary routes gauge for now (Anton Tolchanov) #13947
  • 9545e36: cmd/tailscale/cli: add 'tailscale metrics' command (Anton Tolchanov) #13922
  • 0f9a054: tstest/tailmac: fix Host.app path generation (tailscale#13953) (Jonathan Nobels) #13953
  • aecb0ab: tstest/tailmac: add support for mounting host directories in the guest (tailscale#13957) (Jonathan Nobels) #13957
  • 856ea23: wgengine/magicsock: log home DERP changes with latency (Tim Walters) #13895
  • 1103044: cmd/k8s-operator,k8s-operator: add topology spread constraints to ProxyClass (tailscale#13959) (Irbe Krumina) #13959
  • 2336c34: util/syspolicy: implement a syspolicy store that reads settings from environment variables (Nick Khyl) #13855
  • 2cc1100: util/syspolicy/source: use errors instead of github.com/pkg/errors (Nick Khyl) #13968
  • 2a2228f: util/syspolicy/setting: make setting.RawItem JSON-marshallable (Nick Khyl) #13956
  • 540e4c8: util/syspolicy/setting: make setting.Snapshot JSON-marshallable (Nick Khyl) #13956
  • f81348a: util/syspolicy/source: put EnvPolicyStore env keys in their own namespace (Brad Fitzpatrick) #13967
  • e1e2278: net/netcheck: ensure prior preferred DERP is always in netchecks (James Tucker) #13970
  • 532b261: wgengine/magicsock: exclude disco from throughput metrics (Anton Tolchanov) #13949
  • b4f46c3: wgengine/magicsock: export packet drop metric for outbound errors (Anton Tolchanov) #13946
  • 45354da: ipn,tailcfg: add app connector config knob to conffile (tailscale#13942) (Irbe Krumina) #13942
  • 3f626c0: cmd/tailscale/cli, client/tailscale, ipn/localapi: add tailscale syspolicy {list,reload} commands (Nick Khyl) #13961
  • add support for "/" and "/foo" handler distinction (tailscale#13980) #13980 (Andrew Lytvynov)
  • 6985369: net/sockstats: prevent crash in setNetMon (tailscale#13985) (Andrea Gottardo) #13985
  • add support for custom CSP (tailscale#13975) #13975 (Andrew Lytvynov)
  • 84c8860: util/syspolicy: add policy key for onboarding flow visibility (Aaron Klotz) #13987
  • 49de23c: net/netcheck: add addReportHistoryAndSetPreferredDERP() test case (tailscale#13989) (Jordan Whited) #13989
  • 0ffc7bf: Fix MagicDNS on OpenBSD (Renato Aguiar) #13917
  • d09e9d9: ipn/ipnlocal: reload prefs correctly on ReloadConfig (Maisem Ali) #13979
  • 634cc2b: wgengine/netstack: remove unused taildrive deps (Brad Fitzpatrick) #13995
  • b0626ff: net/socks5: fix UDP relay in userspace-networking mode (VimT) #13999
  • 43138c7: net/socks5: optimize UDP relay (VimT) #13999
  • 45da3a4: cmd/tsconnect: block after starting esbuild dev server (Brad Fitzpatrick) #14009
  • add accessor to get tsd.System #14011 (Brad Fitzpatrick)
  • 809a6eb: cmd/k8s-operator: allow to optionally configure tailscaled port (tailscale#14005) (Irbe Krumina) #14005
  • 01185e4: types/result, util/lineiter: add package for a result type, use it (Brad Fitzpatrick) #14019
  • update license notices #14014 (License Updater)
  • 8dcbd98: cmd/derper: show more information on home page (Percy Wegmann) #13897
  • 8ba9b55: envknob,kube/kubetypes,cmd/k8s-operator: add app type for ProxyGroup (tailscale#14029) (Irbe Krumina) #14029
  • 3090461: tsweb/varz: optimize some allocs, add helper func for others (Brad Fitzpatrick) #14036
  • 2c8859c: client/tailscale,ipn/{ipnlocal,localapi}: add a pre-shutdown localAPI endpoint that terminates control connections. (tailscale#14028) (Irbe Krumina) #14028
  • 23880eb: cmd/tailscaled: support "ts_omit_ssh" build tag to remove SSH (Brad Fitzpatrick) #14038
  • c3306bf: control/controlhttp/controlhttpserver: split out Accept to its own package (Brad Fitzpatrick) #14040
  • 020cacb: derp/derphttp: don't link websockets other than on GOOS=js (Brad Fitzpatrick) #14040
  • 64d70fb: ipn/ipnlocal: log a summary of posture identity response (Anton Tolchanov) #14044
  • add a Shutdown method to the Server type (tailscale#14048) #14048 (M. J. Fromberger)
  • b9ecc50: cmd/k8s-operator,k8s-operator,kube/kubetypes: add an option to configure app connector via Connector spec (tailscale#13950) (Irbe Krumina) #13950
  • 00be176: util/codegen: treat unique.Handle as an opaque value type (Brad Fitzpatrick) #14066
  • use iterators over slice views more #14068 (Brad Fitzpatrick)
  • d8a3683: cmd/k8s-operator: restart ProxyGroup pods less (tailscale#14045) (Tom Proctor) #14045
  • e38522c: go.{mod,sum},build_docker.sh: bump mkctr, add ability to set OCI annotations for images (tailscale#14065) (Irbe Krumina) #14065
  • cf41cec: cmd/{k8s-operator,containerboot},k8s-operator: remove support for proxies below capver 95. (tailscale#13986) (Irbe Krumina) #13986
  • add a scale #14081 (Brad Fitzpatrick)
  • scale up our word count (tailscale#14082) #14082 (Naman Sood)
  • 1847f26: .github: Bump github/codeql-action from 3.26.11 to 3.27.1 (tailscale#14062) (dependabot[bot]) #14062
  • 0cfa217: .github: Bump actions/upload-artifact from 4.4.0 to 4.4.3 (tailscale#13811) (dependabot[bot]) #13811
  • 4474dce: .github: Bump actions/cache from 4.1.0 to 4.1.2 (tailscale#13933) (dependabot[bot]) #13933
  • Add scoville to scales.txt (tailscale#14084) #14084 (Walter Poupore)
  • bfe5cd8: .github: Bump actions/setup-go from 5.0.2 to 5.1.0 (tailscale#13934) (dependabot[bot]) #13934
  • f593d3c: cmd/tailscale/cli: add "help" alias for --help (Brad Fitzpatrick) #14083
  • e73cfd9: go.toolchain.rev: bump from Go 1.23.1 to Go 1.23.3 (Brad Fitzpatrick) #14101
  • 8fd471c: control/controlclient: disable https on for http://localhost:$port URLs (Brad Fitzpatrick) #14098
  • c3c4c05: tstest/integration/testcontrol: remove a vestigial unused parameter (Brad Fitzpatrick) #14113
  • 1355f62: cmd/derpprobe,prober: add ability to restrict derpprobe to a single region (Percy Wegmann) #14104
  • aefbed3: ipn,tailcfg: add VIPService struct and c2n to fetch them from client (tailscale#14046) (Naman Sood) #14046
  • 3b93fd9: net/captivedetection: replace 10k log lines with ... less (Brad Fitzpatrick) #14121
  • f1e1048: go.mod: bump tailscale/wireguard-go (Brad Fitzpatrick) #14076
  • remove unused Notify.BackendLogID #14130 (Brad Fitzpatrick)
  • implement v2 recording endpoint support (tailscale#14105) #14105 (Andrew Lytvynov)
  • 93db503: ipn/ipnlocal: add IPN Bus NotifyRateLimit watch bit NotifyRateLimit (Brad Fitzpatrick) #14120
  • da70a84: ipn/ipnlocal: fix build, remove another Notify.BackendLogID reference that crept in (Brad Fitzpatrick) #14146
  • 00517c8: kube/{kubeapi,kubeclient},ipn/store/kubestore,cmd/{containerboot,k8s-operator}: emit kube store Events (tailscale#14112) (Irbe Krumina) #14112
  • update license notices #14064 (License Updater)
  • validate Long format on Android builds #14154 (Brad Fitzpatrick)
  • fix earlier test/wording mistakes #14158 (Brad Fitzpatrick)
  • 48343ee: util/winutil/s4u: fix token handle leak (Aaron Klotz) #14157
  • 9f33aeb: wgengine/filter: actually use the passed CapTestFunc [capver 109] (Anton Tolchanov) #14067
  • 303a4a1: Make the deployment of an IngressClass optional, default to true (tailscale#14153) (James Stocker) #14153
  • ebeb5da: cmd/k8s-operator,kube/kubeclient,docs/k8s: update rbac to emit events + small fixes (tailscale#14164) (Irbe Krumina) #14164
  • ebaf33a: net/tsaddr: extract IsTailscaleIPv4 from IsTailscaleIP (tailscale#14169) (James Scott) #14169
  • change RequestID format to have a date in it #14173 (Brad Fitzpatrick)
  • 70d1241: util/fastuuid: delete unused package (Brad Fitzpatrick) #14176
  • af4c3a4: cmd/tailscale/cli: create netmon in debug ts2021 (Andrew Dunham) #14174
  • 0c8c7c0: net/tsaddr: include test input in test failure output (Brad Fitzpatrick) #14175
  • present risk warning when setting up app connector on macOS (tailscale#14181) #14181 (Andrea Gottardo)
  • c59ab6b: cmd/k8s-operator/deploy: ensure that operator can write kube state Events (tailscale#14177) (Irbe Krumina) #14177
  • 74d4652: cmd/{containerboot,k8s-operator},k8s-operator: new options to expose user metrics (tailscale#14035) (Tom Proctor) #14035
  • 462e1fc: ipn/{ipnlocal,localapi}, wgengine/netstack: call (*LocalBackend).Shutdown when tests that create them complete (Nick Khyl) #14190
  • 8e5cfbe: util/syspolicy/rsop: reduce policyReloadMinDelay and policyReloadMaxDelay when in tests (Nick Khyl) #14191
  • 50bf32a: cmd/tailscaled: flush DNS if FlushDNSOnSessionUnlock is true upon receiving a session change notification (Nick Khyl) #14194
  • 7c8f663: cmd/tailscaled: log SCM interactions if the policy setting is enabled at the time of interaction (Nick Khyl) #14195
  • 2ab66d9: ipn/ipnlocal: move syspolicy handling from setExitNodeID to applySysPolicy (Nick Khyl) #14192
  • eb3cd32: ipn/ipnlocal: update ipn.Prefs when there's a change in syspolicy settings (Nick Khyl) #14192
  • 3353f15: control/controlclient: use the most recent syspolicy.MachineCertificateSubject value (Nick Khyl) #14193
  • 36b7449: ipn/ipnlocal: rebuild allowed suggested exit nodes when syspolicy changes (Nick Khyl) #14196
  • f643118: net/netmon: catch ParseRIB panic to gather buffer data (James Tucker) #14202
  • ba3523f: cmd/containerboot: preserve headers of metrics endpoints responses (tailscale#14204) (Irbe Krumina) #14204
  • 788121f: docs/windows/policy: update ADMX policy definitions to reflect the syspolicy settings (Nick Khyl) #14217
  • 4d33f30: net/netmon: improve panic reporting from tailscale#14202 (James Tucker) #14221
  • 26de518: ipn/ipnlocal: only check CanUseExitNode if we are attempting to use one (tailscale#14230) (Mario Minardi) #14230
  • a62f718: cmd/tailscale/cli: fix format string (Nick Khyl) #14232
  • e87b71e: control/controlhttp: set *health.Tracker in tests (Andrew Dunham) #14235
  • bb80f14: ipn/localapi: count localapi requests to metric endpoints (Anton Tolchanov) #14231
  • avoid bytes.Buffer allocation (tailscale#11858) #11858 (Joe Tsai)
  • move health metrics test to health_test #14211 (Kristoffer Dalby)
  • send less data in metrics integration test #14211 (Kristoffer Dalby)
  • split bytes and routes metrics tests #14211 (Kristoffer Dalby)
  • validate sent data in metrics test #14211 (Kristoffer Dalby)
  • caba123: wgengine/magicsock: packet/bytes metrics should not count disco (Kristoffer Dalby) #14211
  • remove flaky test marker from metrics #14211 (Kristoffer Dalby)
  • f8587e3: cmd/k8s-operator: fix port name change bug for egress ProxyGroup proxies (tailscale#14247) (Irbe Krumina) #14247
  • 44c8892: Makefile,./build_docker.sh: update kube operator image build target name (tailscale#14251) (Irbe Krumina) #14251
  • 13faa64: cmd/k8s-operator: always set stateful filtering to false (tailscale#14216) (Irbe Krumina) #14216
  • a68efe2: cmd/checkmetrics: add command for checking metrics against kb (Brad Fitzpatrick) #14228
  • 24095e4: cmd/containerboot: serve health on local endpoint (tailscale#14246) (Tom Proctor) #14246
  • 8d0c690: net/netcheck: clean up ICMP probe AddrPort lookup (Brad Fitzpatrick) #14261
  • Update ServeConfig to accept configuration for Services. #14243 (KevinLiang10)
  • eabb424: cmd/k8s-operator,docs/k8s: run tun mode proxies in privileged containers (tailscale#14262) (Irbe Krumina) #14262
  • 9f9063e: cmd/k8s-operator,k8s-operator,go.mod: optionally create ServiceMonitor (tailscale#14248) (Irbe Krumina) #14248
  • efdfd54: cmd/k8s-operator: avoid port collision with metrics endpoint (tailscale#14185) (Tom Proctor) #14185
  • cbf1a4e: cmd/k8s-operator/deploy/chart: allow reading OAuth creds from a CSI driver's volume and annotating operator's Service account (tailscale#14264) (Oliver Rahner) #14264
  • aa43388: cmd/k8s-operator: fix a bunch of status equality checks (tailscale#14270) (Irbe Krumina) #14270
  • 2aac916: cmd/{containerboot,k8s-operator},kube/kubetypes: kube Ingress L7 proxies only advertise HTTPS endpoint when ready (tailscale#14171) (Irbe Krumina) #14171
  • 7406977: net/tstun: remove tailscaled_outbound_dropped_packets_total reason=acl metric for now (Brad Fitzpatrick) #14281
  • 7f9ebc0: cmd/tailscale,net/netcheck: add debug feature to force preferred DERP (James Tucker) #14283
  • df94a14: cmd/k8s-operator: don't error for transient failures (tailscale#14073) (Tom Proctor) #14073
  • 614c612: net/netcheck: preserve STUN port defaulting to 3478 (tailscale#14289) (Irbe Krumina) #14289
  • 87546a5: cmd/derper: allow absent SNI when using manual certs and IP literal for hostname (Brad Fitzpatrick) #14291
  • 0267fe8: VERSION.txt: this is v1.78.0 (Nick Khyl)
  • 2690b47: Revert "VERSION.txt: this is v1.78.0" (Brad Fitzpatrick) #14300
  • fix TestHealthMetric to pass on release branch #14300 (Brad Fitzpatrick)
  • c80eb69: VERSION.txt: this is v1.78.1 (Brad Fitzpatrick) #14300
  • 47db314: illumos/solaris support rebased onto 1.78.1 (Nahum Shalman)
  • 3192e7c: build tailscale client (Kevin Meziere)
Assets 10
Loading