build(deps): bump github.com/xtls/xray-core from 1.8.17 to 1.8.21

[dependabot[bot]]

Bumps github.com/xtls/xray-core from 1.8.17 to 1.8.21.

Release notes

Sourced from github.com/xtls/xray-core's releases.

Xray-core v1.8.21

SplitHTTP for HTTP/3, the last hope of *ray's QUIC

正如 v1.8.16 所预告的，SplitHTTP 现已初步支持 HTTP/3（QUIC）。

尽管你可以直接设置并连接 SplitHTTP H3 服务端，但更推荐的做法是 在服务端前套一个反代软件，这样才可以使用 BBR。 当然你也可以套一个 CDN，值得一提的是，在近期的 UDP 封锁潮中，尚未有人报告 CDN 的 QUIC 端口也会被封锁。

对于客户端，ALPN 选择“h3”即可。 已知问题：上行待优化、尚未支持 dialerProxy 和 uQuic，预计下个版本解决。 若你需要浏览器指纹，Browser Dialer 现已全面支持 SplitHTTP H1 H2 H3，由浏览器决定用哪个 HTTP 版本。

总之，SplitHTTP H3 是第一个完全基于标准 H3、支持套 CDN 的 QUIC 类代理，亦可用反代、Browser Dialer 来隐蔽自身。

毫无疑问，SplitHTTP H3 已经开启了一个崭新的时代。

Features

• SplitHTTP 服务端支持 HTTP/3 #3554 @​ll11l1lIllIl1lll @​mmmray
• SplitHTTP 客户端支持 HTTP/3 #3543 @​ll11l1lIllIl1lll @​Fangliding @​mmmray
• 添加了基于 Go 1.21.4 的 Win7 构建 #3530 @​mmmray @​RPRX
• SplitHTTP 支持 Browser Dialer 浏览器转发 #3484 @​mmmray
• 新增自定义 sockopt 选项 #3517 @​Fangliding
• SplitHTTP 服务端支持 H2C，客户端支持 HTTP/1.1+TLS #3465 @​mmmray
• 优化 Browser Dialer 浏览器转发效率 #3468 @​mmmray

Fixes

• 修复 SplitHTTP H3 下行状态 200 后才开始上行的问题 https://github.com/XTLS/Xray-core/commit/0f65aa8ed803922abf9ce90ce963df54ac69af28 @​RPRX
• 修复 SplitHTTP H3 没有复用 QUIC 连接的问题 https://github.com/XTLS/Xray-core/commit/22535d86439952a9764d65119bcc739929492717 @​RPRX
• 修复 SplitHTTP H1 H2 的服务端 TLS 支持 #3567 @​mmmray
• 移除 SplitHTTP H3 不必要的 KeepAlivePeriod #3565 @​chise0713 @​Fangliding @​xqzr @​ll11l1lIllIl1lll
• 修复 SplitHTTP H3 在 v2rayNG 上的崩溃 #3559 @​ll11l1lIllIl1lll
• 修复 SplitHTTP 极小概率为同一个 sessionId 生成多个 uploadQueue 的问题 #3533 @​vrnobody @​mmmray
• 修复 WebSocket 读取了 HTTP 头 X-Forwarded-For 但未传递的问题 #3546 @​Fangliding @​mmmray
• 修复日志等级为 debug 的问题 #3535 @​abvf
• REALITY 跟随 dest 调用 CloseWrite() https://github.com/XTLS/REALITY/commit/48f0b2d5ed6dd36a84cdf23ed5970dd54c22d8e1 @​Fangliding @​RPRX
• HTTP 相关传输（WS H2 HTTPUpgrade SplitHTTP）host 容许客户端发送端口 XTLS/Xray-core#3222 @​cute @​yuhan6665
• 修复一些 SplitHTTP HTTP/1.1 连接复用的问题 #3485 @​mmmray
• SplitHTTP ok 回包的长度混淆预留 XTLS/Xray-core#3479 @​RPRX
• 修复 SplitHTTP 被一些 CDN 挂起连接的问题 #3479 @​mmmray @​Fangliding
• 修复 SplitHTTP 接收第一个数据包时长度为 0 的问题 #3473 @​maskedeken @​mmmray

Chores

• 升级所有依赖 @​RPRX @​yuhan6665
• 添加一些测试 https://github.com/XTLS/Xray-core/commit/a7e198e1e2077071a368f626f683ec0de646824d @​mmmray
• 更新 README https://github.com/XTLS/Xray-core/commit/a4bc422ed1bdfd513d0adaace6df65a1b6d08d3d @​RPRX
• 修正一些拼写 #3527 @​MHSanaei
• 更新 issue 模板 #3526 https://github.com/XTLS/Xray-core/commit/028a640b1b66bbbdd59a7b0ce45921003303ed07 @​mmmray @​Fangliding
• 重构日志代码 #3446 @​yuhan6665
• 增加容器编译标签 #3469 @​mmmray

Xray-core v1.8.20

... (truncated)

Commits

• c27d652 v1.8.21
• 0f65aa8 Fix SplitHTTP H3 waited for downResponse before uploading
• 22535d8 Fix SplitHTTP H3 didn't always reuse QUIC connection
• 529f206 Fix serverside TLS support of SplitHTTP H1/H2 (#3567)
• 964859b SplitHTTP: Remove unnecessary keepalives (#3565)
• 8deb953 v1.8.20
• a0040f1 SplitHTTP: Server supports HTTP/3 (#3554)
• d8994b7 Fix SplitHTTP H3 crash on v2rayNG (#3559)
• b277bac v1.8.19
• 9288a7c Upgrade dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarcloud[bot]]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud