The-NeXT-Project / NeXT-Server

Next generation proxy server.
https://nextpanel.dev
GNU General Public License v3.0
73 stars 18 forks source link

build(deps): bump github.com/xtls/xray-core from 1.8.23 to 1.8.24 #49

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps github.com/xtls/xray-core from 1.8.23 to 1.8.24.

Release notes

Sourced from github.com/xtls/xray-core's releases.

Xray-core v1.8.24

Donation & NFTs

在等待 SplitHTTP multiplex controller 期间,main 分支已经积累了大量重要更新,所以我们决定先发一个版本,主要有:

  • SplitHTTP 的 header padding,H3 支持 dialerProxy,以及一些修复
  • Socks 入站默认兼容 HTTP 代理请求(mixed)
  • Fragment 支持 tlshello 被分片后在同一个 TCP 帧中发送
  • UDP noise(preview,下个版本可能会改)

And we have created Project VLESS for non-Chinese participants (Russian mainly).

此外,我们开始通过 NFT 的形式接受捐款,详见 [Announcement of NFTs by Project X #3633](https://github.com/XTLS/Xray-core/discussions/3633)

正如大家所看到的,Xray-core v1.8 已经不小心持续了一年多的时间,我们发现流式更新是一个不错的形式。然而由于传统版本号的存在,为每个版本规划功能、进行排期已经严重阻碍了新功能的开发、合并、发布。就像这次本来在等 multiplex controller,以及已经有很多 PR 在等 v1.9,并且我们还给 v1.10 及以后的版本号规划了更多功能,要很久才能排到。

所以我们决定从下个版本开始弃用传统的版本号,改用发版日期作为版本号,如 v24.8.30,并取消版本规划,全面采用流式更新,写好的功能直接合并,不再等待,预计每月月底发一个版本。 毕竟对于反审查软件来说,相较于传统的版本号,新功能的及时性、每月更新更为重要,而不是发一个功能确定的版本并长期维护,我们也没有过这样的习惯。

补充:并不一定按月更新,changes 突然积累多了同样可以发版,如果新版有 bug 的话应当给至少一天冷静期,不会同一天发两个版本。下个版本会移除一些历史久远的代码,以后日常积累新代码、提醒迁移,跨年新版删代码、breaking

我们相信有了各位的捐款以及对发版形式的革新,Xray-core 这个项目会发展得更好。

Changes

以及更新 README,更新一些依赖,使用 Go 1.23 进行编译。

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
sonarcloud[bot] commented 2 months ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud