ggicci / caddy-jwt

🆔 Caddy Module JWT Authentication
MIT License
74 stars 20 forks source link

chore(deps): bump github.com/caddyserver/caddy/v2 from 2.7.4 to 2.7.6 #69

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 11 months ago

Bumps github.com/caddyserver/caddy/v2 from 2.7.4 to 2.7.6.

Release notes

Sourced from github.com/caddyserver/caddy/v2's releases.

v2.7.6

In this version we've made several fixes and enhancements with help from several contributors. Most changes are small, but some notable ones:

  • The templates middleware is now officially extensible (experimentally). This means modules can add custom functions/actions for templates to execute.
  • TLS storage cleaning is now synchronized across the cluster and remembered across restarts. This should greatly lower costs for expensive storage backends like DynamoDB.
  • Placeholders are now evaluated in config for certificate loaders.
  • Numerous bug fixes.

Thank you to everyone who contributed!

Changelog

  • 65c489a0 Upgrade acmeserver to github.com/go-chi/chi/v5 (#5913)
  • ae5e2d96 caddyfile: Fix variadic placeholder false positive when token contains : (#5883)
  • db55da59 caddyhttp: Adjust scheme placeholder docs (#5910)
  • df5edf6b caddytls: Context to DecisionFunc (#5923)
  • 6d9a8337 caddytls: Sync distributed storage cleaning (#5940)
  • 11a082c0 cmd: Add newline character to version string in CLI output (#5895)
  • 979c413f cmd: upgrade: resolve symlink of the executable (#5891)
  • 64820706 core: Apply SO_REUSEPORT to UDP sockets (#5725)
  • 15adb893 core: quic listener will manage the underlying socket by itself (#5749)
  • 801ec756 fileserver: Add .m4v for browse template icon
  • b809ed71 go.mod: CVE-2023-45142 Update opentelemetry (#5908)
  • b4c7313c go.mod: Upgrade quic-go to v0.39.1
  • 36fce3fa go.mod: update quic-go version to v0.40.0 (#5922)
  • ec2de22a httpcaddyfile: Fix TLS automation policy merging with get_certificate (#5896)
  • f0ea489d httpcaddyfile: Remove port from logger names (#5881)
  • 87f63b12 httpredirectlistener: Only set read limit for when request is HTTP (#5917)
  • 16834d64 templates: Clarify include args docs, add .ClientIP (#5898)
  • 0259853a templates: Delete headers on httpError to reset to clean slate (#5905)
  • 2f7ceb57 templates: Offically make templates extensible (#5939)
  • 908e9569 tls: accept placeholders in string values of certificate loaders (#5963)

Full Changelog: https://github.com/caddyserver/caddy/compare/v2.7.5...v2.7.6

v2.7.5

In this release, we've fixed quite a few small bugs and annoyances, including HTTP/2 Rapid Reset which affected most HTTP/2 implementations.

On a personal note (from @​mholt): I recently became a dad! I want to thank our maintainers for helping in so many ways while I've been taking extra time for family. Francis, Matthew, Mohammed, and others -- including all the contributors below, and then some -- are to thank for shipping this release.

Highlights

  • Updated https://github.com/quic-go/quic-go from v0.37.5 to v0.39.0, including many performance improvements. GSO and ECN are now enabled by default, but you may turn them off by setting the QUIC_GO_DISABLE_GSO=true and QUIC_GO_DISABLE_ECN=true environment variables respectively, if they cause you problems. See the quic-go release notes for more details.
  • The file server's fileserver.BrowseTemplate is now exported, so it may be customized by programs embedding Caddy. (ed8bb13c5df7656647ca7fc1fd09237631a6767c)
  • Environment variables loaded with --envfile no longer override existing variables. (#5803)
  • The encode handler now compresses application/wasm* content types by default. (#5869)
  • The reverse_proxy handler can now emit very detailed logs for debugging streaming and buffering. To enable it, set the verbose_logs subdirective, and set logging to debug level. Since the logs from this are very noisy, using verbose_logs to opt-in is necessary. We may ask you to enable this when asking for support! (#5793)
  • You can now check the version with caddy -v, like most other CLI utilities! (#5874)

Caddy is on feature freeze until after 2.8 so we can improve our testing situation. These patches have all been tried to ensure they work as intended, but if you notice any issues please report them!

... (truncated)

Commits
  • 6d9a833 caddytls: Sync distributed storage cleaning (#5940)
  • df5edf6 caddytls: Context to DecisionFunc (#5923)
  • 908e956 tls: accept placeholders in string values of certificate loaders (#5963)
  • 2f7ceb5 templates: Offically make templates extensible (#5939)
  • e89c9a4 http2 uses new round-robin scheduler (#5946)
  • e9ac48b panic when reading from backend failed to propagate stream error (#5952)
  • e555702 chore: Bump otel to v1.21.0. (#5949)
  • 87f63b1 httpredirectlistener: Only set read limit for when request is HTTP (#5917)
  • 801ec75 fileserver: Add .m4v for browse template icon
  • c8219d0 Revert "caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848)" ...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov-commenter commented 11 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Comparison is base (0ee1dc3) 96.26% compared to head (8e217ff) 96.26%.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #69 +/- ## ======================================= Coverage 96.26% 96.26% ======================================= Files 2 2 Lines 321 321 ======================================= Hits 309 309 Misses 10 10 Partials 2 2 ``` | [Flag](https://app.codecov.io/gh/ggicci/caddy-jwt/pull/69/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ggicci) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/ggicci/caddy-jwt/pull/69/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ggicci) | `96.26% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ggicci#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.