Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4#3
Closed
dependabot[bot] wants to merge 30 commits intomainfrom
Closed
Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4#3dependabot[bot] wants to merge 30 commits intomainfrom
dependabot[bot] wants to merge 30 commits intomainfrom
Conversation
Extract the cloudflared tunnel implementation from sing-box's origin/cloudflared branch into a standalone library following sing-* patterns, with zero sing-box or sing-tun dependencies. Key abstractions: - Handler interface (DialTCP/DialPacket) replaces adapter.Router - ICMPHandler interface replaces router.PreMatch + tun.DirectRoute* - ServiceOptions/Service replaces adapter/option/inbound types
Remove 11 low-quality tests that assert constructors construct, setters set, or hardcoded values mirror the implementation. Fix errors.New/fmt.Errorf to use E.New per project error handling rules, split if-err-assign patterns into separate statements, and standardize on sing/common/json over encoding/json.
Replace errors/fmt stdlib usage with sing exceptions library (E.Cast, E.IsMulti), merge duplicate HTTP/WebSocket handlers, extract shared SOCKS5 handshake and RPC lifecycle helpers, remove dead code and redundant comments.
- Remove duplicate originRequestFromRemote (~60 lines), replaced by mergeRemoteOriginRequest with default config - Cache cloudflareRootCertPool with sync.OnceValues; clone before mutating for custom CA pools - Fix ignored dial error in newRouterOriginTransport - Fix data race on icmpFlowState.lastActive (add activeAccess mutex) - Move destination.Close() I/O out from under mutex in routeCache - Fix variable shadowing in QUICConnection.handleStream - Fix inline if-assignment patterns (stripPort, shouldFlushHTTPHeaders) - Remove WHAT-comments restating function names - Replace bidirectionalCopy with existing bufio.CopyConn - Eliminate double-copy in V2/V3 UDP readLoop (callee already copies) - Remove unnecessary metadata deep-copy in buildMetadataOnlyHTTPRequest - Extract metadataHTTPHeaderPrefix constant to avoid repeated allocation - Use atomic.Bool instead of uint32 for nopCloserReadWriter.closed - Pre-allocate DefaultFeatures slices as package-level variables - Remove dead code: featureSelector nil-check, successfulProtocols guard - Replace magic strings with constants (protocolQUIC, protocolHTTP2, datagramVersionV3)
Move non-public implementation code from the flat root package into 8 internal subpackages organized by functional domain, reducing the public API surface to only the service types and handler interfaces. Internal packages: - internal/protocol: wire protocol types, serialization, credentials - internal/discovery: edge SRV lookup - internal/config: runtime configuration, ingress rules - internal/control: registration RPC, transport helpers - internal/transport: QUIC/HTTP2 connections, TLS, protocol selection - internal/datagram: V2/V3 datagram multiplexing, flow limiting - internal/icmp: ICMP bridge and route cache - internal/tunnelrpc: generated Cap'n Proto (moved from tunnelrpc/) Break *Service cycles via interfaces: transport.HTTP2Handler, transport.StreamHandler, datagram.MuxerContext, icmp.RouteHandler. Add exported constants for ServiceOptions string fields: ProtocolQUIC, ProtocolHTTP2, DatagramVersionV2, DatagramVersionV3.
The first live test (TestLiveQUICIntegration) was flaky because it bore the full cost of Cloudflare edge propagation for a newly-created tunnel. Add an HTTP/2 warm-up step in requireLiveTestEnvironment that primes the edge routing before any protocol-specific test runs.
The Cloudflare API occasionally returns 503 during sequential test runs, causing spurious CI failures when the configurations endpoint is temporarily unavailable.
Drop context.go entirely — ContextID, ContextIDFrom, and the automatic context-ID injection are removed. ServiceOptions.NewContext is renamed to ConnContext with no default behavior when unset.
Wire the ICMPHandler from Service through MuxerContext to the ICMP bridge in both V2 and V3 datagram muxers, replacing the hardcoded nil handler that silently dropped all ICMP echo requests. Add a concrete DirectHandler in pkg/icmp that wraps ping.ConnectDestination from sing-tun to open platform-appropriate ICMP sockets.
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.1.3 to 4.1.4. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Commits](go-jose/go-jose@v4.1.3...v4.1.4) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v4 dependency-version: 4.1.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
bot
deleted the
dependabot/go_modules/github.com/go-jose/go-jose/v4-4.1.4
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4.
Commits
0e59876Merge commit from forkddffdbcBump actions/checkout from 5 to 6 (#213)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.