dependabot[bot]
8a87bb3ffb
build(deps): bump github.com/smallstep/certificates ( #7381 )
...
Bumps [github.com/smallstep/certificates](https://github.com/smallstep/certificates ) from 0.28.4 to 0.29.0.
- [Release notes](https://github.com/smallstep/certificates/releases )
- [Changelog](https://github.com/smallstep/certificates/blob/master/CHANGELOG.md )
- [Commits](https://github.com/smallstep/certificates/compare/v0.28.4...v0.29.0 )
---
updated-dependencies:
- dependency-name: github.com/smallstep/certificates
dependency-version: 0.29.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-03 10:45:18 -07:00
Mohammed Al Sahaf
df9386fa12
ci: escape backticks in changelogs embedded in JS ( #7382 )
...
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2025-12-03 16:40:31 +00:00
dependabot[bot]
786d537877
build(deps): bump the all-updates group with 3 updates ( #7376 )
...
Bumps the all-updates group with 3 updates: [github.com/klauspost/compress](https://github.com/klauspost/compress ), [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go ) and [go.uber.org/zap](https://github.com/uber-go/zap ).
Updates `github.com/klauspost/compress` from 1.18.1 to 1.18.2
- [Release notes](https://github.com/klauspost/compress/releases )
- [Commits](https://github.com/klauspost/compress/compare/v1.18.1...v1.18.2 )
Updates `github.com/quic-go/quic-go` from 0.57.0 to 0.57.1
- [Release notes](https://github.com/quic-go/quic-go/releases )
- [Commits](https://github.com/quic-go/quic-go/compare/v0.57.0...v0.57.1 )
Updates `go.uber.org/zap` from 1.27.0 to 1.27.1
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.27.0...v1.27.1 )
---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
dependency-version: 1.18.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all-updates
- dependency-name: github.com/quic-go/quic-go
dependency-version: 0.57.1
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all-updates
- dependency-name: go.uber.org/zap
dependency-version: 1.27.1
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all-updates
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-02 10:32:58 +03:00
Petr
67a9e0657e
reverseproxy: Fix retries for requests with bodies ( #7360 )
...
* capture the buffered body once, then reset clonedReq.Body before each retry
* no copy
* keep receiver name
* set the buf to nil after extraction and only return it to pool if not nil
---------
Co-authored-by: WeidiDeng <weidi_deng@icloud.com>
2025-11-24 12:03:18 -07:00
ledigang
2cb426776c
encode: modernize, replace HasSuffix+TrimSuffix with CutSuffix ( #7357 )
...
Signed-off-by: ledigang <shuangcui@msn.com>
2025-11-21 15:30:26 -07:00
Marten Seemann
b9e6f3b227
update quic-go to v0.57.0 ( #7359 )
2025-11-21 14:46:47 +03:00
dependabot[bot]
eead249382
build(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 ( #7355 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.43.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.43.0...v0.45.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-version: 0.45.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-19 20:55:13 -07:00
WeidiDeng
a6da1acdc8
reverse_proxy: use interfaces to modify the behaviors of the transports ( #7353 )
2025-11-17 09:51:37 -07:00
Mohammed Al Sahaf
56282c5737
ci: implement new release flow ( #7341 )
...
* ci: implement new release flow
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* remove redundant validation
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* extract key sha
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* pin github-scripts
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* switch to PR-based flow
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* don't use top-level permissions
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* restricted global perms + specific local perms
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* make PR draft
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2025-11-14 14:55:30 -07:00
Kévin Dunglas
b3f2db233b
core: custom slog handlers for modules (log contextual data) ( #7346 )
2025-11-12 13:29:47 -07:00
dependabot[bot]
07d2aaf22e
build(deps): bump the all-updates group with 4 updates ( #7333 )
...
Bumps the all-updates group with 4 updates: [github.com/DeRuina/timberjack](https://github.com/DeRuina/timberjack ), [github.com/KimMachineGun/automemlimit](https://github.com/KimMachineGun/automemlimit ), [github.com/klauspost/compress](https://github.com/klauspost/compress ) and [go.step.sm/crypto](https://github.com/smallstep/crypto ).
Updates `github.com/DeRuina/timberjack` from 1.3.8 to 1.3.9
- [Release notes](https://github.com/DeRuina/timberjack/releases )
- [Changelog](https://github.com/DeRuina/timberjack/blob/main/CHANGELOG.md )
- [Commits](https://github.com/DeRuina/timberjack/compare/v1.3.8...v1.3.9 )
Updates `github.com/KimMachineGun/automemlimit` from 0.7.4 to 0.7.5
- [Release notes](https://github.com/KimMachineGun/automemlimit/releases )
- [Commits](https://github.com/KimMachineGun/automemlimit/compare/v0.7.4...v0.7.5 )
Updates `github.com/klauspost/compress` from 1.18.0 to 1.18.1
- [Release notes](https://github.com/klauspost/compress/releases )
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml )
- [Commits](https://github.com/klauspost/compress/compare/v1.18.0...v1.18.1 )
Updates `go.step.sm/crypto` from 0.72.0 to 0.73.0
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.72.0...v0.73.0 )
---
updated-dependencies:
- dependency-name: github.com/DeRuina/timberjack
dependency-version: 1.3.9
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all-updates
- dependency-name: github.com/KimMachineGun/automemlimit
dependency-version: 0.7.5
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all-updates
- dependency-name: github.com/klauspost/compress
dependency-version: 1.18.1
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all-updates
- dependency-name: go.step.sm/crypto
dependency-version: 0.73.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-updates
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-08 11:13:16 +03:00
Marten Seemann
f2199d48b2
chore: update quic-go to v0.56.0, enable qlog for HTTP/3 ( #7345 )
2025-11-08 00:41:15 -05:00
Kévin Dunglas
8285eba842
caddyhttp: allow customizing the Server header ( #7338 )
2025-11-03 21:00:27 -07:00
Cooper de Nicola
895b56063a
chore: fix golangci-lint error G602 in caddyhttp ( #7334 )
2025-11-03 03:04:55 +00:00
Mohammed Al Sahaf
ddec1838b3
caddytls: correct documentation of LeafFolderLoader ( #7327 )
...
* caddytls: correct documentation of `LeafFolderLoader`
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* fmt...
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2025-11-01 18:29:55 +03:00
Ted
92c8bc7322
caddyfile: fix nested quotes formatted incorrectly by fmt ( #7045 )
...
* Fix incorrectly formatted quote within quotes with fmt
* Fix incorrectly formatted quote within quotes with fmt
2025-10-27 16:13:47 -06:00
WeidiDeng
abe0acabb6
reverseproxy: set default values for keepalive if only some of them are set ( #7318 )
2025-10-25 05:15:55 -04:00
Philipp Keidel
b54e870b26
tracing: switch to autoexport for OpenTelemetry span exporter ( #7317 )
2025-10-23 17:54:50 -06:00
dependabot[bot]
6d90c7707d
build(deps): bump github.com/slackhq/nebula from 1.9.5 to 1.9.7 ( #7315 )
...
Bumps [github.com/slackhq/nebula](https://github.com/slackhq/nebula ) from 1.9.5 to 1.9.7.
- [Release notes](https://github.com/slackhq/nebula/releases )
- [Changelog](https://github.com/slackhq/nebula/blob/v1.9.7/CHANGELOG.md )
- [Commits](https://github.com/slackhq/nebula/compare/v1.9.5...v1.9.7 )
---
updated-dependencies:
- dependency-name: github.com/slackhq/nebula
dependency-version: 1.9.7
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-23 11:37:02 -06:00
dependabot[bot]
cd1c203777
build(deps): bump the all-updates group across 1 directory with 2 updates ( #7307 )
...
Bumps the all-updates group with 2 updates in the / directory: [github.com/spf13/pflag](https://github.com/spf13/pflag ) and [go.step.sm/crypto](https://github.com/smallstep/crypto ).
Updates `github.com/spf13/pflag` from 1.0.9 to 1.0.10
- [Release notes](https://github.com/spf13/pflag/releases )
- [Commits](https://github.com/spf13/pflag/compare/v1.0.9...v1.0.10 )
Updates `go.step.sm/crypto` from 0.70.0 to 0.72.0
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.70.0...v0.72.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/pflag
dependency-version: 1.0.10
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all-updates
- dependency-name: go.step.sm/crypto
dependency-version: 0.72.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-updates
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-21 22:32:36 -06:00
wyrapeseed
57587ed18e
refactor: use reflect.TypeFor ( #7313 )
...
Signed-off-by: wyrapeseed <wyrapeseed@outlook.com>
2025-10-21 13:26:30 -06:00
WeidiDeng
1e21b660c4
reverseproxy: use http.Protocols to handle h2c requests ( #6990 )
2025-10-21 16:05:43 +00:00
Mohammed Al Sahaf
595aab8bc0
metrics: resolve per-host inifinite cardinality ( #7306 )
2025-10-21 06:06:56 +00:00
WeidiDeng
8aca108d2c
reverseproxy: do not disable keepalive if proxy protocol is used ( #7300 )
2025-10-21 05:09:37 +00:00
Pavel
156ce99d3a
listeners: Add support for named socket activation ( #7243 )
2025-10-21 04:55:42 +00:00
WeidiDeng
a7885aabec
intercept: use already buffered response if possible when intercepting ( #7028 )
2025-10-21 04:48:07 +00:00
Bashayer Alrumahi
f5f25d845a
logging: fix multiple regexp filters on same field ( fixes #7049 ) ( #7061 )
...
* logging: fix multiple regexp filters on same field (fixes #7049 )
* fix: add proper error handling in MultiRegexpFilter tests
* fix: resolve linter and test issues - Fix GCI import formatting issues - Fix MultiRegexpFilter input size limit test by ensuring output doesn't exceed max length after each operation - All tests now pass and linter issues resolved
* fix: update integration test for proper JSON encoding - Fix expected JSON output to use Unicode escape sequence for ampersand character - Integration tests now pass
2025-10-16 05:08:53 +00:00
WeidiDeng
1ce2a13ad1
caddyhttp: wrap accepted connection to suppress tls.ConnectionState ( #7247 )
2025-10-16 03:13:40 +00:00
Chris Seufert
d7185fd002
caddyhttp: Add trusted_proxies_unix for trusting unix socket X-Forwarded-* headers ( #7265 )
2025-10-16 02:47:32 +00:00
Anthony Biondo
7fb39ec1e5
reverseproxy: Use http1.1 upgrade for websocket for extended connect of http2 and http3 ( #7305 )
...
Co-authored-by: WeidiDeng <weidi_deng@icloud.com>
2025-10-16 02:20:20 +00:00
aeris
10ac7da037
logging: Switch from lumberjack to timberjack, add time-rolling options ( #7244 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2025-10-15 17:11:10 -04:00
wyrapeseed
d115cd1042
chore: fix some comments ( #7303 )
2025-10-15 03:58:53 +00:00
joshuamcbeth
de6b78009b
caddyhttp: Add server options keepalive_idle and keepalive_count ( #7298 )
...
* Add Server options KeepAliveIdle (keepalive_idle) and KeepAliveCount (keepalive_count)
Signed-off-by: Joshua McBeth <joshua.mcbeth@gmail.com>
* Add Server option KeepAliveDisable (keepalive_disable)
Signed-off-by: Joshua McBeth <joshua.mcbeth@gmail.com>
* Remove Server option KeepAliveDisable (keepalive_disable), disable when interval is negative
Signed-off-by: Joshua McBeth <joshua.mcbeth@gmail.com>
* Add keepalive parameters to caddyfiletest
Signed-off-by: Joshua McBeth <joshua.mcbeth@gmail.com>
---------
Signed-off-by: Joshua McBeth <joshua.mcbeth@gmail.com>
2025-10-14 12:03:23 -06:00
WeidiDeng
2ec28bca43
reverse_proxy: use http1 for outbound tls requests with placeholder that are likely websockets ( #7296 )
2025-10-09 10:36:49 -06:00
Marten Seemann
178294e9d7
chore: Update quic-go to v0.55.0 ( #7288 )
...
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2025-10-06 19:43:28 -04:00
GreyXor
13a4ec7597
basicauth: Implement argon2id ( #7186 )
...
* feat: add argon2id hash-password command
* feat: ardon2id owasp safe value
* feat: add argon2id compare method
* chore: fmt argon2id
* docs: more argon2id docs
* chore: upgrade x/crypto dep
* revert: remove golangci
* refactor: argon2id decode
* chore: update deps
* refactor: simplify argon2id compare return
* chore: upgrade dependencies
* chore: upgrade dependencies
2025-10-06 17:27:06 -06:00
Monviech
2f1d270968
httpcaddyfile: Map default_bind to BindHost in globalACMEDefaults ( #7278 )
...
* Implement BindHost fallback in ACME issuer
* Fix indentation
* Skip creating empty challenges stub in adapted json config
* Skip setting BindHost for DNS Challenge
* golangci-lint fix
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2025-10-06 16:48:38 -06:00
Aditya Bhargava
3c003deec6
httpcaddyfile: Add missing DNS challenge check for acme_dns ( #7270 )
...
* add optional argument to `mock` DNS provider
* preserve local DNS challenge settings when `acme_dns` is specified
* add missing check for `acme_dns`
2025-10-03 14:05:46 -06:00
dependabot[bot]
afbdcec08b
build(deps): bump the actions-deps group with 8 updates ( #7284 )
...
Bumps the actions-deps group with 8 updates:
| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner ) | `2.13.0` | `2.13.1` |
| [actions/setup-go](https://github.com/actions/setup-go ) | `5.5.0` | `6.0.0` |
| [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) | `4.7.3` | `4.8.0` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) | `3.9.2` | `3.10.0` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action ) | `0.20.5` | `0.20.6` |
| [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch ) | `3.0.0` | `4.0.0` |
| [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) | `2.4.2` | `2.4.3` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.30.0` | `3.30.5` |
Updates `step-security/harden-runner` from 2.13.0 to 2.13.1
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](ec9f2d5744...f4a75cfd61https://github.com/actions/setup-go/releases )
- [Commits](d35c59abb0...4469467582https://github.com/actions/dependency-review-action/releases )
- [Commits](595b5aeba7...56339e523chttps://github.com/sigstore/cosign-installer/releases )
- [Commits](d58896d6a1...d7543c93d8https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](da167eac91...f8bdd1d8achttps://github.com/peter-evans/repository-dispatch/releases )
- [Commits](ff45666b94...5fc4efd1a4https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](05b42c6244...4eaacf0543https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2d92b76c45...3599b3baa1
2025-10-01 23:11:09 +00:00
Francis Lavoie
65e0ddc221
core: Reloading with SIGUSR1 if config never changed via admin ( #7258 )
2025-09-26 16:50:15 +00:00
WeidiDeng
b2ab419922
core: use reflect.TypeFor to check for encoding/json.RawMessage ( #7274 )
...
* check if the raw message type is the json v2 type
* use reflect.TypeFor to check for encoding/json.RawMessage
---------
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2025-09-26 10:46:18 -06:00
asttool
bc0e184130
caddyhttp: omit unnecessary reassignment ( #7276 )
...
Signed-off-by: asttool <asttool@outlook.com>
2025-09-26 10:44:58 -06:00
Y.Horie
1e82f9652e
caddypki: check intermediate lifetime to actual root cert lifetime ( #7272 )
2025-09-26 10:24:52 -06:00
Mohammed Al Sahaf
25be2f26fc
chore: ugh, lint fix... ( #7275 )
...
* chore: ugh, lint fix...
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* more lint fixes
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2025-09-26 03:14:48 -04:00
Marten Seemann
0c8798fce3
go.mod: update quic-go to v0.54.1 ( #7273 )
2025-09-25 19:24:26 -06:00
Gilbert Gilb's
f5c3094050
cmd: prevent commas in header values from being split ( #7268 )
...
`pflag.GetStringSlice` treats commas as delimiters, which causes issues
when passing headers whose values contain commas (`X-Robots-Tag:
noindex, nofollow`). These are incorrectly split into multiple headers
and errors out:
- `X-Robots-Tag: noindex`
- ` nofollow`
Switch to `pflag.GetStringArray`, which does not split on commas[1].
Note that this changes behavior for cases where multiple headers were
provided in a single argument with commas (`--header-down "X-Foo:
Bar,X-Bar: Foo"`). Such cases will now be treated as a single header
value. If this breaking change is unacceptable, we will need a smarter
fallback mechanism.
[1] https://github.com/spf13/pflag/pull/90
2025-09-22 21:12:06 -06:00
Francis Lavoie
39ace450de
logging: Adjustments to BufferedLog to keep logs in the correct order ( #7257 )
...
* logging: Adjustments to BufferedLog to keep logs in the correct order
* Ignore lints
2025-09-15 09:29:50 -06:00
Artur H.
0ba8786b35
caddyfile: Allow block to do nothing if nothing passed to import ( #7206 )
2025-09-12 20:29:09 +00:00
mickychang9
bcd4055e89
Use WaitGroup.Go to simplify code ( #7253 )
...
Signed-off-by: mickychang9 <mickychang9@outlook.com>
2025-09-11 10:15:09 -06:00
WeidiDeng
b462615439
fileserver: set Content-Length for precompressed files ( #7251 )
...
* set Content-Length for precompressed files
* Update modules/caddyhttp/fileserver/staticfiles.go
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2025-09-10 22:48:03 -06:00
