WeidiDeng
6d4190f4c7
fix tests
2026-04-21 11:54:36 +08:00
WeidiDeng
b15e3cd2fa
make handleUpgradeTunnel a standalone func
2026-04-21 11:48:00 +08:00
WeidiDeng
040fa37add
correctly close detached streams
2026-04-21 11:46:28 +08:00
WeidiDeng
3f257bbccc
simplify streaming handling
2026-04-21 10:07:13 +08:00
WeidiDeng
4628aea894
record bytes read and written for response writers unless detached
2026-04-21 10:06:30 +08:00
Francis Lavoie
db86fdaba2
Adjustments from Weidi's review
2026-04-19 18:16:00 -04:00
Francis Lavoie
5a1ace3e91
Improved logging facilities
2026-04-17 21:25:59 -04:00
Francis Lavoie
de8e430015
lint
2026-04-17 21:25:59 -04:00
Francis Lavoie
476fd0c077
reverseproxy: Optionally detach stream (websockets) from config lifecycle
2026-04-17 21:25:59 -04:00
Zen Dodd
4430756d5c
admin: Redact sensitive request headers in API logs ( #7578 )
...
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 1m51s
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m41s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m37s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m30s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m44s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m36s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m36s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m31s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m42s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m47s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m56s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m49s
Lint / govulncheck (push) Successful in 2m5s
Lint / dependency-review (push) Failing after 1m0s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 42s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
* admin: Redact sensitive request headers in API logs
* Fix govulncheck and typed atomic lint failures
* Sync Go module metadata after dependency downgrade
2026-04-17 14:56:42 -06:00
dependabot[bot]
af89c5ab02
build(deps): bump github.com/jackc/pgx/v5 from 5.8.0 to 5.9.0 ( #7655 )
...
Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx ) from 5.8.0 to 5.9.0.
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md )
- [Commits](https://github.com/jackc/pgx/compare/v5.8.0...v5.9.0 )
---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v5
dependency-version: 5.9.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-17 14:50:53 -06:00
Mohammed Al Sahaf
bd9f145321
chore: add AGENTS.md ( #7652 )
...
* chore: add `AGENTS.md`
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* Apply suggestions from code review
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
* review feedback
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2026-04-17 14:49:58 -06:00
Steffen Busch
24bebd0a07
caddyhttp: Document missing placeholders for escaped URI and prefixed query ( #7659 )
2026-04-17 16:13:15 -04:00
prettysunflower
7dedd1486c
fix(caddyfile): {block} in snippet ( #7558 )
...
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 1m47s
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m23s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m25s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m26s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m25s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m44s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m35s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 2m32s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 2m18s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m26s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m48s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m34s
Lint / govulncheck (push) Successful in 2m38s
Lint / dependency-review (push) Failing after 1m29s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 7m56s
* fix(caddyfile): {block} in snippet
Resolve issue #7557
So, here is the situation:
- Pull request #7206 included some changes to the doImport's function of
Caddyfile's parser. What it does is that if there is no token within a
block that follows the import, and the import contains `{block}`, then
the `{block}` token is discarded.
- After this pull request:
- Issue #7518 noticed that in cases that `{block}` was not imported,
a runtime error was raised due to the assumption that tokens were
always added to `tokensCopy` on every iteration of `importedTokens`.
This was fixed by pull request #7543 .
- Issue #7557 notices that {block} can be ignored when imported from a
certain file. There, it's again an issue with how the import works.
When `import snippets` is called, this import instruction doesn't
contains any nested blocks. And when the argument replacer that is
the `importedTokens` loop is called and finds `{block}`, it uses the
block from the file's import (which in this case is nothing),
`{block}` is erased, and unavailable when the import directive is
called for the imported snippet.
The changed in this commit addresses the second issue by checking before
replacing `{block}` if we're currently in a snippet definition, and
appending the `{block}` token to `tokensCopy` if we are.
With this changes, when importing those snippets, the `{block}` token
will be available to be replaced by the nested blocks in `tokensToAdd`
if needed, or erased if there are no nested blocks and `tokensToAdd` is empty.
Tests added in pull requests #7206 and #7543 passes with this new
implementation, confirming that unused `{block}` are accepted if nothing
is passed to `import`, as well as the other usual tests.
A new test was also added based on issue #7557 reporting, and also passes.
Signed-off-by: prettysunflower <me@prettysunflower.moe>
* caddyfile: add imported snippet block placeholder coverage
---------
Signed-off-by: prettysunflower <me@prettysunflower.moe>
Co-authored-by: Zen Dodd <mail@steadytao.com>
2026-04-15 02:58:53 -04:00
Max Truxa
7586e68e27
fileserver: show symlink targets verbatim ( #7579 )
...
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Failing after 1m37s
Cross-Build / build (~1.26.0, 1.26, aix) (push) Failing after 2m28s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 2m27s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 52s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 3m9s
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 3m16s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 57s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 59s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m43s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 2m30s
Lint / lint (ubuntu-latest, linux) (push) Successful in 1m43s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 2m7s
Lint / govulncheck (push) Successful in 1m55s
Lint / dependency-review (push) Failing after 1m12s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 19m42s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
`reveal_symlinks` was exposing symlink targets as fully resolved absolute paths, even if the target is a relative path. With this change the link target is shown as-is, without resolving anything.
2026-04-15 04:49:30 +10:00
Zen Dodd
0c7c91a447
logging: preserve ts for journald-wrapped JSON logs ( #7644 )
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Failing after 4s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Failing after 3s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Failing after 3s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Failing after 3s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Failing after 2s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Failing after 3s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Failing after 2s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Failing after 1s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Failing after 3s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Failing after 1s
Lint / lint (ubuntu-latest, linux) (push) Failing after 4s
Lint / govulncheck (push) Failing after 9s
Lint / dependency-review (push) Failing after 10s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 3s
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 2m6s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
2026-04-13 17:33:02 -06:00
Dean Ruina
1a3e900b35
chore: bump timberjack to v1.4.1 ( #7618 )
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Failing after 1m23s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Failing after 1m26s
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 1m37s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 26s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 2m20s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 2m31s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m11s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 47s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m26s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m45s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m45s
Lint / lint (ubuntu-latest, linux) (push) Successful in 1m40s
Lint / govulncheck (push) Successful in 1m21s
Lint / dependency-review (push) Failing after 54s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 8m57s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
2026-04-13 03:31:59 -04:00
tsinglua
0722cf6fd8
chore: replace interface{} with any for modernization ( #7571 )
...
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 1m28s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m38s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m39s
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m50s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m25s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m32s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m31s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m41s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m23s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m36s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m34s
Lint / dependency-review (push) Failing after 23s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 27s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m5s
Lint / govulncheck (push) Successful in 1m25s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
Signed-off-by: tsinglua <tsinglua@outlook.com>
2026-04-11 19:53:12 +03:00
Zen Dodd
8e2dd5079c
caddyfile: Improve import/global options UX for imports before global options ( #7642 )
...
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 35s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Failing after 32s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m40s
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 2m2s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m29s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m29s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m31s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m30s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m31s
Lint / dependency-review (push) Failing after 24s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m20s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 33s
Lint / govulncheck (push) Successful in 1m23s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m17s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
* caddyfile: improve import/global options UX
Keep standalone global-options braces stable in fmt when they follow import lines.
Also improve validate output for imports before the global options block with a clearer error message.
Add focused formatter and parser regression coverage
* caddyfile: satisfy staticcheck in formatter
2026-04-10 17:17:55 -06:00
Zen Dodd
5f44ea0748
logging: add journald encoder wrapper ( #7623 )
2026-04-10 17:09:12 -06:00
dependabot[bot]
c8e4ac2c8c
build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 ( #7621 )
...
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose ) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/go-jose/go-jose/releases )
- [Commits](https://github.com/go-jose/go-jose/compare/v4.1.3...v4.1.4 )
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
dependency-version: 4.1.4
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-10 16:33:07 -06:00
Zen Dodd
7dcc041eec
vars: Add matcher placeholder handling tests ( #7640 )
...
* vars: add matcher placeholder handling tests
* vars: add query placeholder matcher coverage
2026-04-10 16:27:52 -06:00
Zen Dodd
ca0ca67fbd
reverseproxy: make stream copy buffer size configurable ( #7627 )
2026-04-10 14:49:32 -06:00
dependabot[bot]
92b62004eb
build(deps): bump the all-updates group across 1 directory with 11 updates ( #7641 )
...
Bumps the all-updates group with 8 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [github.com/DeRuina/timberjack](https://github.com/DeRuina/timberjack ) | `1.4.0` | `1.4.1` |
| [github.com/google/cel-go](https://github.com/google/cel-go ) | `0.27.0` | `0.28.0` |
| [go.opentelemetry.io/contrib/exporters/autoexport](https://github.com/open-telemetry/opentelemetry-go-contrib ) | `0.67.0` | `0.68.0` |
| [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib ) | `0.67.0` | `0.68.0` |
| [go.opentelemetry.io/contrib/propagators/autoprop](https://github.com/open-telemetry/opentelemetry-go-contrib ) | `0.67.0` | `0.68.0` |
| [go.step.sm/crypto](https://github.com/smallstep/crypto ) | `0.77.1` | `0.77.2` |
| [golang.org/x/crypto](https://github.com/golang/crypto ) | `0.49.0` | `0.50.0` |
| [golang.org/x/net](https://github.com/golang/net ) | `0.52.0` | `0.53.0` |
Updates `github.com/DeRuina/timberjack` from 1.4.0 to 1.4.1
- [Release notes](https://github.com/DeRuina/timberjack/releases )
- [Changelog](https://github.com/DeRuina/timberjack/blob/main/CHANGELOG.md )
- [Commits](https://github.com/DeRuina/timberjack/compare/v1.4.0...v1.4.1 )
Updates `github.com/google/cel-go` from 0.27.0 to 0.28.0
- [Release notes](https://github.com/google/cel-go/releases )
- [Commits](https://github.com/google/cel-go/compare/v0.27.0...v0.28.0 )
Updates `go.opentelemetry.io/contrib/exporters/autoexport` from 0.67.0 to 0.68.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.67.0...zpages/v0.68.0 )
Updates `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` from 0.67.0 to 0.68.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.67.0...zpages/v0.68.0 )
Updates `go.opentelemetry.io/contrib/propagators/autoprop` from 0.67.0 to 0.68.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.67.0...zpages/v0.68.0 )
Updates `go.step.sm/crypto` from 0.77.1 to 0.77.2
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.77.1...v0.77.2 )
Updates `golang.org/x/crypto` from 0.49.0 to 0.50.0
- [Commits](https://github.com/golang/crypto/compare/v0.49.0...v0.50.0 )
Updates `golang.org/x/net` from 0.52.0 to 0.53.0
- [Commits](https://github.com/golang/net/compare/v0.52.0...v0.53.0 )
Updates `golang.org/x/term` from 0.41.0 to 0.42.0
- [Commits](https://github.com/golang/term/compare/v0.41.0...v0.42.0 )
Updates `golang.org/x/sys` from 0.42.0 to 0.43.0
- [Commits](https://github.com/golang/sys/compare/v0.42.0...v0.43.0 )
Updates `golang.org/x/text` from 0.35.0 to 0.36.0
- [Release notes](https://github.com/golang/text/releases )
- [Commits](https://github.com/golang/text/compare/v0.35.0...v0.36.0 )
---
updated-dependencies:
- dependency-name: github.com/DeRuina/timberjack
dependency-version: 1.4.1
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all-updates
- dependency-name: github.com/google/cel-go
dependency-version: 0.28.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-updates
- dependency-name: go.opentelemetry.io/contrib/exporters/autoexport
dependency-version: 0.68.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-updates
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
dependency-version: 0.68.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-updates
- dependency-name: go.opentelemetry.io/contrib/propagators/autoprop
dependency-version: 0.68.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-updates
- dependency-name: go.step.sm/crypto
dependency-version: 0.77.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all-updates
- dependency-name: golang.org/x/crypto
dependency-version: 0.50.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-updates
- dependency-name: golang.org/x/net
dependency-version: 0.53.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-updates
- dependency-name: golang.org/x/term
dependency-version: 0.42.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-updates
- dependency-name: golang.org/x/sys
dependency-version: 0.43.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-updates
- dependency-name: golang.org/x/text
dependency-version: 0.36.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-updates
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-10 20:39:00 +00:00
dependabot[bot]
6c23ec2f3c
build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp ( #7637 )
...
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp](https://github.com/open-telemetry/opentelemetry-go ) from 1.42.0 to 1.43.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.42.0...v1.43.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp
dependency-version: 1.43.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-10 14:31:08 -06:00
vnxme
5de1565ff6
vars: Don't expand placeholders in values ( #7629 )
2026-04-10 09:37:43 -06:00
Harsh Patel
d7834676aa
tls: add system and combined CA pool modules ( #7406 )
...
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m59s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m58s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m58s
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 3m9s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m37s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m39s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m40s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m27s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m39s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m38s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m38s
Lint / dependency-review (push) Failing after 58s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m28s
Lint / govulncheck (push) Successful in 2m11s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 28s
* feat: add system and combined CA pool modules
* fix: combining pools using `CertificateProvider`
* fix: lint issue
* chore: caddyfiletests
* doing it for first time, so not sure if its right.
* fix: use `x509` native addCert
* chore: explicit err handling
* Apply suggestion from @mohammed90
---------
Co-authored-by: Mohammed Al Sahaf <mohammed@caffeinatedwonders.com>
2026-04-06 01:13:34 +03:00
Pieter Berkel
4f50458866
tls: expand placeholders in dns_challenge override_domain ( #7609 )
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 2m43s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 2m41s
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 2m46s
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 2m53s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m30s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m38s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m38s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m39s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m33s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m35s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m12s
Lint / dependency-review (push) Failing after 57s
Lint / govulncheck (push) Successful in 1m47s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 8m11s
2026-03-31 05:46:32 +00:00
yubiuser
ea4ee3ae5d
reverseproxy: Fix check for header_up Host {upstream_hostport} redundancy ( #7564 )
...
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 2m32s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 2m28s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 2m31s
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 2m39s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m29s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m46s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m41s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m45s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m29s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m29s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m43s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m12s
Lint / dependency-review (push) Failing after 1m17s
Lint / govulncheck (push) Successful in 1m37s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 8m4s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
* Fix check for header_up
Signed-off-by: yubiuser <github@yubiuser.dev>
* Onyl check in case commonScheme == "https"
Signed-off-by: yubiuser <github@yubiuser.dev>
* Move check after TLS transport is enabled
Signed-off-by: yubiuser <github@yubiuser.dev>
---------
Signed-off-by: yubiuser <github@yubiuser.dev>
2026-03-30 10:56:10 -06:00
Francis Lavoie
30b80bece8
notify: Always send "READY=1" even after an error ( #7597 )
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 1m40s
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m39s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m40s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m40s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m49s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m54s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m51s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 2m26s
Lint / dependency-review (push) Failing after 29s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 43s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m27s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m35s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m37s
Lint / govulncheck (push) Successful in 1m26s
Lint / lint (ubuntu-latest, linux) (push) Successful in 1m59s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
2026-03-28 13:08:34 -06:00
Sam Ottenhoff
7a630f2910
encode: make zstd checksum configurable ( #7586 )
...
* http: make zstd checksum configurable
* disable_checksum
2026-03-28 13:07:21 -06:00
Marc
62e9c05264
root: introduce down-propagating Helper.BlockState for other directives/plugins to use ( #7594 )
...
* add 'root' key to Helper.State for access in frankenphp's `php_server` directive
* clone state before passing it to child directives, but keep sharing it among sibling directives
* propagate named route state from children to parent
* use BlockState to set "root" instead
* gofmt -w .
* go fmt ./...
* here we go
2026-03-28 17:44:42 +00:00
Tao
6f6771aa1d
rewrite: skip query rename when source key is absent ( #7599 )
2026-03-28 13:10:34 -04:00
Matt Holt
acf8d6a1ae
caddytls: Consolidate empty APs more smartly ( #7567 )
...
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 1m39s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m38s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m45s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m45s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m46s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m52s
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m55s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 2m1s
Lint / dependency-review (push) Failing after 1m4s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m37s
Lint / govulncheck (push) Successful in 1m27s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m35s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m45s
Lint / lint (ubuntu-latest, linux) (push) Successful in 1m59s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 26s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
* caddytls: Consoldate empty APs more smartly (fix #7559 )
* Revise consolidation logic
2026-03-26 14:41:34 -06:00
Matt Holt
e98ed6232d
chore: Resolve recent CI failures ( #7593 )
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m28s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m37s
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 1m43s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m43s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m46s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m52s
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m54s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m53s
Lint / dependency-review (push) Failing after 23s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m20s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m18s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m18s
Lint / govulncheck (push) Successful in 2m2s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m11s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 7m5s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
2026-03-25 23:21:27 -06:00
Matthew Holt
c35ba5588d
Add missing return to handleError in admin server
...
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Failing after 1m28s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Failing after 1m28s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Failing after 1m38s
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 2m27s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 2m27s
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 2m30s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 2m50s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 2m58s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m27s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m26s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m27s
Lint / dependency-review (push) Failing after 1m44s
Lint / govulncheck (push) Failing after 1m58s
Lint / lint (ubuntu-latest, linux) (push) Failing after 2m5s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 6m39s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
Thanks to @Wernerina's LLM for finding this bug
2026-03-25 16:33:24 -06:00
Tao
5d189aff40
caddytls: Avoid default issuers for implicit tailscale policies ( #7577 )
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 1m37s
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m29s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m28s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m23s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m26s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m25s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m25s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m23s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m34s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m28s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m22s
Lint / govulncheck (push) Successful in 1m43s
Lint / dependency-review (push) Failing after 59s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 36s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
2026-03-20 09:36:03 -06:00
vnxme
df65455b1f
caddyhttp: Sync placeholder expansion in vars and vars_regexp ( #7573 )
...
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 1m26s
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m29s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m27s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m20s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m40s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m25s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m26s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m22s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m20s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m30s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m7s
Lint / govulncheck (push) Successful in 1m20s
Lint / dependency-review (push) Failing after 23s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 7m23s
* vars: Expand placeholders in custom variables like in `vars_regexp`
* vars: Reuse variables inside match loops
2026-03-17 13:08:47 -06:00
Matthew Holt
8499e34e10
caddytls: Ensure key list always gets set ( fix #7555 )
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 2m29s
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m26s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m23s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m38s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m37s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m45s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m32s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m27s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m31s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m29s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m23s
Lint / govulncheck (push) Successful in 1m44s
Lint / dependency-review (push) Failing after 59s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 6m18s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
2026-03-16 16:21:47 -06:00
Matthew Holt
1fbb28720b
Fix lint errors
...
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 2m15s
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 2m36s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m14s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m27s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m14s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m27s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m14s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m14s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m26s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m13s
Lint / lint (ubuntu-latest, linux) (push) Failing after 1m13s
Lint / govulncheck (push) Successful in 1m31s
Lint / dependency-review (push) Failing after 59s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 29s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
Use VerifyConnection instead of VerifyPeerCertificate; the other 2 fixes are "meh" not really a big deal or an issue at all.
2026-03-11 13:33:59 -06:00
Matthew Holt
ffb6ab0644
Revert cosign (see #7536 )
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 1m21s
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m28s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m26s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m31s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m27s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m21s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m37s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m23s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m29s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m2s
Lint / govulncheck (push) Successful in 1m26s
Lint / dependency-review (push) Failing after 27s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 21s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
2026-03-05 08:41:54 -07:00
dependabot[bot]
9371ee67c6
build(deps): bump the actions-deps group across 1 directory with 12 updates ( #7536 )
...
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 2m39s
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m28s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m22s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m25s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m23s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m23s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m28s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m27s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m27s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m34s
Lint / govulncheck (push) Successful in 1m26s
Lint / dependency-review (push) Failing after 1m2s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 5m36s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
Bumps the actions-deps group with 12 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout ) | `5.0.0` | `6.0.2` |
| [github/ai-moderator](https://github.com/github/ai-moderator ) | `1.1.2` | `1.1.4` |
| [step-security/harden-runner](https://github.com/step-security/harden-runner ) | `2.13.1` | `2.15.0` |
| [actions/setup-go](https://github.com/actions/setup-go ) | `6.0.0` | `6.3.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact ) | `4.6.2` | `7.0.0` |
| [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) | `6.4.0` | `7.0.0` |
| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) | `8.0.0` | `9.2.0` |
| [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) | `4.8.0` | `4.8.3` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) | `3.10.0` | `4.0.0` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action ) | `0.20.6` | `0.23.0` |
| [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch ) | `4.0.0` | `4.0.1` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.30.5` | `4.32.4` |
Updates `actions/checkout` from 5.0.0 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](08c6903cd8...de0fac2e45https://github.com/github/ai-moderator/releases )
- [Commits](6bcdb2a79c...81159c3707https://github.com/step-security/harden-runner/releases )
- [Commits](f4a75cfd61...a90bcbc653https://github.com/actions/setup-go/releases )
- [Commits](4469467582...4b73464bb3https://github.com/actions/upload-artifact/releases )
- [Commits](ea165f8d65...bbbca2ddaahttps://github.com/goreleaser/goreleaser-action/releases )
- [Commits](e435ccd777...ec59f474b9https://github.com/golangci/golangci-lint-action/releases )
- [Commits](4afd733a84...1e7e51e771https://github.com/actions/dependency-review-action/releases )
- [Commits](56339e523c...05fe457637https://github.com/sigstore/cosign-installer/releases )
- [Commits](d7543c93d8...faadad0ccehttps://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](f8bdd1d8ac...17ae174017https://github.com/peter-evans/repository-dispatch/releases )
- [Commits](5fc4efd1a4...28959ce8dfhttps://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3599b3baa1...89a39a4e59
2026-03-04 21:29:44 -07:00
dependabot[bot]
5d20adc7a9
build(deps): bump github.com/smallstep/certificates ( #7535 )
...
Bumps the all-updates group with 1 update: [github.com/smallstep/certificates](https://github.com/smallstep/certificates ).
Updates `github.com/smallstep/certificates` from 0.30.0-rc2.0.20260211214201-20608299c29c to 0.30.0-rc3
- [Release notes](https://github.com/smallstep/certificates/releases )
- [Changelog](https://github.com/smallstep/certificates/blob/master/CHANGELOG.md )
- [Commits](https://github.com/smallstep/certificates/commits/v0.30.0-rc3 )
---
updated-dependencies:
- dependency-name: github.com/smallstep/certificates
dependency-version: 0.30.0-rc3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all-updates
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-04 21:26:18 -07:00
Francis Lavoie
6e5e08cf58
Wire up Cause for most context cancels ( #7538 )
2026-03-04 17:14:52 -07:00
Matthew Holt
fbfb8fc517
rewrite: Force recomputing path when escaped path matches rewrite target
...
Thank you for the report by @MaherAzzouzi, and the suggested fix!
2026-03-04 16:18:33 -07:00
Matt Holt
e06dfcf6ed
Update SECURITY.md
...
Simplify what versions are supported, clarify our policy for unreleased code (or beta code), and expand our AI policy to require a disclosure in ALL cases, even if AI is not used. As well as an invitation to share in some chocolate milk with us if you're human.
2026-03-04 16:16:24 -07:00
Oleh Konko | semantic verification for trust infra | LLM-augmented operations pipeline (precision-first, claim≤evidence, submit-human) | verify the payload, not the signer
566e710991
fileserver: document hide case-sensitivity (F-CADDY-FILESERVER-HIDE-CASE-001) ( #7548 )
2026-03-04 17:00:10 -05:00
Tom Paulus
a5e7c6e232
reverseproxy: prevent body close on dial-error retries ( #7547 )
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 2m58s
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m42s
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m33s
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m27s
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m23s
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m33s
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m29s
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m24s
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m25s
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m30s
Lint / govulncheck (push) Successful in 1m50s
Lint / dependency-review (push) Failing after 1m27s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 5m36s
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
2026-03-04 15:17:02 -05:00
Francis Lavoie
db2986028f
reverseproxy: Track dynamic upstreams, enable passive healthchecking ( #7539 )
...
* reverseproxy: Track dynamic upstreams, enable passive healthchecking
* Add tests for dynamic upstream tracking, admin endpoint, health checks
2026-03-04 15:05:26 -05:00
Sam.An
7e83775e3a
Merge commit from fork
...
Only apply repl.ReplaceAll() on values from literal variable names
(e.g. map outputs), not on values resolved from placeholder keys
(e.g. {http.request.header.*}). The placeholder path already resolves
the value via repl.Get(), so a second expansion allows user-controlled
input containing {env.*} or {file.*} to be evaluated, leaking
environment variables and file contents.
Add regression test to verify placeholder-sourced values are not
re-expanded.
2026-03-04 09:08:39 -07:00
