Commit Graph

10740 Commits

Author SHA1 Message Date
dependabot[bot] 043f8544a3
Bump pyinstaller from 6.4.0 to 6.5.0 (#6775)
Bumps [pyinstaller](https://github.com/pyinstaller/pyinstaller) from 6.4.0 to 6.5.0.
- [Release notes](https://github.com/pyinstaller/pyinstaller/releases)
- [Changelog](https://github.com/pyinstaller/pyinstaller/blob/develop/doc/CHANGES.rst)
- [Commits](https://github.com/pyinstaller/pyinstaller/compare/v6.4.0...v6.5.0)

---
updated-dependencies:
- dependency-name: pyinstaller
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 23:01:45 +00:00
dependabot[bot] a4b3600bfd
Update protobuf requirement from <5,>=3.14 to >=3.14,<6 (#6774)
Updates the requirements on [protobuf](https://github.com/protocolbuffers/protobuf) to permit the latest version.
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl)
- [Commits](https://github.com/protocolbuffers/protobuf/compare/v3.14.0...v5.26.1)

---
updated-dependencies:
- dependency-name: protobuf
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 22:59:21 +00:00
dependabot[bot] 2cc04d84a4
Update asgiref requirement from <3.8,>=3.2.10 to >=3.2.10,<3.9 (#6776)
Updates the requirements on [asgiref](https://github.com/django/asgiref) to permit the latest version.
- [Changelog](https://github.com/django/asgiref/blob/main/CHANGELOG.txt)
- [Commits](https://github.com/django/asgiref/compare/3.2.10...3.8.1)

---
updated-dependencies:
- dependency-name: asgiref
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 22:57:41 +00:00
dependabot[bot] 70e1c723dc
Update pytest-timeout requirement from <2.3,>=1.3.3 to >=1.3.3,<2.4 (#6772)
Updates the requirements on [pytest-timeout](https://github.com/pytest-dev/pytest-timeout) to permit the latest version.
- [Commits](https://github.com/pytest-dev/pytest-timeout/compare/1.3.3...2.3.1)

---
updated-dependencies:
- dependency-name: pytest-timeout
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 22:52:20 +00:00
dependabot[bot] f4eff7e09e
Update wheel requirement from <0.43,>=0.36.2 to >=0.36.2,<0.44 (#6773)
Updates the requirements on [wheel](https://github.com/pypa/wheel) to permit the latest version.
- [Release notes](https://github.com/pypa/wheel/releases)
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](https://github.com/pypa/wheel/compare/0.36.2...0.43.0)

---
updated-dependencies:
- dependency-name: wheel
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 22:52:14 +00:00
dependabot[bot] 6ecec4b893
Update pyopenssl requirement from <24.1,>=22.1 to >=22.1,<24.2 (#6771)
Updates the requirements on [pyopenssl](https://github.com/pyca/pyopenssl) to permit the latest version.
- [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/pyopenssl/compare/22.1.0...24.1.0)

---
updated-dependencies:
- dependency-name: pyopenssl
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-02 00:52:07 +02:00
dependabot[bot] 8ca88037c8
Bump the github-actions group with 2 updates (#6770)
Bumps the github-actions group with 2 updates: [install-pinned/ruff](https://github.com/install-pinned/ruff) and [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action).


Updates `install-pinned/ruff` from 38b373a3a8635c2be31d92314e816a491fda910a to 8e23c2ad6e5fef4f7451bbdbc1ad068881096aeb
- [Release notes](https://github.com/install-pinned/ruff/releases)
- [Commits](38b373a3a8...8e23c2ad6e)

Updates `docker/setup-buildx-action` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](0d103c3126...2b51285047)

---
updated-dependencies:
- dependency-name: install-pinned/ruff
  dependency-type: direct:production
  dependency-group: github-actions
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-02 00:46:59 +02:00
Gaurav Jain 16a28bcd1f
Add primitive websocket interception and modification (#6766)
* Add primitive websocket interception and modification

* Update CHANGELOG.md

* Fix UI tab renaming on interception

* [autofix.ci] apply automated fixes

* Improve code readability

* [autofix.ci] apply automated fixes

* Improve code readability

* [autofix.ci] apply automated fixes

* Improve code readability

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-04-02 00:46:30 +02:00
Matteo Luppi e834259215
Feature/button-to-close-flow-details-view (#6734)
* button to close flow details section + test

* [autofix.ci] apply automated fixes

* update changelog

* remove useless imports

* change span to button

* update snapshots

* move the close button to the left

* change color to gray

* add icon instead of text

* update tests

* review changes

* remove useless stuff

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-03-25 20:07:46 +01:00
Maximilian Hils d4200a7c0d
Fix async `client_connected` handlers crashing mitmproxy (#6749)
* ensure that `Start` is always the first event

fix #6745

* simplify proxy handler

this commit should not do any functional changes

* [autofix.ci] apply automated fixes

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-03-20 22:13:28 +00:00
Maximilian Hils bc3367cce6
UX: redirect windows transparent users to WireGuard and local redirec… (#6748) 2024-03-20 22:11:38 +00:00
Maximilian Hils ce0827c7a5
fixup CHANGELOG.md 2024-03-20 23:10:04 +01:00
Jeremy Lainé 0d68e193b1
Update aioquic dependency to >= 1.0.0, < 2.0.0 (fixes: #6746) (#6747)
#### Description

This fixes some specification compliance issues as well as a potential
DoS vulnerability.

Start with version 1.0.0, aioquic follows semantic versioning, so no
breaking changes will occur before version 2.0.0.

#### Checklist

 - [x] I have updated tests where applicable.
 - [x] I have added an entry to the CHANGELOG.
2024-03-20 21:31:03 +01:00
jaywor1 a26013908a
enable stdin reading for mitmweb (#6732)
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2024-03-11 21:41:44 +00:00
Matteo Luppi f0dea82e8b
web: add comments (#6709)
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-03-11 15:55:19 +01:00
Alessandro Surace 1a489f6a8c
docs: how to create the proper CA (#5370)
Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-03-11 10:10:06 +00:00
pengqiseven a8603cac0d
fix some typos (#6728) 2024-03-11 08:19:36 +01:00
Daniel López Guimaraes ee5aac0a12
Fix Multipart content view parsing (#6653)
#### Description

On get_message_content_view, the content type wasn't including the
boundary, and was only setting the MIME type. This made the multipart
content view unusable, as the boundary was required on parsing. To fix
the issue, we assign the full content type instead.

This wasn't triggered by any previous tests because they would test
against the multipart parser directly, and not the generic parser.

#### Checklist

 - [X] I have updated tests where applicable.
 - [x] I have added an entry to the CHANGELOG.

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-03-08 22:33:02 +01:00
Daniel López Guimaraes 7930759962
Update error check on test_load_script (#6726)
#### Description

This allows the "nonexistent" file error check to pass on systems that
don't use English as their primary language. With this, all mitmproxy
tests can pass on non-English machines.

Fixes #6723

#### Checklist

 - [X] I have updated tests where applicable.
 - [ ] I have added an entry to the CHANGELOG.
2024-03-08 22:30:17 +01:00
mitmproxy release bot 6156cbc0b1 reopen main for development 2024-03-07 20:55:22 +00:00
mitmproxy release bot 13f42105fd mitmproxy 10.2.4 2024-03-07 20:55:22 +00:00
Maximilian Hils 0f7f0d0534
fix display of error messages on early shutdown (#6719)
fix #6707
fix #6716
2024-03-07 20:41:26 +00:00
Maximilian Hils 9acf06427a
Use `_utc` APIs from cryptography, fix #6717 (#6718) 2024-03-07 17:00:51 +01:00
Daniel Karandikar b4f49d0186
Update io-write-flow-file.py example with option (#6464)
#### Description

Update example addon as described in
https://github.com/mitmproxy/mitmproxy/issues/6445

#### Checklist

 - [x] I have updated tests where applicable.

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-03-06 21:18:43 +00:00
mitmproxy release bot 330244cabd reopen main for development 2024-03-06 20:58:54 +00:00
mitmproxy release bot 49c9074b46 mitmproxy 10.2.3 2024-03-06 20:58:54 +00:00
Matteo Luppi a128672ec7
Fix Bug view options menu (#6697)
#### Description

This PR fixes bug described here : #4448 

I set a max-height property and a scroll in case of overflow on the
y-axis.

#### Checklist

 - [x] I have updated tests where applicable.
 - [x] I have added an entry to the CHANGELOG.

---------

Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-03-06 21:55:26 +01:00
dependabot[bot] a91989b7ba
Bump the github-actions group with 3 updates (#6701)
Bumps the github-actions group with 3 updates:
[install-pinned/ruff](https://github.com/install-pinned/ruff),
[apple-actions/import-codesign-certs](https://github.com/apple-actions/import-codesign-certs)
and
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action).

Updates `install-pinned/ruff` from
fe472defb50a6a2c00ea3a3982534e86e69991e8 to
38b373a3a8635c2be31d92314e816a491fda910a
<details>
<summary>Commits</summary>
<ul>
<li><a
href="38b373a3a8"><code>38b373a</code></a>
update README.md (ruff 0.3.0)</li>
<li><a
href="06af3ea1c3"><code>06af3ea</code></a>
update pins (ruff 0.3.0)</li>
<li><a
href="be1c354876"><code>be1c354</code></a>
update README.md (ruff 0.2.2)</li>
<li><a
href="c9779bbd5b"><code>c9779bb</code></a>
update pins (ruff 0.2.2)</li>
<li><a
href="48831a86ce"><code>48831a8</code></a>
update README.md (ruff 0.2.1)</li>
<li><a
href="6775b5f352"><code>6775b5f</code></a>
update pins (ruff 0.2.1)</li>
<li><a
href="bc12a64c2f"><code>bc12a64</code></a>
update README.md (ruff 0.2.0)</li>
<li><a
href="3b8cceff45"><code>3b8ccef</code></a>
update pins (ruff 0.2.0)</li>
<li>See full diff in <a
href="fe472defb5...38b373a3a8">compare
view</a></li>
</ul>
</details>
<br />

Updates `apple-actions/import-codesign-certs` from
5565bb656f60c98c8fc515f3444dd8db73545dc2 to
493007ed063995cf2d4fbca064704150548f8bb5
<details>
<summary>Commits</summary>
<ul>
<li><a
href="493007ed06"><code>493007e</code></a>
Merge pull request <a
href="https://redirect.github.com/apple-actions/import-codesign-certs/issues/62">#62</a>
from himself65/patch-1</li>
<li><a
href="2e5aa07267"><code>2e5aa07</code></a>
Update README.md</li>
<li>See full diff in <a
href="5565bb656f...493007ed06">compare
view</a></li>
</ul>
</details>
<br />

Updates `docker/setup-buildx-action` from 3.0.0 to 3.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.0</h2>
<ul>
<li><code>cache-binary</code> input to enable/disable caching binary to
GHA cache backend by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/300">docker/setup-buildx-action#300</a></li>
<li>build(deps): bump <code>@​babel/traverse</code> from 7.17.3 to
7.23.2 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/282">docker/setup-buildx-action#282</a></li>
<li>build(deps): bump <code>@​docker/actions-toolkit</code> from 0.12.0
to 0.17.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/281">docker/setup-buildx-action#281</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/284">docker/setup-buildx-action#284</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/299">docker/setup-buildx-action#299</a></li>
<li>build(deps): bump uuid from 9.0.0 to 9.0.1 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/271">docker/setup-buildx-action#271</a></li>
<li>build(deps): bump undici from 5.26.3 to 5.28.3 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/297">docker/setup-buildx-action#297</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0">https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0d103c3126"><code>0d103c3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/300">#300</a>
from crazy-max/cache-binary</li>
<li><a
href="f19477aacd"><code>f19477a</code></a>
chore: update generated content</li>
<li><a
href="a4180f835d"><code>a4180f8</code></a>
cache-binary input to enable/disable caching binary to GHA cache
backend</li>
<li><a
href="524315340d"><code>5243153</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/299">#299</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="3679a54023"><code>3679a54</code></a>
chore: update generated content</li>
<li><a
href="37a22a2fb2"><code>37a22a2</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.14.0 to
0.17.0</li>
<li><a
href="65afe610a1"><code>65afe61</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/297">#297</a>
from docker/dependabot/npm_and_yarn/undici-5.28.3</li>
<li><a
href="fcb8f722fd"><code>fcb8f72</code></a>
chore: update generated content</li>
<li><a
href="f62b9a17c0"><code>f62b9a1</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/298">#298</a>
from crazy-max/bump-gha</li>
<li><a
href="74c5b717e5"><code>74c5b71</code></a>
bump codecov/codecov-action from 3 to 4</li>
<li>Additional commits viewable in <a
href="f95db51fdd...0d103c3126">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-03-06 21:54:11 +01:00
Denis Stanishevsky 766b5451b7
Allow --allow-hosts and --ignore-hosts to work together (#6711)
#### Description

The mutual exclusivity of the allow-hosts and ignore-hosts parameters
looks like an unnecessary obstacle and does not make much sense.

It is very convenient to use a proxy only for the domain of your
service, but at the same time ignore some subdomains, especially when
they serve some kind of CDNs with a large amount of data.

Although this filtering could be implemented using regexp with negative
lookahead, but it complicates configuration and is not as clear as
conjuction of allow and deny filters.

#### Checklist

 - [x] I have updated tests where applicable.
 - [x] I have added an entry to the CHANGELOG.

---------

Co-authored-by: Denis Stanishevskiy <>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-03-06 21:29:08 +01:00
dependabot[bot] 3b58bae455
Bump pyinstaller from 6.3.0 to 6.4.0 (#6702)
Bumps [pyinstaller](https://github.com/pyinstaller/pyinstaller) from
6.3.0 to 6.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pyinstaller/pyinstaller/releases">pyinstaller's
releases</a>.</em></p>
<blockquote>
<h2>v6.4.0</h2>
<p>Please see the <a
href="https://pyinstaller.org/en/v6.4.0/CHANGES.html#id1">v6.4.0 section
of the changelog</a> for a list of the changes since v6.3.0.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyinstaller/pyinstaller/blob/develop/doc/CHANGES.rst">pyinstaller's
changelog</a>.</em></p>
<blockquote>
<h2>6.4.0 (2024-02-10)</h2>
<p>Features</p>
<pre><code>
* (Linux) Collect ``.hmac`` files accompanying shared libraries, if such
files
are available. This allows frozen application to run on FIPS-enabled Red
Hat
Enterprise systems, where HMAC is required by self-check implemented by
the
  OpenSSL crypto library. Furthermore, ensure that shared libraries with
accompanying ``.hmac`` files are exempted from any additional processing
(for
example, when building with :option:`--strip` option) to avoid
invalidating
  the HMAC. (:issue:`8273`)
* (Windows) Make bootloader codepaths involved in creation of temporary
directories for ``onefile`` builds AppContainer-aware. If the process
runs
inside an AppContainer, the temporary directory's DACL needs to
explicitly
include the AppContainerSID, otherwise the directory becomes
inaccessible to
  the process. (:issue:`8291`)
* (Windows) Make Windows implementation of PyInstaller's
  ``_pyi_rth_utils.tempdir.secure_mkdir`` (used by ``matplotlib`` and
  ``win32com`` run-time hooks to create temporary directories)
AppContainer-aware. If the process runs inside an AppContainer, the
temporary
directory's DACL needs to explicitly include the AppContainerSID,
otherwise
  the directory becomes inaccessible to the process. (:issue:`8290`)
* Implement strict Qt dependency validation for collection of Qt plugins
and QML
components/plugins. We now perform preliminary binary dependency
analysis of
the plugins, and automatically exclude plugins that have at least one
missing
Qt dependency. This prevents collection of plugins that cannot be used
anyway
because of a missing Qt shared library (that is, for example, omitted
from a
PyPI wheel). Furthermore, we disallow Qt dependencies of a plugin to be
resolved outside of the primary location of Qt shared libraries, in
order to
prevent missing dependencies from pulling in Qt libraries from
alternative
locations that happen to be in the search path (for example, when using
``PyQt5`` PyPI wheels while also having a system-installed Qt5 on Linux,
a
Homebrew-installed Qt5 on macOS, or a custom Windows Qt5 build that
happens to
  be in ``PATH``). (:issue:`8226`)
<p>Bugfix</p>
<pre><code>
* (Linux) Prevent collection of ``libcuda.so.1``, which is part of
NVIDIA
  driver and must match the rest of the driver's components. Collecting
  a copy might lead to issues when build and target system use different
  versions of NVIDIA driver. (:issue:`8278`)
* (macOS) When validating the macOS SDK version of collected binaries,
  handle errors raised by ``osxutils.get_macos_sdk_version``; log a
  warning about failed version query, and add the offending binary to
  the list of potentially problematic binaries to warn the user about.
  (:issue:`8220`)
&amp;lt;/tr&amp;gt;&amp;lt;/table&amp;gt; 
&lt;/code&gt;&lt;/pre&gt;
&lt;/blockquote&gt;
&lt;p&gt;... (truncated)&lt;/p&gt;
&lt;/details&gt;
&lt;details&gt;
&lt;summary&gt;Commits&lt;/summary&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a
href=&quot;90256f93ed&quot;&gt;&lt;code&gt;90256f9&lt;/code&gt;&lt;/a&gt;
Release v6.4.0. [skip ci]&lt;/li&gt;
&lt;li&gt;&lt;a
href=&quot;4aabd10778&quot;&gt;&lt;code&gt;4aabd10&lt;/code&gt;&lt;/a&gt;
bootloader: update bundled zlib to 1.3.1&lt;/li&gt;
&lt;li&gt;&lt;a
href=&quot;1516019dd1&quot;&gt;&lt;code&gt;1516019&lt;/code&gt;&lt;/a&gt;
bootloader: make creation of temporary directories
AppContainer-aware&lt;/li&gt;
&lt;li&gt;&lt;a
href=&quot;14a68ab536&quot;&gt;&lt;code&gt;14a68ab&lt;/code&gt;&lt;/a&gt;
bootloader: refactor pyi_win32_mkdir&lt;/li&gt;
&lt;li&gt;&lt;a
href=&quot;08e2ee5bcc&quot;&gt;&lt;code&gt;08e2ee5&lt;/code&gt;&lt;/a&gt;
building: process_collected_binary: warn on strip/upx
failures&lt;/li&gt;
&lt;li&gt;&lt;a
href=&quot;890460069b&quot;&gt;&lt;code&gt;8904600&lt;/code&gt;&lt;/a&gt;
building: avoid applying upx/strip to linux binaries with .hmac
files&lt;/li&gt;
&lt;li&gt;&lt;a
href=&quot;473abda771&quot;&gt;&lt;code&gt;473abda&lt;/code&gt;&lt;/a&gt;
building: refactor process_collected_binary&lt;/li&gt;
&lt;li&gt;&lt;a
href=&quot;4f7ec5b849&quot;&gt;&lt;code&gt;4f7ec5b&lt;/code&gt;&lt;/a&gt;
building: process_collected_binaries: remove check for .manifest
file&lt;/li&gt;
&lt;li&gt;&lt;a
href=&quot;3a6c742a35&quot;&gt;&lt;code&gt;3a6c742&lt;/code&gt;&lt;/a&gt;
building: utils: switch bincache hashes from md5 to sha1&lt;/li&gt;
&lt;li&gt;&lt;a
href=&quot;7caa3adbd2&quot;&gt;&lt;code&gt;7caa3ad&lt;/code&gt;&lt;/a&gt;
building: collect .hmac files for linux shared libraries&lt;/li&gt;
&lt;li&gt;Additional commits viewable in &lt;a
href=&quot;https://github.com/pyinstaller/pyinstaller/compare/v6.3.0...v6.4.0&quot;&gt;compare
view&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;/details&gt;

&lt;br /&gt;
</code></pre>


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyinstaller&package-manager=pip&previous-version=6.3.0&new-version=6.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-05 14:52:35 +01:00
Matteo Luppi 590eef0d44
fix docs (#6696)
#### Description

close #6682 

#### Checklist

 - [ ] I have updated tests where applicable.
 - [ ] I have added an entry to the CHANGELOG.
2024-02-28 23:04:45 +01:00
Gaurav Jain b63a600f84
Allow runtime modifications of HTTP flow filters for server replays (#6695)
#### Description
Fixes #4506
`mitmproxy` during server-replay mode, calculates the hashes of flows
from input files based on user defined filters and uses them to compare
against hashes of incoming requests to serve the corresponding stored
response by matching the hash. However, during runtime, if the user
changes any of the filters, `mitmproxy` fails to recalculate the hashes
of input flows and hence doesn't return the intended response. This PR
fixes this issue by recomputing the hashes for every flow whenever a
filter(option) used for computing hashes is changed.

#### Checklist

 - [x] I have updated tests where applicable.
 - [x] I have added an entry to the CHANGELOG.

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2024-02-28 18:57:06 +00:00
Gaurav Jain 92c556afbe
Add `content_view_lines_cutoff` option to mitmdump (#6692)
#### Description

Fixes #4476 
This PR adds the already existing `content_view_lines_cutoff` option to
`mitmdump` to filter the number of content lines shown when
`flow_detail` option is set to `3`. By default this option's value is
set to `512`

Updated tests that check for `cutoff` in responses that cross `512`
lines(with the default value set)
Added tests to ensure that custom values for `content_view_lines_cutoff`
works as intended

#### Verification
1. run `mitmdump --set flow_detail=3 --set content_view_lines_cutoff=3`
2. run `curl --proxy http:/127.0.0.1:8080 "https://google.com/"`

#### Before
<details>
<summary>Output</summary>

```
[15:00:41.441] HTTP(S) proxy listening at *:8080.
[15:00:53.236][127.0.0.1:38826] client connect
[15:00:53.520][127.0.0.1:38826] server connect google.com:443 (142.250.183.238:443)
127.0.0.1:38826: GET https://google.com/ HTTP/2.0
    user-agent: curl/8.5.0
    accept: */*

 << HTTP/2.0 301 Moved Permanently 220b
    location: https://www.google.com/
    content-type: text/html; charset=UTF-8
    content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-7rNdfc7B14cr_4JZskk3AQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
    date: Tue, 27 Feb 2024 09:31:02 GMT
    expires: Thu, 28 Mar 2024 09:31:02 GMT
    cache-control: public, max-age=2592000
    server: gws
    content-length: 220
    x-xss-protection: 0
    x-frame-options: SAMEORIGIN
    alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

    <HTML>
    <HEAD>
      <meta http-equiv="content-type" content="text/html;charset=utf-8">
      <TITLE>301 Moved</TITLE>
    </HEAD>
    <BODY>
      <H1>301 Moved</H1>
      The document has moved
      <A HREF="https://www.google.com/">here</A>
      .
    </BODY>
    </HTML>

[15:00:53.897][127.0.0.1:38826] client disconnect
[15:00:53.897][127.0.0.1:38826] server disconnect google.com:443 (142.250.183.238:443)
```
</details>

Content is not truncated within `3` lines

#### After

<details>
<summary>Output</summary>

```
[14:55:26.042] HTTP(S) proxy listening at *:8080.
[14:55:33.630][127.0.0.1:40554] client connect
[14:55:33.775][127.0.0.1:40554] server connect google.com:443 (142.250.182.142:443)
127.0.0.1:40554: GET https://google.com/ HTTP/2.0
    user-agent: curl/8.5.0
    accept: */*

 << HTTP/2.0 301 Moved Permanently 220b
    location: https://www.google.com/
    content-type: text/html; charset=UTF-8
    content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-LCd_ThPYwSImYoighASUFQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
    date: Tue, 27 Feb 2024 09:25:42 GMT
    expires: Thu, 28 Mar 2024 09:25:42 GMT
    cache-control: public, max-age=2592000
    server: gws
    content-length: 220
    x-xss-protection: 0
    x-frame-options: SAMEORIGIN
    alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

    <HTML>
    <HEAD>
      <meta http-equiv="content-type" content="text/html;charset=utf-8">
    (cut off)

[14:55:34.021][127.0.0.1:40554] client disconnect
[14:55:34.022][127.0.0.1:40554] server disconnect google.com:443 (142.250.182.142:443)
```
</details>

Content is truncated within `3` lines

#### Checklist

 - [x] I have updated tests where applicable.
 - [x] I have added an entry to the CHANGELOG.

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-02-27 12:50:25 +01:00
Matteo Luppi 240a286b2a
Fix bug scripts in Mitmweb (#6668)
#### Description

This PR should fix issue: #6002 

#### Checklist

 - [x] I have updated tests where applicable.
 - [ ] I have added an entry to the CHANGELOG.

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-02-20 09:59:35 +01:00
Mike Anselmi 3ba4b65ecd
Fix ca_file containing multiple CAs (#6666)
#### Description

Unfortunately 0b5e310881 broke mitmproxy's
ability to issue leaf certificates if `ca_file` contains multiple CAs.
This PR restores that capability.

The issue lies in `mitmproxy/certs.py` - specifically, in the
`from_files` method of the `CertStore` class. Before
0b5e310881, the issuing CA was identified
like this:

``` python
raw = ca_file.read_bytes()
key = load_pem_private_key(raw, passphrase)
…
certs = re.split(rb"(?=-----BEGIN CERTIFICATE-----)", raw)
ca = Cert.from_pem(certs[1])
```

This worked even when `ca_file` contained multiple CAs. For example,
consider this example:

```
-----BEGIN PRIVATE KEY-----
REDACTED
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICmTCCAfqgAwIBAgIRAIqaBJ6aU5wXT+5JAn8Uj1IwCgYIKoZIzj0EAwQwMDEu
MCwGA1UEAxMlbWFuc2VsbWkgSW50ZXJtZWRpYXRlIENBICgyMDIzLTA0LTExKTAe
Fw0yNDAyMTQxNzEzMDBaFw0yNDAyMTUxNzE0MDBaMB8xHTAbBgNVBAMTFG1pdG1w
cm94eSBJc3N1aW5nIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEeKTLpy6KeiWN
89S9UJoTM9w6HyrEiVByf/ie2wUX3vR/3nHVMTi5XZQD6/8h3A9yUWwtRtVDj55D
STbPKjN6G8t/Qh1dGz2vanNjmWNlceM3DOIlT30vmR5+GrUOwj+7o4HoMIHlMA4G
A1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwEgYD
VR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUkf9kgx5DbP0B66Ir6oLUDV/CIU4w
HwYDVR0jBBgwFoAUqBYQLb8rkIidwq5dYuiDFdKhY48wYAYMKwYBBAGCpGTGKEAB
BFAwTgIBAQQcbWlrZUBtYW5zZWxtaS5jb206aXNzdWluZy1jYQQrYmZhODBJaGMz
VXNUcU0yQlp6ZG1rYW1OLW1XNGtpWTJrM1g5X19kd3Q0bzAKBggqhkjOPQQDBAOB
jAAwgYgCQgF/QLZ0cThJKeoeIk4dY4+Z2MdIey7kvvy1jwlWrsOqOY+UXUWHXRlj
oXZN92imAKqgLU5T859MMqWrjA1LjN7w6QJCAY+2xN7ovry3WSMqwnu86NuPL8vh
fjftZeIW5GWuLzOsEFt7SfWMhkmFc/jcFpZ/qlolPhvr6E170zNhHUSMKvjb
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICcjCCAdSgAwIBAgIQeK+VyMjx85py1kqGdjn5nTAKBggqhkjOPQQDBDAoMSYw
JAYDVQQDEx1tYW5zZWxtaSBSb290IENBICgyMDIzLTA0LTExKTAeFw0yMzA0MTEw
MjIzMzdaFw0yODA0MDkwMjIzMzdaMDAxLjAsBgNVBAMTJW1hbnNlbG1pIEludGVy
bWVkaWF0ZSBDQSAoMjAyMy0wNC0xMSkwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYA
BADhbjtnME8IDpBab8MogM0HchH0V9B8Qx7nRXK+tbGyyHlgLjIBYF/erJGBP0md
RMAxU5x/nPlHPODRBkJhB0wbcwGC9zjQQyxfhG75806QzkaZSsC0kFZ9d3JG4fjn
uenY1S2VZ5qE0gDc8Qmfyjcx7KqxQKwS9RwtG1ymAmWgvmGIJ6OBlDCBkTAOBgNV
HQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBATAdBgNVHQ4EFgQUqBYQLb8r
kIidwq5dYuiDFdKhY48wHwYDVR0jBBgwFoAU6+JptrrPiOuWZyKvwg0EJz5TkW8w
KwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2NhLm1hbnNlbG1pLmNvbS9jcmwwCgYI
KoZIzj0EAwQDgYsAMIGHAkEw/A2kiL4Kt9/8PND89vlXEehqeymFgats62a3UMU2
g3zATES/WI2E1IgqIsmB6ILRgWMslzpH+NGP+JJkFCz9cwJCAJaRlnOc3xafHZta
0Xwr5YUVAAfmVOj9a2XAsNlNuMy2t8cmeeGmQjrZwCuivlzLOp19Ge3Mi0dnzeV+
5L2rBOCL
-----END CERTIFICATE-----
```

`certs` would have three elements: the private key, the issuing CA and
the intermediate CA. As a result, `ca = Cert.from_pem(certs[1])` would
select the first CA (the issuing CA).

From 0b5e310881 onward, we instead have

``` python
raw = ca_file.read_bytes()
key = load_pem_private_key(raw, passphrase)
…
certs = x509.load_pem_x509_certificates(raw)
ca = Cert(certs[-1])
```

Now, `certs` would have only two elements: the issuing CA and the
intermediate CA. (`x509.load_pem_x509_certificates` discards the private
key.) As a result, `ca = Cert(certs[-1])` must instead be `ca =
Cert(certs[0])`, otherwise the `ca` and `key` won't correspond to each
other and we'll eventually see an error like this when mitmproxy tries
to generate a leaf certificate:

```
Addon error: [('x509 certificate routines', '', 'key values mismatch')]
Traceback (most recent call last):
  File "/Users/manselmi/repos/mitmproxy/mitmproxy/addons/tlsconfig.py", line 208, in tls_start_client
    tls_start.ssl_conn.use_privatekey(
  File "/Users/manselmi/virtualenv/mitmproxy-py312/lib/python3.12/site-packages/OpenSSL/SSL.py", line 1949, in use_privatekey
    self._context._raise_passphrase_exception()
  File "/Users/manselmi/virtualenv/mitmproxy-py312/lib/python3.12/site-packages/OpenSSL/SSL.py", line 1123, in _raise_passphrase_exception
    _raise_current_error()
  File "/Users/manselmi/virtualenv/mitmproxy-py312/lib/python3.12/site-packages/OpenSSL/_util.py", line 57, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.SSL.Error: [('x509 certificate routines', '', 'key values mismatch')]
```
2024-02-16 19:37:24 +00:00
Maximilian Hils fbc373bc9d
Make tests pass on older OpenSSL (#6665)
This re-adds some log messages adjusted in
2a82674fdc. We shouldn't fail tests for
this.

refs https://github.com/pyca/cryptography/pull/10391
2024-02-15 21:49:19 +00:00
basedBaba 1f2e1a254a
fix: generate wireguard config with correct endpoint when using two or more active nics (#6659)
#### Description

Fix issue #6656

This generates a wireguard config with the correct endpoint when using
two or more active NICs.
 
#### Checklist

 - [x] I have updated tests where applicable.
 - [x] I have added an entry to the CHANGELOG.

---------

Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2024-02-14 09:39:29 +00:00
Herman Ho 2a82674fdc
Fix error message in OpenSSL >=3.2.0 (#6658)
Fix the test cases for OpenSSL v3

Ref:

81b741f689
4030869d24
2024-02-13 16:28:00 +01:00
Sujal Singh d317304268
Remove duplicate answers in DNS queries (#6648)
#### Description

Fixes #6647 by assuming all DNS queries are made over UDP, will need to
be reworked when TCP support is added.

#### Checklist

 - [x] I have updated tests where applicable.
 - [x] I have added an entry to the CHANGELOG.
2024-02-13 10:58:34 +01:00
Ha Anh Vu 1a02ebb89f
Fix `Couldn't parse: falling back to Raw` for empty JSON array (#6619)
#### Description

fix #6603 

#### Checklist

 - [x] I have updated tests where applicable.
 - [ ] I have added an entry to the CHANGELOG.

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2024-02-05 11:11:03 +01:00
dependabot[bot] 6c7089f7a3
Bump the github-actions group with 2 updates (#6638)
Bumps the github-actions group with 2 updates:
[install-pinned/ruff](https://github.com/install-pinned/ruff) and
[actions/cache](https://github.com/actions/cache).

Updates `install-pinned/ruff` from
4ec70113ad8b512f13948b8d9855ac59675535d2 to
fe472defb50a6a2c00ea3a3982534e86e69991e8
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fe472defb5"><code>fe472de</code></a>
update README.md (ruff 0.1.15)</li>
<li><a
href="cf75457aa5"><code>cf75457</code></a>
update pins (ruff 0.1.15)</li>
<li><a
href="a5367eab93"><code>a5367ea</code></a>
update README.md (ruff 0.1.14)</li>
<li><a
href="38ee0f469b"><code>38ee0f4</code></a>
update pins (ruff 0.1.14)</li>
<li><a
href="a8e213b6a6"><code>a8e213b</code></a>
update README.md (ruff 0.1.13)</li>
<li><a
href="21180b34ff"><code>21180b3</code></a>
update pins (ruff 0.1.13)</li>
<li><a
href="58b3f74640"><code>58b3f74</code></a>
update README.md (ruff 0.1.12)</li>
<li><a
href="4234903912"><code>4234903</code></a>
update pins (ruff 0.1.12)</li>
<li><a
href="8c12fc8021"><code>8c12fc8</code></a>
update README.md (ruff 0.1.11)</li>
<li><a
href="dbde05329b"><code>dbde053</code></a>
update pins (ruff 0.1.11)</li>
<li>See full diff in <a
href="4ec70113ad...fe472defb5">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/cache` from 3 to 4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update action to node20 by <a
href="https://github.com/takost"><code>@​takost</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li>feat: save-always flag by <a
href="https://github.com/to-s"><code>@​to-s</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/takost"><code>@​takost</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li><a href="https://github.com/to-s"><code>@​to-s</code></a> made their
first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v4.0.0">https://github.com/actions/cache/compare/v3...v4.0.0</a></p>
<h2>v3.3.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Cache v3.3.3 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1302">actions/cache#1302</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/robherley"><code>@​robherley</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1302">actions/cache#1302</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.3.3">https://github.com/actions/cache/compare/v3...v3.3.3</a></p>
<h2>v3.3.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fixed readme with new segment timeout values by <a
href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1133">actions/cache#1133</a></li>
<li>Readme fixes by <a
href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1134">actions/cache#1134</a></li>
<li>Updated description of the lookup-only input for main action by <a
href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1130">actions/cache#1130</a></li>
<li>Change two new actions mention as quoted text by <a
href="https://github.com/bishal-pdMSFT"><code>@​bishal-pdMSFT</code></a>
in <a
href="https://redirect.github.com/actions/cache/pull/1131">actions/cache#1131</a></li>
<li>Update Cross-OS Caching tips by <a
href="https://github.com/pdotl"><code>@​pdotl</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1122">actions/cache#1122</a></li>
<li>Bazel example (Take <a
href="https://redirect.github.com/actions/cache/issues/2">#2</a>️⃣) by
<a href="https://github.com/vorburger"><code>@​vorburger</code></a> in
<a
href="https://redirect.github.com/actions/cache/pull/1132">actions/cache#1132</a></li>
<li>Remove actions to add new PRs and issues to a project board by <a
href="https://github.com/jorendorff"><code>@​jorendorff</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1187">actions/cache#1187</a></li>
<li>Consume latest toolkit and fix dangling promise bug by <a
href="https://github.com/chkimes"><code>@​chkimes</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1217">actions/cache#1217</a></li>
<li>Bump action version to 3.3.2 by <a
href="https://github.com/bethanyj28"><code>@​bethanyj28</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1236">actions/cache#1236</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/vorburger"><code>@​vorburger</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1132">actions/cache#1132</a></li>
<li><a
href="https://github.com/jorendorff"><code>@​jorendorff</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1187">actions/cache#1187</a></li>
<li><a href="https://github.com/chkimes"><code>@​chkimes</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1217">actions/cache#1217</a></li>
<li><a
href="https://github.com/bethanyj28"><code>@​bethanyj28</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1236">actions/cache#1236</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.3.2">https://github.com/actions/cache/compare/v3...v3.3.2</a></p>
<h2>v3.3.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Reduced download segment size to 128 MB and timeout to 10 minutes by
<a href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1129">actions/cache#1129</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.3.1">https://github.com/actions/cache/compare/v3...v3.3.1</a></p>
<h2>v3.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bug: Permission is missing in cache delete example by <a
href="https://github.com/kotokaze"><code>@​kotokaze</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1123">actions/cache#1123</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>3.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
16</li>
</ul>
<h3>3.0.1</h3>
<ul>
<li>Added support for caching from GHES 3.5.</li>
<li>Fixed download issue for files &gt; 2GB during restore.</li>
</ul>
<h3>3.0.2</h3>
<ul>
<li>Added support for dynamic cache size cap on GHES.</li>
</ul>
<h3>3.0.3</h3>
<ul>
<li>Fixed avoiding empty cache save when no files are available for
caching. (<a
href="https://redirect.github.com/actions/cache/issues/624">issue</a>)</li>
</ul>
<h3>3.0.4</h3>
<ul>
<li>Fixed tar creation error while trying to create tar with path as
<code>~/</code> home folder on <code>ubuntu-latest</code>. (<a
href="https://redirect.github.com/actions/cache/issues/689">issue</a>)</li>
</ul>
<h3>3.0.5</h3>
<ul>
<li>Removed error handling by consuming actions/cache 3.0 toolkit, Now
cache server error handling will be done by toolkit. (<a
href="https://redirect.github.com/actions/cache/pull/834">PR</a>)</li>
</ul>
<h3>3.0.6</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/809">#809</a> -
zstd -d: no such file or directory error</li>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/833">#833</a> -
cache doesn't work with github workspace directory</li>
</ul>
<h3>3.0.7</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/810">#810</a> -
download stuck issue. A new timeout is introduced in the download
process to abort the download if it gets stuck and doesn't finish within
an hour.</li>
</ul>
<h3>3.0.8</h3>
<ul>
<li>Fix zstd not working for windows on gnu tar in issues <a
href="https://redirect.github.com/actions/cache/issues/888">#888</a> and
<a
href="https://redirect.github.com/actions/cache/issues/891">#891</a>.</li>
<li>Allowing users to provide a custom timeout as input for aborting
download of a cache segment using an environment variable
<code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li>
</ul>
<h3>3.0.9</h3>
<ul>
<li>Enhanced the warning message for cache unavailablity in case of
GHES.</li>
</ul>
<h3>3.0.10</h3>
<ul>
<li>Fix a bug with sorting inputs.</li>
<li>Update definition for restore-keys in README.md</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="13aacd865c"><code>13aacd8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1242">#1242</a>
from to-s/main</li>
<li><a
href="53b35c5439"><code>53b35c5</code></a>
Merge branch 'main' into main</li>
<li><a
href="65b8989fab"><code>65b8989</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1284">#1284</a>
from takost/update-to-node-20</li>
<li><a
href="d0be34d544"><code>d0be34d</code></a>
Fix dist</li>
<li><a
href="66cf064d47"><code>66cf064</code></a>
Merge branch 'main' into update-to-node-20</li>
<li><a
href="1326563738"><code>1326563</code></a>
Merge branch 'main' into main</li>
<li><a
href="e71876755e"><code>e718767</code></a>
Fix format</li>
<li><a
href="01229828ff"><code>0122982</code></a>
Apply workaround for earlyExit</li>
<li><a
href="3185ecfd61"><code>3185ecf</code></a>
Update &quot;only-&quot; actions to node20</li>
<li><a
href="25618a0a67"><code>25618a0</code></a>
Bump version</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/cache/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 22:43:05 +00:00
dependabot[bot] e6dc1a9abe
Update cryptography requirement from <41.1,>=39.0 to >=39.0,<42.1 (#6636)
Updates the requirements on
[cryptography](https://github.com/pyca/cryptography) to permit the
latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's
changelog</a>.</em></p>
<blockquote>
<p>42.0.2 - 2024-01-30</p>
<pre><code>
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.2.1.
* Fixed an issue that prevented the use of Python buffer protocol
objects in
  ``sign`` and ``verify`` methods on asymmetric keys.
* Fixed an issue with incorrect keyword-argument naming with
``EllipticCurvePrivateKey``

:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.exchange`,
  ``X25519PrivateKey``

:meth:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PrivateKey.exchange`,
  ``X448PrivateKey``

:meth:`~cryptography.hazmat.primitives.asymmetric.x448.X448PrivateKey.exchange`,
  and ``DHPrivateKey``

:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey.exchange`.
<p>.. _v42-0-1:</p>
<p>42.0.1 - 2024-01-24
</code></pre></p>
<ul>
<li>Fixed an issue with incorrect keyword-argument naming with
<code>EllipticCurvePrivateKey</code>

:meth:<code>~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign</code>.</li>
<li>Resolved compatibility issue with loading certain RSA public keys in

:func:<code>~cryptography.hazmat.primitives.serialization.load_pem_public_key</code>.</li>
</ul>
<p>.. _v42-0-0:</p>
<p>42.0.0 - 2024-01-22</p>
<pre><code>
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL &lt; 3.7.
* **BACKWARDS INCOMPATIBLE:** Loading a PKCS7 with no content field
using

:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates`
  or

:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates`
  will now raise a ``ValueError`` rather than return an empty list.
* Parsing SSH certificates no longer permits malformed critical options
with
  values, as documented in the 41.0.2 release notes.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.2.0.
* Updated the minimum supported Rust version (MSRV) to 1.63.0, from
1.56.0.
* We now publish both ``py37`` and ``py39`` ``abi3`` wheels. This should
resolve some errors relating to initializing a module multiple times per
  process.
* Support
:class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS` for
X.509 certificate signing requests and certificate revocation lists with
the
  keyword-only argument ``rsa_padding`` on the ``sign`` methods for
  :class:`~cryptography.x509.CertificateSigningRequestBuilder` and
  :class:`~cryptography.x509.CertificateRevocationListBuilder`.
* Added support for obtaining X.509 certificate signing request
signature
  algorithm parameters (including PSS) via
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2202123b50"><code>2202123</code></a>
changelog and version bump 42.0.2 (<a
href="https://redirect.github.com/pyca/cryptography/issues/10268">#10268</a>)</li>
<li><a
href="f7032bdd40"><code>f7032bd</code></a>
bump openssl in CI (<a
href="https://redirect.github.com/pyca/cryptography/issues/10298">#10298</a>)
(<a
href="https://redirect.github.com/pyca/cryptography/issues/10299">#10299</a>)</li>
<li><a
href="002e886f16"><code>002e886</code></a>
Fixes <a
href="https://redirect.github.com/pyca/cryptography/issues/10294">#10294</a>
-- correct accidental change to exchange kwarg (<a
href="https://redirect.github.com/pyca/cryptography/issues/10295">#10295</a>)
(<a
href="https://redirect.github.com/pyca/cryptography/issues/10296">#10296</a>)</li>
<li><a
href="92fa9f2f60"><code>92fa9f2</code></a>
support bytes-like consistently across our asym sign/verify APIs (<a
href="https://redirect.github.com/pyca/cryptography/issues/10260">#10260</a>)
(<a
href="https://redirect.github.com/pyca/cryptography/issues/1">#1</a>...</li>
<li><a
href="6478f7e28b"><code>6478f7e</code></a>
explicitly support bytes-like for signature/data in RSA sign/verify (<a
href="https://redirect.github.com/pyca/cryptography/issues/10259">#10259</a>)
...</li>
<li><a
href="4bb8596ae0"><code>4bb8596</code></a>
fix the release script (<a
href="https://redirect.github.com/pyca/cryptography/issues/10233">#10233</a>)
(<a
href="https://redirect.github.com/pyca/cryptography/issues/10254">#10254</a>)</li>
<li><a
href="337437dc2e"><code>337437d</code></a>
42.0.1 bump (<a
href="https://redirect.github.com/pyca/cryptography/issues/10252">#10252</a>)</li>
<li><a
href="56255de6b2"><code>56255de</code></a>
allow SPKI RSA keys to be parsed even if they have an incorrect
delimiter (<a
href="https://redirect.github.com/pyca/cryptography/issues/1">#1</a>...</li>
<li><a
href="12f038b38a"><code>12f038b</code></a>
fixes <a
href="https://redirect.github.com/pyca/cryptography/issues/10237">#10237</a>
-- correct EC sign parameter name (<a
href="https://redirect.github.com/pyca/cryptography/issues/10239">#10239</a>)
(<a
href="https://redirect.github.com/pyca/cryptography/issues/10240">#10240</a>)</li>
<li><a
href="4e64baf360"><code>4e64baf</code></a>
42.0.0 version bump (<a
href="https://redirect.github.com/pyca/cryptography/issues/10232">#10232</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pyca/cryptography/compare/39.0.0...42.0.2">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 23:22:24 +01:00
dependabot[bot] 8ad77e8e8c
Update pytest requirement from <8,>=6.1.0 to >=6.1.0,<9 (#6637)
Updates the requirements on
[pytest](https://github.com/pytest-dev/pytest) to permit the latest
version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/pytest/releases">pytest's
releases</a>.</em></p>
<blockquote>
<h2>pytest 8.0.0 (2024-01-27)</h2>
<p>See <a
href="https://github.com/pytest-dev/pytest/releases/tag/8.0.0rc1">8.0.0rc1</a>
and <a
href="https://github.com/pytest-dev/pytest/releases/tag/8.0.0rc2">8.0.0rc2</a>
for the full changes since pytest 7.4!</p>
<h2>Bug Fixes</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/11842">#11842</a>:
Properly escape the <code>reason</code> of a <code>skip
&lt;pytest.mark.skip ref&gt;</code>{.interpreted-text
role=&quot;ref&quot;} mark when writing JUnit XML files.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/11861">#11861</a>:
Avoid microsecond exceeds <code>1_000_000</code> when using
<code>log-date-format</code> with <code>%f</code> specifier, which might
cause the test suite to crash.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="478f8233bc"><code>478f823</code></a>
Prepare release version 8.0.0</li>
<li><a
href="608590097a"><code>6085900</code></a>
[8.0.x] fix: avoid rounding microsecond to <code>1_000_000</code> (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/11863">#11863</a>)</li>
<li><a
href="3b41c65c81"><code>3b41c65</code></a>
[8.0.x] Escape skip reason in junitxml (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/11845">#11845</a>)</li>
<li><a
href="747072ad26"><code>747072a</code></a>
[8.0.x] Update docstring of scripts/generate-gh-release-notes.py (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/11768">#11768</a>)</li>
<li><a
href="011a475baf"><code>011a475</code></a>
Properly attach packages to the GH release notes (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/11839">#11839</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/11840">#11840</a>)</li>
<li><a
href="97960bdd14"><code>97960bd</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/11835">#11835</a>
from pytest-dev/release-8.0.0rc2</li>
<li><a
href="6be0a3cbf7"><code>6be0a3c</code></a>
Prepare release version 8.0.0rc2</li>
<li><a
href="44ffe07165"><code>44ffe07</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/11837">#11837</a>
from pytest-dev/backport-11836-to-8.0.x</li>
<li><a
href="14ecb04973"><code>14ecb04</code></a>
[8.0.x] testing: temporarily disable test due to hypothesis issue</li>
<li><a
href="41c8dabee3"><code>41c8dab</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/11831">#11831</a>
from bluetech/backport-11825-to-8.0.x</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/pytest/compare/6.1.0...8.0.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 23:21:58 +01:00
Maximilian Hils 6bd19a77e2
build macOS arm64 binaries (#6633) 2024-01-31 23:20:19 +00:00
Maximilian Hils 6afa7081e8
fix CHANGELOG 2024-01-31 23:44:02 +01:00
basedBaba ec96b98f7f
fix: save failed connect request urls to har files correctly (#6599) 2024-01-31 23:37:39 +01:00
Maximilian Hils c49c38e4c8
remove leftover command line switch
rawtcp is enabled by default nowadays
2024-01-29 08:35:37 +01:00
dq b389f63cef
Micro-fix to arrange items in the right order. (#6616)
#### Description

Minor correction that does not change test case result however passes
params in the intended order.
2024-01-24 15:36:52 +01:00
dq 865e1138da
fix IPv6 matches against the full host:port string (#6614) 2024-01-23 20:29:24 +00:00
mitmproxy release bot b89de7346f reopen main for development 2024-01-21 17:09:27 +00:00