-
Notifications
You must be signed in to change notification settings - Fork 988
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
prepare CHANGELOG for v1.9.0 #1137
Conversation
CHANGELOG.md
Outdated
release. When set to false, `local_cidr` is matched correctly for firewall | ||
rules on hosts acting as unsafe routers, and should be set for any firewall | ||
rules you want to allow unsafe route hosts to access. See the issue and | ||
example config for more details. (#1071, #1099) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are we pretty sure we'll switch the flag in the next release (v1.10.0)? Clarifying might be nice, to give people a heads up to test the new default sooner rather than later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah lets do that
CHANGELOG.md
Outdated
|
||
- Config setting `tun.unsafe_routes` is now reloadable. (#1083) | ||
|
||
- Allow `::` in `lighthouse.dns.host`. (#1115) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or "Fixed" since it was already allowed for listen
and arguably [::]
is not a host (but rather an IPv6 host component of an IP:port combo) but I think I am only nitpicking.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah I debated this! I think moving to Fixed is probably correct.
Co-authored-by: John Maguire <john@defined.net>
WIP
https://github.com/slackhq/nebula/pulls?q=is%3Apr+milestone%3Av1.9.0+is%3Aclosed+-label%3Adependencies
minor text fixes #1135
release: use download-action v4 in docker section #1134
Remove Arch nebula.service file #1132
Remove Vagrant example #1129
Remove Fedora nebula.service file #1128
Fix errant capitalisation in DNS TXT response #1127
Don't log invalid certificates #1116
Allow
::
in lighthouse.dns.host config #1115Remove tcp rtt tracking from the firewall #1114
avoid deadlock in lighthouse queryWorker #1112
chore: fix function name in comment #1111
Add suggested filenames for collected profiles in the ssh commands #1109
switch off deprecated elliptic.Marshal #1108
Fix "any" firewall rules for unsafe_routes #1099
Add support for SSH CAs #1098
Unsafe route reload #1083
local_cidr
moved to always be evaluated #1071Return full error context from ContextualError.Error() #1069
Add Vagrant based smoke tests #1067
Add link to logs guide in bug report template #1065
Support inlined sshd host key #1054
Support reloading
preferred_ranges
#1043Push Docker images as part of the release workflow #1037
Add support for LoongArch64 #1003
update to go1.22 #981
Set NXDOMAIN if there's no Answer to return #845
Fix UDP listener on IPv4-only Linux #787
Create service script for open-rc #711