diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index ab3f5cce..1a733062 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,7 +1,7 @@
'name': 'build'
'env':
- 'GO_VERSION': '1.23.4'
+ 'GO_VERSION': '1.23.5'
'NODE_VERSION': '16'
'on':
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index d0fb2647..735a3882 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -1,7 +1,7 @@
'name': 'lint'
'env':
- 'GO_VERSION': '1.23.4'
+ 'GO_VERSION': '1.23.5'
'on':
'push':
diff --git a/.markdownlint.json b/.markdownlint.json
new file mode 100644
index 00000000..445ee063
--- /dev/null
+++ b/.markdownlint.json
@@ -0,0 +1,25 @@
+{
+ "ul-indent": {
+ "indent": 4
+ },
+ "ul-style": {
+ "style": "dash"
+ },
+ "emphasis-style": {
+ "style": "asterisk"
+ },
+ "no-duplicate-heading": {
+ "siblings_only": true
+ },
+ "no-inline-html": {
+ "allowed_elements": [
+ "a"
+ ]
+ },
+ "no-trailing-spaces": {
+ "br_spaces": 0
+ },
+ "line-length": false,
+ "no-bare-urls": false,
+ "link-fragments": false
+}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index a681f01e..b5b422e5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,69 +2,84 @@
All notable changes to this project will be documented in this file.
-The format is based on
-[*Keep a Changelog*](https://keepachangelog.com/en/1.0.0/),
-and this project adheres to
-[Semantic Versioning](https://semver.org/spec/v2.0.0.html).
-
-
-
-
+The format is based on [*Keep a Changelog*](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
+
+
+## [v0.107.56] - 2025-01-21
+
+See also the [v0.107.56 GitHub milestone][ms-v0.107.56].
+
+### Security
+
+- Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in [1.23.5][go-1.23.5].
+
+### Added
+
+- The new HTTP API `POST /clients/search` that finds clients by their IP addresses, CIDRs, MAC addresses, or ClientIDs. See `openapi/openapi.yaml` for the full description.
+
+### Deprecated
+
+- The `GET /clients/find` HTTP API is deprecated. Use the new `POST /clients/search` API.
+
+### Fixed
+
+- Request count link in the clients table ([#7513]).
+
+- The formatting of large numbers on the dashboard ([#7329]).
+
+[#7513]: https://github.com/AdguardTeam/AdGuardHome/issues/7513
+[#7329]: https://github.com/AdguardTeam/AdGuardHome/issues/7329
+
+[go-1.23.5]: https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI
+[ms-v0.107.56]: https://github.com/AdguardTeam/AdGuardHome/milestone/91?closed=1
+
## [v0.107.55] - 2024-12-11
See also the [v0.107.55 GitHub milestone][ms-v0.107.55].
### Security
-- The permission check and migration on Windows has been fixed to use the
- Windows security model more accurately ([#7400]).
-- Go version has been updated to prevent the possibility of exploiting the Go
- vulnerabilities fixed in [1.23.4][go-1.23.4].
+- The permission check and migration on Windows has been fixed to use the Windows security model more accurately ([#7400]).
+
+- Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in [1.23.4][go-1.23.4].
+
- The Windows executables are now signed.
### Added
-- The `--no-permcheck` command-line option to disable checking and migration of
- permissions for the security-sensitive files and directories, which caused
- issues on Windows ([#7400]).
+- The `--no-permcheck` command-line option to disable checking and migration of permissions for the security-sensitive files and directories, which caused issues on Windows ([#7400]).
### Fixed
- Setup guide styles in Firefox.
-- Goroutine leak during the upstream DNS server test ([#7357]).
-- Goroutine leak during configuration update resulting in increased response
- time ([#6818]).
-[#6818]: https://github.com/AdguardTeam/AdGuardHome/issues/6818
+- Goroutine leak during the upstream DNS server test ([#7357]).
+
+- Goroutine leak during configuration update resulting in increased response time ([#6818]).
+
[#7357]: https://github.com/AdguardTeam/AdGuardHome/issues/7357
[#7400]: https://github.com/AdguardTeam/AdGuardHome/issues/7400
[go-1.23.4]: https://groups.google.com/g/golang-announce/c/3DyiMkYx4Fo
[ms-v0.107.55]: https://github.com/AdguardTeam/AdGuardHome/milestone/90?closed=1
-
-
-
-
## [v0.107.54] - 2024-11-06
See also the [v0.107.54 GitHub milestone][ms-v0.107.54].
@@ -80,9 +95,10 @@ See also the [v0.107.54 GitHub milestone][ms-v0.107.54].
### Fixed
- Repetitive statistics log messages ([#7338]).
+
- Custom client cache ([#7250]).
-- Missing runtime clients with information from the system hosts file on first
- AdGuard Home start ([#7315]).
+
+- Missing runtime clients with information from the system hosts file on first AdGuard Home start ([#7315]).
[#6818]: https://github.com/AdguardTeam/AdGuardHome/issues/6818
[#7250]: https://github.com/AdguardTeam/AdGuardHome/issues/7250
@@ -92,73 +108,61 @@ See also the [v0.107.54 GitHub milestone][ms-v0.107.54].
[ms-v0.107.54]: https://github.com/AdguardTeam/AdGuardHome/milestone/89?closed=1
-
-
## [v0.107.53] - 2024-10-03
See also the [v0.107.53 GitHub milestone][ms-v0.107.53].
### Security
-- Previous versions of AdGuard Home allowed users to add any system file it had
- access to as filters, exposing them to be world-readable. To prevent this,
- AdGuard Home now allows adding filtering-rule list files only from files
- matching the patterns enumerated in the `filtering.safe_fs_patterns` property
- in the configuration file.
+- Previous versions of AdGuard Home allowed users to add any system file it had access to as filters, exposing them to be world-readable. To prevent this, AdGuard Home now allows adding filtering-rule list files only from files matching the patterns enumerated in the `filtering.safe_fs_patterns` property in the configuration file.
- We thank @itz-d0dgy for reporting this vulnerability, designated
- CVE-2024-36814, to us.
-- Additionally, AdGuard Home will now try to change the permissions of its files
- and directories to more restrictive ones to prevent similar vulnerabilities
- as well as limit the access to the configuration.
+ We thank @itz-d0dgy for reporting this vulnerability, designated CVE-2024-36814, to us.
- We thank @go-compile for reporting this vulnerability, designated
- CVE-2024-36586, to us.
-- Go version has been updated to prevent the possibility of exploiting the Go
- vulnerabilities fixed in [1.23.2][go-1.23.2].
+- Additionally, AdGuard Home will now try to change the permissions of its files and directories to more restrictive ones to prevent similar vulnerabilities as well as limit the access to the configuration.
+
+ We thank @go-compile for reporting this vulnerability, designated CVE-2024-36586, to us.
+
+- Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in [1.23.2][go-1.23.2].
### Added
- Support for 64-bit RISC-V architecture ([#5704]).
+
- Ecosia search engine is now supported in safe search ([#5009]).
### Changed
-- Upstream server URL domain names requirements has been relaxed and now follow
- the same rules as their domain specifications.
+- Upstream server URL domain names requirements has been relaxed and now follow the same rules as their domain specifications.
#### Configuration changes
In this release, the schema version has changed from 28 to 29.
-- The new array `filtering.safe_fs_patterns` contains glob patterns for paths of
- files that can be added as local filtering-rule lists. The migration should
- add list files that have already been added, as well as the default value,
- `$DATA_DIR/userfilters/*`.
+- The new array `filtering.safe_fs_patterns` contains glob patterns for paths of files that can be added as local filtering-rule lists. The migration should add list files that have already been added, as well as the default value, `$DATA_DIR/userfilters/*`.
### Fixed
-- Property `clients.runtime_sources.dhcp` in the configuration file not taking
- effect.
+- Property `clients.runtime_sources.dhcp` in the configuration file not taking effect.
+
- Stale Google safe search domains list ([#7155]).
+
- Bing safe search from Edge sidebar ([#7154]).
+
- Text overflow on the query log page ([#7119]).
### Known issues
-- Due to the complexity of the Windows permissions architecture and poor support
- from the standard Go library, we have to postpone the proper automated Windows
- fix until the next release.
+- Due to the complexity of the Windows permissions architecture and poor support from the standard Go library, we have to postpone the proper automated Windows fix until the next release.
- **Temporary workaround:** Set the permissions of the `AdGuardHome` directory
- to more restrictive ones manually. To do that:
+ **Temporary workaround:** Set the permissions of the `AdGuardHome` directory to more restrictive ones manually. To do that:
- 1. Locate the `AdGuardHome` directory.
- 2. Right-click on it and navigate to *Properties → Security → Advanced.*
- 3. (You might need to disable permission inheritance to make them more
- restricted.)
- 4. Adjust to give the `Full control` access to only the user which runs
- AdGuard Home. Typically, `Administrator`.
+ 1. Locate the `AdGuardHome` directory.
+
+ 2. Right-click on it and navigate to *Properties → Security → Advanced.*
+
+ 3. (You might need to disable permission inheritance to make them more restricted.)
+
+ 4. Adjust to give the `Full control` access to only the user which runs AdGuard Home. Typically, `Administrator`.
[#5009]: https://github.com/AdguardTeam/AdGuardHome/issues/5009
[#5704]: https://github.com/AdguardTeam/AdGuardHome/issues/5704
@@ -169,39 +173,32 @@ In this release, the schema version has changed from 28 to 29.
[go-1.23.2]: https://groups.google.com/g/golang-announce/c/NKEc8VT7Fz0
[ms-v0.107.53]: https://github.com/AdguardTeam/AdGuardHome/milestone/88?closed=1
-
-
## [v0.107.52] - 2024-07-04
See also the [v0.107.52 GitHub milestone][ms-v0.107.52].
### Security
-- Go version has been updated to prevent the possibility of exploiting the Go
- vulnerabilities fixed in [Go 1.22.5][go-1.22.5].
+- Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in [Go 1.22.5][go-1.22.5].
### Added
-- The ability to disable logging using the new `log.enabled` configuration
- property ([#7079]).
+- The ability to disable logging using the new `log.enabled` configuration property ([#7079]).
### Changed
- Frontend rewritten in TypeScript.
-- The `systemd`-based service now uses `journal` for logging by default. It
- also doesn't create the `/var/log/` directory anymore ([#7053]).
- **NOTE:** With an installed service for changes to take effect, you need to
- reinstall the service using `-r` flag of the [install script][install-script]
- or via the CLI (with root privileges):
+- The `systemd`-based service now uses `journal` for logging by default. It also doesn’t create the `/var/log/` directory anymore ([#7053]).
- ```sh
- ./AdGuardHome -s uninstall
- ./AdGuardHome -s install
- ```
+ **NOTE:** With an installed service for changes to take effect, you need to reinstall the service using `-r` flag of the [install script][install-script] or via the CLI (with root privileges):
- Don't forget to backup your configuration file and other important data before
- reinstalling the service.
+ ```sh
+ ./AdGuardHome -s uninstall
+ ./AdGuardHome -s install
+ ```
+
+ Don’t forget to backup your configuration file and other important data before reinstalling the service.
### Deprecated
@@ -209,10 +206,9 @@ See also the [v0.107.52 GitHub milestone][ms-v0.107.52].
### Fixed
-- Panic caused by missing user-specific blocked services object in configuration
- file ([#7069]).
-- Tracking `/etc/hosts` file changes causing panics within particular
- filesystems on start ([#7076]).
+- Panic caused by missing user-specific blocked services object in configuration file ([#7069]).
+
+- Tracking `/etc/hosts` file changes causing panics within particular filesystems on start ([#7076]).
[#7053]: https://github.com/AdguardTeam/AdGuardHome/issues/7053
[#7069]: https://github.com/AdguardTeam/AdGuardHome/issues/7069
@@ -224,53 +220,42 @@ See also the [v0.107.52 GitHub milestone][ms-v0.107.52].
[ms-v0.107.52]: https://github.com/AdguardTeam/AdGuardHome/milestone/87?closed=1
-
-
## [v0.107.51] - 2024-06-06
See also the [v0.107.51 GitHub milestone][ms-v0.107.51].
### Security
-- Go version has been updated to prevent the possibility of exploiting the Go
- vulnerabilities fixed in [Go 1.22.4][go-1.22.4].
+- Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in [Go 1.22.4][go-1.22.4].
### Changed
-- The HTTP server's write timeout has been increased from 1 minute to 5 minutes
- to match the one used by AdGuard Home's HTTP client to fetch filtering-list
- data ([#7041]).
+- The HTTP server’s write timeout has been increased from 1 minute to 5 minutes to match the one used by AdGuard Home’s HTTP client to fetch filtering-list data ([#7041]).
[#7041]: https://github.com/AdguardTeam/AdGuardHome/issues/7041
[go-1.22.4]: https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/
[ms-v0.107.51]: https://github.com/AdguardTeam/AdGuardHome/milestone/86?closed=1
-
-
## [v0.107.50] - 2024-05-23
See also the [v0.107.50 GitHub milestone][ms-v0.107.50].
### Fixed
-- Broken private reverse DNS upstream servers validation causing update failures
- ([#7013]).
+- Broken private reverse DNS upstream servers validation causing update failures ([#7013]).
[#7013]: https://github.com/AdguardTeam/AdGuardHome/issues/7013
[ms-v0.107.50]: https://github.com/AdguardTeam/AdGuardHome/milestone/85?closed=1
-
-
## [v0.107.49] - 2024-05-21
See also the [v0.107.49 GitHub milestone][ms-v0.107.49].
### Security
-- Go version has been updated to prevent the possibility of exploiting the Go
- vulnerabilities fixed in [Go 1.22.3][go-1.22.3].
+- Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in [Go 1.22.3][go-1.22.3].
### Added
@@ -279,35 +264,34 @@ See also the [v0.107.49 GitHub milestone][ms-v0.107.49].
### Changed
- Private rDNS resolution now also affects `SOA` and `NS` requests ([#6882]).
+
- Rewrite rules mechanics were changed due to improved resolving in safe search.
### Deprecated
-- Currently, AdGuard Home skips persistent clients that have duplicate fields
- when reading them from the configuration file. This behaviour is deprecated
- and will cause errors on startup in a future release.
+- Currently, AdGuard Home skips persistent clients that have duplicate fields when reading them from the configuration file. This behaviour is deprecated and will cause errors on startup in a future release.
### Fixed
-- Acceptance of duplicate UIDs for persistent clients at startup. See also the
- section on client settings on the [Wiki page][wiki-config].
-- Domain specifications for top-level domains not considered for requests to
- unqualified domains ([#6744]).
-- Support for link-local subnets, i.e. `fe80::/16`, as client identifiers
- ([#6312]).
-- Issues with QUIC and HTTP/3 upstreams on older Linux kernel versions
- ([#6422]).
+- Acceptance of duplicate UIDs for persistent clients at startup. See also the section on client settings on the [Wiki page][wiki-config].
+
+- Domain specifications for top-level domains not considered for requests to unqualified domains ([#6744]).
+
+- Support for link-local subnets, i.e. `fe80::/16`, as client identifiers ([#6312]).
+
+- Issues with QUIC and HTTP/3 upstreams on older Linux kernel versions ([#6422]).
+
- YouTube restricted mode is not enforced by HTTPS queries on Firefox.
-- Support for link-local subnets, i.e. `fe80::/16`, in the access settings
- ([#6192]).
-- The ability to apply an invalid configuration for private rDNS, which led to
- server not starting.
+
+- Support for link-local subnets, i.e. `fe80::/16`, in the access settings ([#6192]).
+
+- The ability to apply an invalid configuration for private rDNS, which led to server not starting.
+
- Ignoring query log for clients with ClientID set ([#5812]).
-- Subdomains of `in-addr.arpa` and `ip6.arpa` containing zero-length prefix
- incorrectly considered invalid when specified for private rDNS upstream
- servers ([#6854]).
-- Unspecified IP addresses aren't checked when using "Fastest IP address" mode
- ([#6875]).
+
+- Subdomains of `in-addr.arpa` and `ip6.arpa` containing zero-length prefix incorrectly considered invalid when specified for private rDNS upstream servers ([#6854]).
+
+- Unspecified IP addresses aren’t checked when using "Fastest IP address" mode ([#6875]).
[#5345]: https://github.com/AdguardTeam/AdGuardHome/issues/5345
[#5812]: https://github.com/AdguardTeam/AdGuardHome/issues/5812
@@ -322,8 +306,6 @@ See also the [v0.107.49 GitHub milestone][ms-v0.107.49].
[go-1.22.3]: https://groups.google.com/g/golang-announce/c/wkkO4P9stm0
[ms-v0.107.49]: https://github.com/AdguardTeam/AdGuardHome/milestone/84?closed=1
-
-
## [v0.107.48] - 2024-04-05
See also the [v0.107.48 GitHub milestone][ms-v0.107.48].
@@ -336,36 +318,33 @@ See also the [v0.107.48 GitHub milestone][ms-v0.107.48].
[ms-v0.107.48]: https://github.com/AdguardTeam/AdGuardHome/milestone/83?closed=1
-
-
## [v0.107.47] - 2024-04-04
See also the [v0.107.47 GitHub milestone][ms-v0.107.47].
### Security
-- Go version has been updated to prevent the possibility of exploiting the Go
- vulnerabilities fixed in [Go 1.22.2][go-1.22.2].
+- Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in [Go 1.22.2][go-1.22.2].
### Changed
- Time Zone Database is now embedded in the binary ([#6758]).
-- Failed authentication attempts show the originating IP address in the logs, if
- the request came from a trusted proxy ([#5829]).
+
+- Failed authentication attempts show the originating IP address in the logs, if the request came from a trusted proxy ([#5829]).
### Deprecated
- Go 1.22 support. Future versions will require at least Go 1.23 to build.
-- Currently, AdGuard Home uses a best-effort algorithm to fix invalid IDs of
- filtering-rule lists on startup. This feature is deprecated, and invalid IDs
- will cause errors on startup in a future version.
+
+- Currently, AdGuard Home uses a best-effort algorithm to fix invalid IDs of filtering-rule lists on startup. This feature is deprecated, and invalid IDs will cause errors on startup in a future version.
+
- Node.JS 16. Future versions will require at least Node.JS 18 to build.
### Fixed
- Resetting DNS upstream mode when applying unrelated settings ([#6851]).
-- Symbolic links to the configuration file begin replaced by a copy of the real
- file upon startup on FreeBSD ([#6717]).
+
+- Symbolic links to the configuration file begin replaced by a copy of the real file upon startup on FreeBSD ([#6717]).
### Removed
@@ -379,33 +358,29 @@ See also the [v0.107.47 GitHub milestone][ms-v0.107.47].
[go-1.22.2]: https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M/
[ms-v0.107.47]: https://github.com/AdguardTeam/AdGuardHome/milestone/82?closed=1
-
-
## [v0.107.46] - 2024-03-20
See also the [v0.107.46 GitHub milestone][ms-v0.107.46].
### Added
-- Ability to disable the use of system hosts file information for query
- resolution ([#6610]).
-- Ability to define custom directories for storage of query log files and
- statistics ([#5992]).
+- Ability to disable the use of system hosts file information for query resolution ([#6610]).
+
+- Ability to define custom directories for storage of query log files and statistics ([#5992]).
### Changed
-- Private rDNS resolution (`dns.use_private_ptr_resolvers` in YAML
- configuration) now requires a valid "Private reverse DNS servers", when
- enabled ([#6820]).
+- Private rDNS resolution (`dns.use_private_ptr_resolvers` in YAML configuration) now requires a valid "Private reverse DNS servers", when enabled ([#6820]).
- **NOTE:** Disabling private rDNS resolution behaves effectively the same as if
- no private reverse DNS servers provided by user and by the OS.
+ **NOTE:** Disabling private rDNS resolution behaves effectively the same as if no private reverse DNS servers provided by user and by the OS.
### Fixed
- Statistics for 7 days displayed by day on the dashboard graph ([#6712]).
+
- Missing "served from cache" label on long DNS server strings ([#6740]).
-- Incorrect tracking of the system hosts file's changes ([#6711]).
+
+- Incorrect tracking of the system hosts file’s changes ([#6711]).
[#5992]: https://github.com/AdguardTeam/AdGuardHome/issues/5992
[#6610]: https://github.com/AdguardTeam/AdGuardHome/issues/6610
@@ -416,39 +391,32 @@ See also the [v0.107.46 GitHub milestone][ms-v0.107.46].
[ms-v0.107.46]: https://github.com/AdguardTeam/AdGuardHome/milestone/81?closed=1
-
-
## [v0.107.45] - 2024-03-06
See also the [v0.107.45 GitHub milestone][ms-v0.107.45].
### Security
-- Go version has been updated to prevent the possibility of exploiting the Go
- vulnerabilities fixed in [Go 1.21.8][go-1.21.8].
+- Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in [Go 1.21.8][go-1.21.8].
### Added
-- Context menu item in the Query Log to add a Client to the Persistent client
- list ([#6679]).
+- Context menu item in the Query Log to add a Client to the Persistent client list ([#6679]).
### Changed
-- Starting with this release our scripts are using Go's [forward compatibility
- mechanism][go-toolchain] for updating the Go version.
+- Starting with this release our scripts are using Go’s [forward compatibility mechanism][go-toolchain] for updating the Go version.
- **Important note for porters:** This change means that if your `go` version
- is 1.21+ but is different from the one required by AdGuard Home, the `go` tool
- will automatically download the required version.
+ **Important note for porters:** This change means that if your `go` version is 1.21+ but is different from the one required by AdGuard Home, the `go` tool will automatically download the required version.
- If you want to use the version installed on your builder, run:
+ If you want to use the version installed on your builder, run:
- ```sh
- go get go@$YOUR_VERSION
- go mod tidy
- ```
+ ```sh
+ go get go@$YOUR_VERSION
+ go mod tidy
+ ```
- and call `make` with `GOTOOLCHAIN=local`.
+ and call `make` with `GOTOOLCHAIN=local`.
### Deprecated
@@ -456,9 +424,10 @@ See also the [v0.107.45 GitHub milestone][ms-v0.107.45].
### Fixed
-- Missing IP addresses in logs when querying for domain names from the ignore
- lists.
+- Missing IP addresses in logs when querying for domain names from the ignore lists.
+
- Blank page after resetting access clients ([#6634]).
+
- Wrong algorithm for caching bootstrapped upstream addresses ([#6723]).
### Removed
@@ -473,8 +442,6 @@ See also the [v0.107.45 GitHub milestone][ms-v0.107.45].
[go-toolchain]: https://go.dev/blog/toolchain
[ms-v0.107.45]: https://github.com/AdguardTeam/AdGuardHome/milestone/80?closed=1
-
-
## [v0.107.44] - 2024-02-06
See also the [v0.107.44 GitHub milestone][ms-v0.107.44].
@@ -482,66 +449,65 @@ See also the [v0.107.44 GitHub milestone][ms-v0.107.44].
### Added
- Timezones in the Etc/ area to the timezone list ([#6568]).
-- The schema version of the configuration file to the output of running
- `AdGuardHome` (or `AdGuardHome.exe`) with `-v --version` command-line options
- ([#6545]).
-- Ability to disable plain-DNS serving via UI if an encrypted protocol is
- already used ([#1660]).
+
+- The schema version of the configuration file to the output of running `AdGuardHome` (or `AdGuardHome.exe`) with `-v --version` command-line options ([#6545]).
+
+- Ability to disable plain-DNS serving via UI if an encrypted protocol is already used ([#1660]).
### Changed
-- The bootstrapped upstream addresses are now updated according to the TTL of
- the bootstrap DNS response ([#6321]).
+- The bootstrapped upstream addresses are now updated according to the TTL of the bootstrap DNS response ([#6321]).
+
- Logging level of timeout errors is now `error` instead of `debug` ([#6574]).
-- The field `"upstream_mode"` in `POST /control/dns_config` and
- `GET /control/dns_info` HTTP APIs now accepts `load_balance` value. Check
- `openapi/CHANGELOG.md` for more details.
+
+- The field `"upstream_mode"` in `POST /control/dns_config` and `GET /control/dns_info` HTTP APIs now accepts `load_balance` value. Check `openapi/CHANGELOG.md` for more details.
#### Configuration changes
In this release, the schema version has changed from 27 to 28.
-- The new property `clients.persistent.*.uid`, which is a unique identifier of
- the persistent client.
-- The properties `dns.all_servers` and `dns.fastest_addr` were removed, their
- values migrated to newly added field `dns.upstream_mode` that describes the
- logic through which upstreams will be used. See also a [Wiki
- page][wiki-config].
+- The new property `clients.persistent.*.uid`, which is a unique identifier of the persistent client.
- ```yaml
- # BEFORE:
- 'dns':
- # …
- 'all_servers': true
- 'fastest_addr': true
+- The properties `dns.all_servers` and `dns.fastest_addr` were removed, their values migrated to newly added field `dns.upstream_mode` that describes the logic through which upstreams will be used. See also a [Wiki page][wiki-config].
- # AFTER:
- 'dns':
- # …
- 'upstream_mode': 'parallel'
- ```
+ ```yaml
+ # BEFORE:
+ 'dns':
+ # …
+ 'all_servers': true
+ 'fastest_addr': true
- To rollback this change, remove the new field `upstream_mode`, set back
- `dns.all_servers` and `dns.fastest_addr` properties in `dns` section, and
- change the `schema_version` back to `27`.
+ # AFTER:
+ 'dns':
+ # …
+ 'upstream_mode': 'parallel'
+ ```
+
+ To rollback this change, remove the new field `upstream_mode`, set back `dns.all_servers` and `dns.fastest_addr` properties in `dns` section, and change the `schema_version` back to `27`.
### Fixed
-- “Invalid AddrPort” in the *Private reverse DNS servers* section on the
- *Settings → DNS settings* page.
+- “Invalid AddrPort” in the *Private reverse DNS servers* section on the *Settings → DNS settings* page.
+
- Panic on using `--no-etc-hosts` flag ([#6644]).
+
- Schedule display in the client settings after creating or updating.
+
- Zero value in `querylog.size_memory` disables logging ([#6570]).
+
- Non-anonymized IP addresses on the dashboard ([#6584]).
-- Maximum cache TTL requirement when editing minimum cache TTL in the Web UI
- ([#6409]).
+
+- Maximum cache TTL requirement when editing minimum cache TTL in the Web UI ([#6409]).
+
- Load balancing algorithm stuck on a single server ([#6480]).
+
- Statistics for 7 days displayed as 168 hours on the dashboard.
+
- Pre-filling the Edit static lease window with data ([#6534]).
-- Names defined in the `/etc/hosts` for a single address family wrongly
- considered undefined for another family ([#6541]).
-- Omitted CNAME records in safe search results, which can cause YouTube to not
- work on iOS ([#6352]).
+
+- Names defined in the `/etc/hosts` for a single address family wrongly considered undefined for another family ([#6541]).
+
+- Omitted CNAME records in safe search results, which can cause YouTube to not work on iOS ([#6352]).
[#6321]: https://github.com/AdguardTeam/AdGuardHome/issues/6321
[#6352]: https://github.com/AdguardTeam/AdGuardHome/issues/6352
@@ -559,55 +525,50 @@ In this release, the schema version has changed from 27 to 28.
[ms-v0.107.44]: https://github.com/AdguardTeam/AdGuardHome/milestone/79?closed=1
[wiki-config]: https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration
-
-
## [v0.107.43] - 2023-12-11
See also the [v0.107.43 GitHub milestone][ms-v0.107.43].
### Fixed
-- Incorrect handling of IPv4-in-IPv6 addresses when binding to an unspecified
- address on some machines ([#6510]).
+- Incorrect handling of IPv4-in-IPv6 addresses when binding to an unspecified address on some machines ([#6510]).
[#6510]: https://github.com/AdguardTeam/AdGuardHome/issues/6510
[ms-v0.107.43]: https://github.com/AdguardTeam/AdGuardHome/milestone/78?closed=1
-
-
## [v0.107.42] - 2023-12-07
See also the [v0.107.42 GitHub milestone][ms-v0.107.42].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2023-39326, CVE-2023-45283, and CVE-2023-45285 Go vulnerabilities fixed in
- [Go 1.20.12][go-1.20.12].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2023-39326, CVE-2023-45283, and CVE-2023-45285 Go vulnerabilities fixed in [Go 1.20.12][go-1.20.12].
### Added
-- Ability to set client's custom DNS cache ([#6263]).
-- Ability to disable plain-DNS serving through configuration file if an
- encrypted protocol is already enabled ([#1660]).
+- Ability to set client’s custom DNS cache ([#6263]).
+
+- Ability to disable plain-DNS serving through configuration file if an encrypted protocol is already enabled ([#1660]).
+
- Ability to specify rate limiting settings in the Web UI ([#6369]).
### Changed
#### Configuration changes
-- The new property `dns.serve_plain_dns` has been added to the configuration
- file ([#1660]).
+- The new property `dns.serve_plain_dns` has been added to the configuration file ([#1660]).
+
- The property `dns.bogus_nxdomain` is now validated more strictly.
-- Added new properties `clients.persistent.*.upstreams_cache_enabled` and
- `clients.persistent.*.upstreams_cache_size` that describe cache configuration
- for each client's custom upstream configuration.
+
+- Added new properties `clients.persistent.*.upstreams_cache_enabled` and `clients.persistent.*.upstreams_cache_size` that describe cache configuration for each client’s custom upstream configuration.
### Fixed
- `ipset` entries family validation ([#6420]).
+
- Pre-filling the *New static lease* window with data ([#6402]).
+
- Protection pause timer synchronization ([#5759]).
[#1660]: https://github.com/AdguardTeam/AdGuardHome/issues/1660
@@ -620,44 +581,44 @@ See also the [v0.107.42 GitHub milestone][ms-v0.107.42].
[go-1.20.12]: https://groups.google.com/g/golang-announce/c/iLGK3x6yuNo/m/z6MJ-eB0AQAJ
[ms-v0.107.42]: https://github.com/AdguardTeam/AdGuardHome/milestone/77?closed=1
-
-
## [v0.107.41] - 2023-11-13
See also the [v0.107.41 GitHub milestone][ms-v0.107.41].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2023-45283 and CVE-2023-45284 Go vulnerabilities fixed in
- [Go 1.20.11][go-1.20.11].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2023-45283 and CVE-2023-45284 Go vulnerabilities fixed in [Go 1.20.11][go-1.20.11].
### Added
-- Ability to specify subnet lengths for IPv4 and IPv6 addresses, used for rate
- limiting requests, in the configuration file ([#6368]).
-- Ability to specify multiple domain specific upstreams per line, e.g.
- `[/domain1/../domain2/]upstream1 upstream2 .. upstreamN` ([#4977]).
+- Ability to specify subnet lengths for IPv4 and IPv6 addresses, used for rate limiting requests, in the configuration file ([#6368]).
+
+- Ability to specify multiple domain specific upstreams per line, e.g. `[/domain1/../domain2/]upstream1 upstream2 .. upstreamN` ([#4977]).
### Changed
- Increased the height of the ready-to-use filter lists dialog ([#6358]).
+
- Improved logging of authentication failures ([#6357]).
#### Configuration changes
-- New properties `dns.ratelimit_subnet_len_ipv4` and
- `dns.ratelimit_subnet_len_ipv6` have been added to the configuration file
- ([#6368]).
+- New properties `dns.ratelimit_subnet_len_ipv4` and `dns.ratelimit_subnet_len_ipv6` have been added to the configuration file ([#6368]).
### Fixed
- Schedule timezone not being sent ([#6401]).
+
- Average request processing time calculation ([#6220]).
+
- Redundant truncation of long client names in the Top Clients table ([#6338]).
+
- Scrolling column headers in the tables ([#6337]).
+
- `$important,dnsrewrite` rules not overriding allowlist rules ([#6204]).
+
- Dark mode DNS rewrite background ([#6329]).
+
- Issues with QUIC and HTTP/3 upstreams on Linux ([#6335]).
[#4977]: https://github.com/AdguardTeam/AdGuardHome/issues/4977
@@ -675,23 +636,22 @@ See also the [v0.107.41 GitHub milestone][ms-v0.107.41].
[go-1.20.11]: https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY/m/d-jSKR_jBwAJ
[ms-v0.107.41]: https://github.com/AdguardTeam/AdGuardHome/milestone/76?closed=1
-
-
## [v0.107.40] - 2023-10-18
See also the [v0.107.40 GitHub milestone][ms-v0.107.40].
### Changed
-- *Block* and *Unblock* buttons of the query log moved to the tooltip menu
- ([#684]).
+- *Block* and *Unblock* buttons of the query log moved to the tooltip menu ([#684]).
### Fixed
- Dashboard tables scroll issue ([#6180]).
-- The time shown in the statistics is one hour less than the current time
- ([#6296]).
+
+- The time shown in the statistics is one hour less than the current time ([#6296]).
+
- Issues with QUIC and HTTP/3 upstreams on FreeBSD ([#6301]).
+
- Panic on clearing the query log ([#6304]).
[#684]: https://github.com/AdguardTeam/AdGuardHome/issues/684
@@ -702,35 +662,34 @@ See also the [v0.107.40 GitHub milestone][ms-v0.107.40].
[ms-v0.107.40]: https://github.com/AdguardTeam/AdGuardHome/milestone/75?closed=1
-
-
## [v0.107.39] - 2023-10-11
See also the [v0.107.39 GitHub milestone][ms-v0.107.39].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2023-39323 and CVE-2023-39325 Go vulnerabilities fixed in
- [Go 1.20.9][go-1.20.9] and [Go 1.20.10][go-1.20.10].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2023-39323 and CVE-2023-39325 Go vulnerabilities fixed in [Go 1.20.9][go-1.20.9] and [Go 1.20.10][go-1.20.10].
### Added
- Ability to edit static leases on *DHCP settings* page ([#1700]).
-- Ability to specify for how long clients should cache a filtered response,
- using the *Blocked response TTL* field on the *DNS settings* page ([#4569]).
+
+- Ability to specify for how long clients should cache a filtered response, using the *Blocked response TTL* field on the *DNS settings* page ([#4569]).
### Changed
- `ipset` entries are updated more frequently ([#6233]).
+
- Node.JS 16 is now required to build the frontend.
### Fixed
- Incorrect domain-specific upstream matching for `DS` queries ([#6156]).
+
- Improper validation of password length ([#6280]).
-- Wrong algorithm for filtering self addresses from the list of private upstream
- DNS servers ([#6231]).
+
+- Wrong algorithm for filtering self addresses from the list of private upstream DNS servers ([#6231]).
+
- An accidental change in DNS rewrite priority ([#6226]).
[#1700]: https://github.com/AdguardTeam/AdGuardHome/issues/1700
@@ -745,8 +704,6 @@ See also the [v0.107.39 GitHub milestone][ms-v0.107.39].
[go-1.20.9]: https://groups.google.com/g/golang-announce/c/XBa1oHDevAo/m/desYyx3qAgAJ
[ms-v0.107.39]: https://github.com/AdguardTeam/AdGuardHome/milestone/74?closed=1
-
-
## [v0.107.38] - 2023-09-11
See also the [v0.107.38 GitHub milestone][ms-v0.107.38].
@@ -754,8 +711,11 @@ See also the [v0.107.38 GitHub milestone][ms-v0.107.38].
### Fixed
- Incorrect original answer when a response is filtered ([#6183]).
+
- Comments in the *Fallback DNS servers* field in the UI ([#6182]).
+
- Empty or default Safe Browsing and Parental Control settings ([#6181]).
+
- Various UI issues.
[#6181]: https://github.com/AdguardTeam/AdGuardHome/issues/6181
@@ -764,154 +724,144 @@ See also the [v0.107.38 GitHub milestone][ms-v0.107.38].
[ms-v0.107.38]: https://github.com/AdguardTeam/AdGuardHome/milestone/73?closed=1
-
-
## [v0.107.37] - 2023-09-07
See also the [v0.107.37 GitHub milestone][ms-v0.107.37].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2023-39318, CVE-2023-39319, and CVE-2023-39320 Go vulnerabilities fixed in
- [Go 1.20.8][go-1.20.8].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2023-39318, CVE-2023-39319, and CVE-2023-39320 Go vulnerabilities fixed in [Go 1.20.8][go-1.20.8].
### Added
-- AdBlock-style syntax support for ignored domains in logs and statistics
- ([#5720]).
-- [`Strict-Transport-Security`][hsts] header in the HTTP API and DNS-over-HTTPS
- responses when HTTPS is forced ([#2998]). See [RFC 6797][rfc6797].
+- AdBlock-style syntax support for ignored domains in logs and statistics ([#5720]).
+
+- [`Strict-Transport-Security`][hsts] header in the HTTP API and DNS-over-HTTPS responses when HTTPS is forced ([#2998]). See [RFC 6797][rfc6797].
+
- UI for the schedule of the service-blocking pause ([#951]).
-- IPv6 hints are now filtered in case IPv6 addresses resolving is disabled
- ([#6122]).
-- The ability to set fallback DNS servers in the configuration file and the UI
- ([#3701]).
-- While adding or updating blocklists, the title can now be parsed from
- `! Title:` definition of the blocklist's source ([#6020]).
-- The ability to filter DNS HTTPS records including IPv4 and IPv6 hints
- ([#6053]).
-- Two new metrics showing total number of responses from each upstream DNS
- server and their average processing time in the Web UI ([#1453]).
-- The ability to set the port for the `pprof` debug API, see configuration
- changes below.
+
+- IPv6 hints are now filtered in case IPv6 addresses resolving is disabled ([#6122]).
+
+- The ability to set fallback DNS servers in the configuration file and the UI ([#3701]).
+
+- While adding or updating blocklists, the title can now be parsed from `! Title:` definition of the blocklist’s source ([#6020]).
+
+- The ability to filter DNS HTTPS records including IPv4 and IPv6 hints ([#6053]).
+
+- Two new metrics showing total number of responses from each upstream DNS server and their average processing time in the Web UI ([#1453]).
+
+- The ability to set the port for the `pprof` debug API, see configuration changes below.
### Changed
-- `$dnsrewrite` rules containing IPv4-mapped IPv6 addresses are now working
- consistently with legacy DNS rewrites and match the `AAAA` requests.
-- For non-A and non-AAAA requests, which has been filtered, the NODATA response
- is returned if the blocking mode isn't set to `Null IP`. In previous versions
- it returned NXDOMAIN response in such cases.
+- `$dnsrewrite` rules containing IPv4-mapped IPv6 addresses are now working consistently with legacy DNS rewrites and match the `AAAA` requests.
+
+- For non-A and non-AAAA requests, which has been filtered, the NODATA response is returned if the blocking mode isn’t set to `Null IP`. In previous versions it returned NXDOMAIN response in such cases.
#### Configuration changes
In this release, the schema version has changed from 24 to 27.
-- Ignore rules blocking `.` in `querylog.ignored` and `statistics.ignored` have
- been migrated to AdBlock syntax (`|.^`). To rollback this change, restore the
- rules and change the `schema_version` back to `26`.
+- Ignore rules blocking `.` in `querylog.ignored` and `statistics.ignored` have been migrated to AdBlock syntax (`|.^`). To rollback this change, restore the rules and change the `schema_version` back to `26`.
-- Filtering-related settings have been moved from `dns` section of the YAML
- configuration file to the new section `filtering`:
+- Filtering-related settings have been moved from `dns` section of the YAML configuration file to the new section `filtering`:
- ```yaml
- # BEFORE:
- 'dns':
- 'filtering_enabled': true
- 'filters_update_interval': 24
- 'parental_enabled': false
- 'safebrowsing_enabled': false
- 'safebrowsing_cache_size': 1048576
- 'safesearch_cache_size': 1048576
- 'parental_cache_size': 1048576
- 'safe_search':
- 'enabled': false
- 'bing': true
- 'duckduckgo': true
- 'google': true
- 'pixabay': true
- 'yandex': true
- 'youtube': true
- 'rewrites': []
- 'blocked_services':
- 'schedule':
- 'time_zone': 'Local'
- 'ids': []
- 'protection_enabled': true,
- 'blocking_mode': 'custom_ip',
- 'blocking_ipv4': '1.2.3.4',
- 'blocking_ipv6': '1:2:3::4',
- 'blocked_response_ttl': 10,
- 'protection_disabled_until': 'null',
- 'parental_block_host': 'p.dns.adguard.com',
- 'safebrowsing_block_host': 's.dns.adguard.com'
+ ```yaml
+ # BEFORE:
+ 'dns':
+ 'filtering_enabled': true
+ 'filters_update_interval': 24
+ 'parental_enabled': false
+ 'safebrowsing_enabled': false
+ 'safebrowsing_cache_size': 1048576
+ 'safesearch_cache_size': 1048576
+ 'parental_cache_size': 1048576
+ 'safe_search':
+ 'enabled': false
+ 'bing': true
+ 'duckduckgo': true
+ 'google': true
+ 'pixabay': true
+ 'yandex': true
+ 'youtube': true
+ 'rewrites': []
+ 'blocked_services':
+ 'schedule':
+ 'time_zone': 'Local'
+ 'ids': []
+ 'protection_enabled': true,
+ 'blocking_mode': 'custom_ip',
+ 'blocking_ipv4': '1.2.3.4',
+ 'blocking_ipv6': '1:2:3::4',
+ 'blocked_response_ttl': 10,
+ 'protection_disabled_until': 'null',
+ 'parental_block_host': 'p.dns.adguard.com',
+ 'safebrowsing_block_host': 's.dns.adguard.com'
- # AFTER:
- 'filtering':
- 'filtering_enabled': true
- 'filters_update_interval': 24
- 'parental_enabled': false
- 'safebrowsing_enabled': false
- 'safebrowsing_cache_size': 1048576
- 'safesearch_cache_size': 1048576
- 'parental_cache_size': 1048576
- 'safe_search':
- 'enabled': false
- 'bing': true
- 'duckduckgo': true
- 'google': true
- 'pixabay': true
- 'yandex': true
- 'youtube': true
- 'rewrites': []
- 'blocked_services':
- 'schedule':
- 'time_zone': 'Local'
- 'ids': []
- 'protection_enabled': true,
- 'blocking_mode': 'custom_ip',
- 'blocking_ipv4': '1.2.3.4',
- 'blocking_ipv6': '1:2:3::4',
- 'blocked_response_ttl': 10,
- 'protection_disabled_until': 'null',
- 'parental_block_host': 'p.dns.adguard.com',
- 'safebrowsing_block_host': 's.dns.adguard.com',
- ```
+ # AFTER:
+ 'filtering':
+ 'filtering_enabled': true
+ 'filters_update_interval': 24
+ 'parental_enabled': false
+ 'safebrowsing_enabled': false
+ 'safebrowsing_cache_size': 1048576
+ 'safesearch_cache_size': 1048576
+ 'parental_cache_size': 1048576
+ 'safe_search':
+ 'enabled': false
+ 'bing': true
+ 'duckduckgo': true
+ 'google': true
+ 'pixabay': true
+ 'yandex': true
+ 'youtube': true
+ 'rewrites': []
+ 'blocked_services':
+ 'schedule':
+ 'time_zone': 'Local'
+ 'ids': []
+ 'protection_enabled': true,
+ 'blocking_mode': 'custom_ip',
+ 'blocking_ipv4': '1.2.3.4',
+ 'blocking_ipv6': '1:2:3::4',
+ 'blocked_response_ttl': 10,
+ 'protection_disabled_until': 'null',
+ 'parental_block_host': 'p.dns.adguard.com',
+ 'safebrowsing_block_host': 's.dns.adguard.com',
+ ```
- To rollback this change, remove the new object `filtering`, set back filtering
- properties in `dns` section, and change the `schema_version` back to `25`.
+ To rollback this change, remove the new object `filtering`, set back filtering properties in `dns` section, and change the `schema_version` back to `25`.
-- Property `debug_pprof` which used to setup profiling HTTP handler, is now
- moved to the new `pprof` object under `http` section. The new object contains
- properties `enabled` and `port`:
+- Property `debug_pprof` which used to setup profiling HTTP handler, is now moved to the new `pprof` object under `http` section. The new object contains properties `enabled` and `port`:
- ```yaml
- # BEFORE:
- 'debug_pprof': true
+ ```yaml
+ # BEFORE:
+ 'debug_pprof': true
- # AFTER:
- 'http':
- 'pprof':
- 'enabled': true
- 'port': 6060
- ```
+ # AFTER:
+ 'http':
+ 'pprof':
+ 'enabled': true
+ 'port': 6060
+ ```
- Note that the new default `6060` is used as default. To rollback this change,
- remove the new object `pprof`, set back `debug_pprof`, and change the
- `schema_version` back to `24`.
+ Note that the new default `6060` is used as default. To rollback this change, remove the new object `pprof`, set back `debug_pprof`, and change the `schema_version` back to `24`.
### Fixed
- Incorrect display date on statistics graph ([#5793]).
+
- Missing query log entries and statistics on service restart ([#6100]).
+
- Occasional DNS-over-QUIC and DNS-over-HTTP/3 errors ([#6133]).
-- Legacy DNS rewrites containing IPv4-mapped IPv6 addresses are now matching the
- `AAAA` requests, not `A` ([#6050]).
+
+- Legacy DNS rewrites containing IPv4-mapped IPv6 addresses are now matching the `AAAA` requests, not `A` ([#6050]).
+
- File log configuration, such as `max_size`, being ignored ([#6093]).
+
- Panic on using a single-slash filtering rule.
-- Panic on shutting down while DNS requests are in process of filtering
- ([#5948]).
+
+- Panic on shutting down while DNS requests are in process of filtering ([#5948]).
[#1453]: https://github.com/AdguardTeam/AdGuardHome/issues/1453
[#2998]: https://github.com/AdguardTeam/AdGuardHome/issues/2998
@@ -932,16 +882,13 @@ In this release, the schema version has changed from 24 to 27.
[ms-v0.107.37]: https://github.com/AdguardTeam/AdGuardHome/milestone/72?closed=1
[rfc6797]: https://datatracker.ietf.org/doc/html/rfc6797
-
-
## [v0.107.36] - 2023-08-02
See also the [v0.107.36 GitHub milestone][ms-v0.107.36].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2023-29409 Go vulnerability fixed in [Go 1.20.7][go-1.20.7].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2023-29409 Go vulnerability fixed in [Go 1.20.7][go-1.20.7].
### Deprecated
@@ -949,12 +896,9 @@ See also the [v0.107.36 GitHub milestone][ms-v0.107.36].
### Fixed
-- Inability to block queries for the root domain, such as `NS .` queries, using
- the *Disallowed domains* feature on the *DNS settings* page ([#6049]). Users
- who want to block `.` queries should use the `|.^` AdBlock rule or a similar
- regular expression.
-- Client hostnames not resolving when upstream server responds with zero-TTL
- records ([#6046]).
+- Inability to block queries for the root domain, such as `NS .` queries, using the *Disallowed domains* feature on the *DNS settings* page ([#6049]). Users who want to block `.` queries should use the `|.^` AdBlock rule or a similar regular expression.
+
+- Client hostnames not resolving when upstream server responds with zero-TTL records ([#6046]).
### Removed
@@ -966,8 +910,6 @@ See also the [v0.107.36 GitHub milestone][ms-v0.107.36].
[go-1.20.7]: https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ
[ms-v0.107.36]: https://github.com/AdguardTeam/AdGuardHome/milestone/71?closed=1
-
-
## [v0.107.35] - 2023-07-26
See also the [v0.107.35 GitHub milestone][ms-v0.107.35].
@@ -978,37 +920,30 @@ See also the [v0.107.35 GitHub milestone][ms-v0.107.35].
### Fixed
-- Occasional client information lookup failures that could lead to the DNS
- server getting stuck ([#6006]).
-- `bufio.Scanner: token too long` and other errors when trying to add
- filtering-rule lists with lines over 1024 bytes long or containing cosmetic
- rules ([#6003]).
+- Occasional client information lookup failures that could lead to the DNS server getting stuck ([#6006]).
+
+- `bufio.Scanner: token too long` and other errors when trying to add filtering-rule lists with lines over 1024 bytes long or containing cosmetic rules ([#6003]).
### Removed
-- Default exposure of the non-standard ports 784 and 8853 for DNS-over-QUIC in
- the `Dockerfile`.
+- Default exposure of the non-standard ports 784 and 8853 for DNS-over-QUIC in the `Dockerfile`.
[#6003]: https://github.com/AdguardTeam/AdGuardHome/issues/6003
[#6006]: https://github.com/AdguardTeam/AdGuardHome/issues/6006
[ms-v0.107.35]: https://github.com/AdguardTeam/AdGuardHome/milestone/70?closed=1
-
-
## [v0.107.34] - 2023-07-12
See also the [v0.107.34 GitHub milestone][ms-v0.107.34].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2023-29406 Go vulnerability fixed in [Go 1.19.11][go-1.19.11].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2023-29406 Go vulnerability fixed in [Go 1.19.11][go-1.19.11].
### Added
-- Ability to ignore queries for the root domain, such as `NS .` queries
- ([#5990]).
+- Ability to ignore queries for the root domain, such as `NS .` queries ([#5990]).
### Changed
@@ -1018,56 +953,48 @@ See also the [v0.107.34 GitHub milestone][ms-v0.107.34].
In this release, the schema version has changed from 23 to 24.
-- Properties starting with `log_`, and `verbose` property, which used to set up
- logging are now moved to the new object `log` containing new properties
- `file`, `max_backups`, `max_size`, `max_age`, `compress`, `local_time`, and
- `verbose`:
+- Properties starting with `log_`, and `verbose` property, which used to set up logging are now moved to the new object `log` containing new properties `file`, `max_backups`, `max_size`, `max_age`, `compress`, `local_time`, and `verbose`:
- ```yaml
- # BEFORE:
- 'log_file': ""
- 'log_max_backups': 0
- 'log_max_size': 100
- 'log_max_age': 3
- 'log_compress': false
- 'log_localtime': false
- 'verbose': false
+ ```yaml
+ # BEFORE:
+ 'log_file': ""
+ 'log_max_backups': 0
+ 'log_max_size': 100
+ 'log_max_age': 3
+ 'log_compress': false
+ 'log_localtime': false
+ 'verbose': false
- # AFTER:
- 'log':
- 'file': ""
- 'max_backups': 0
- 'max_size': 100
- 'max_age': 3
- 'compress': false
- 'local_time': false
- 'verbose': false
- ```
+ # AFTER:
+ 'log':
+ 'file': ""
+ 'max_backups': 0
+ 'max_size': 100
+ 'max_age': 3
+ 'compress': false
+ 'local_time': false
+ 'verbose': false
+ ```
- To rollback this change, remove the new object `log`, set back `log_` and
- `verbose` properties and change the `schema_version` back to `23`.
+ To rollback this change, remove the new object `log`, set back `log_` and `verbose` properties and change the `schema_version` back to `23`.
### Deprecated
-- Default exposure of the non-standard ports 784 and 8853 for DNS-over-QUIC in
- the `Dockerfile`.
+- Default exposure of the non-standard ports 784 and 8853 for DNS-over-QUIC in the `Dockerfile`.
### Fixed
- Two unspecified IPs when a host is blocked in two filter lists ([#5972]).
+
- Incorrect setting of Parental Control cache size.
-- Excessive RAM and CPU consumption by Safe Browsing and Parental Control
- filters ([#5896]).
+
+- Excessive RAM and CPU consumption by Safe Browsing and Parental Control filters ([#5896]).
### Removed
-- The `HEALTHCHECK` section and the use of `tini` in the `ENTRYPOINT` section in
- `Dockerfile` ([#5939]). They caused a lot of issues, especially with tools
- like `docker-compose` and `podman`.
+- The `HEALTHCHECK` section and the use of `tini` in the `ENTRYPOINT` section in `Dockerfile` ([#5939]). They caused a lot of issues, especially with tools like `docker-compose` and `podman`.
- **NOTE:** Some Docker tools may cache `ENTRYPOINT` sections, so some users may
- be required to backup their configuration, stop the container, purge the old
- image, and reload it from scratch.
+ **NOTE:** Some Docker tools may cache `ENTRYPOINT` sections, so some users may be required to backup their configuration, stop the container, purge the old image, and reload it from scratch.
[#5896]: https://github.com/AdguardTeam/AdGuardHome/issues/5896
[#5972]: https://github.com/AdguardTeam/AdGuardHome/issues/5972
@@ -1076,21 +1003,17 @@ In this release, the schema version has changed from 23 to 24.
[go-1.19.11]: https://groups.google.com/g/golang-announce/c/2q13H6LEEx0/m/sduSepLLBwAJ
[ms-v0.107.34]: https://github.com/AdguardTeam/AdGuardHome/milestone/69?closed=1
-
-
## [v0.107.33] - 2023-07-03
See also the [v0.107.33 GitHub milestone][ms-v0.107.33].
### Added
-- The new command-line flag `--web-addr` is the address to serve the web UI on,
- in the host:port format.
-- The ability to set inactivity periods for filtering blocked services, both
- globally and per client, in the configuration file ([#951]). The UI changes
- are coming in the upcoming releases.
-- The ability to edit rewrite rules via `PUT /control/rewrite/update` HTTP API
- and the Web UI ([#1577]).
+- The new command-line flag `--web-addr` is the address to serve the web UI on, in the host:port format.
+
+- The ability to set inactivity periods for filtering blocked services, both globally and per client, in the configuration file ([#951]). The UI changes are coming in the upcoming releases.
+
+- The ability to edit rewrite rules via `PUT /control/rewrite/update` HTTP API and the Web UI ([#1577]).
### Changed
@@ -1098,123 +1021,112 @@ See also the [v0.107.33 GitHub milestone][ms-v0.107.33].
In this release, the schema version has changed from 20 to 23.
-- Properties `bind_host`, `bind_port`, and `web_session_ttl` which used to setup
- web UI binding configuration, are now moved to a new object `http` containing
- new properties `address` and `session_ttl`:
+- Properties `bind_host`, `bind_port`, and `web_session_ttl` which used to setup web UI binding configuration, are now moved to a new object `http` containing new properties `address` and `session_ttl`:
- ```yaml
- # BEFORE:
- 'bind_host': '1.2.3.4'
- 'bind_port': 8080
- 'web_session_ttl': 720
+ ```yaml
+ # BEFORE:
+ 'bind_host': '1.2.3.4'
+ 'bind_port': 8080
+ 'web_session_ttl': 720
- # AFTER:
- 'http':
- 'address': '1.2.3.4:8080'
- 'session_ttl': '720h'
- ```
+ # AFTER:
+ 'http':
+ 'address': '1.2.3.4:8080'
+ 'session_ttl': '720h'
+ ```
- Note that the new `http.session_ttl` property is now a duration string. To
- rollback this change, remove the new object `http`, set back `bind_host`,
- `bind_port`, `web_session_ttl`, and change the `schema_version` back to `22`.
-- Property `clients.persistent.blocked_services`, which in schema versions 21
- and earlier used to be a list containing ids of blocked services, is now an
- object containing ids and schedule for blocked services:
+ Note that the new `http.session_ttl` property is now a duration string. To rollback this change, remove the new object `http`, set back `bind_host`, `bind_port`, `web_session_ttl`, and change the `schema_version` back to `22`.
- ```yaml
- # BEFORE:
- 'clients':
- 'persistent':
- - 'name': 'client-name'
+- Property `clients.persistent.blocked_services`, which in schema versions 21 and earlier used to be a list containing ids of blocked services, is now an object containing ids and schedule for blocked services:
+
+ ```yaml
+ # BEFORE:
+ 'clients':
+ 'persistent':
+ - 'name': 'client-name'
+ 'blocked_services':
+ - id_1
+ - id_2
+
+ # AFTER:
+ 'clients':
+ 'persistent':
+ - 'name': client-name
'blocked_services':
- - id_1
- - id_2
+ 'ids':
+ - id_1
+ - id_2
+ 'schedule':
+ 'time_zone': 'Local'
+ 'sun':
+ 'start': '0s'
+ 'end': '24h'
+ 'mon':
+ 'start': '1h'
+ 'end': '23h'
+ ```
- # AFTER:
- 'clients':
- 'persistent':
- - 'name': client-name
- 'blocked_services':
- 'ids':
- - id_1
- - id_2
+ To rollback this change, replace `clients.persistent.blocked_services` object with the list of ids of blocked services and change the `schema_version` back to `21`.
+
+- Property `dns.blocked_services`, which in schema versions 20 and earlier used to be a list containing ids of blocked services, is now an object containing ids and schedule for blocked services:
+
+ ```yaml
+ # BEFORE:
+ 'blocked_services':
+ - id_1
+ - id_2
+
+ # AFTER:
+ 'blocked_services':
+ 'ids':
+ - id_1
+ - id_2
'schedule':
'time_zone': 'Local'
'sun':
'start': '0s'
'end': '24h'
'mon':
- 'start': '1h'
+ 'start': '10m'
+ 'end': '23h30m'
+ 'tue':
+ 'start': '20m'
'end': '23h'
- ```
+ 'wed':
+ 'start': '30m'
+ 'end': '22h30m'
+ 'thu':
+ 'start': '40m'
+ 'end': '22h'
+ 'fri':
+ 'start': '50m'
+ 'end': '21h30m'
+ 'sat':
+ 'start': '1h'
+ 'end': '21h'
+ ```
- To rollback this change, replace `clients.persistent.blocked_services` object
- with the list of ids of blocked services and change the `schema_version` back
- to `21`.
-- Property `dns.blocked_services`, which in schema versions 20 and earlier used
- to be a list containing ids of blocked services, is now an object containing
- ids and schedule for blocked services:
-
- ```yaml
- # BEFORE:
- 'blocked_services':
- - id_1
- - id_2
-
- # AFTER:
- 'blocked_services':
- 'ids':
- - id_1
- - id_2
- 'schedule':
- 'time_zone': 'Local'
- 'sun':
- 'start': '0s'
- 'end': '24h'
- 'mon':
- 'start': '10m'
- 'end': '23h30m'
- 'tue':
- 'start': '20m'
- 'end': '23h'
- 'wed':
- 'start': '30m'
- 'end': '22h30m'
- 'thu':
- 'start': '40m'
- 'end': '22h'
- 'fri':
- 'start': '50m'
- 'end': '21h30m'
- 'sat':
- 'start': '1h'
- 'end': '21h'
- ```
-
- To rollback this change, replace `dns.blocked_services` object with the list
- of ids of blocked services and change the `schema_version` back to `20`.
+ To rollback this change, replace `dns.blocked_services` object with the list of ids of blocked services and change the `schema_version` back to `20`.
### Deprecated
-- The `HEALTHCHECK` section and the use of `tini` in the `ENTRYPOINT` section in
- `Dockerfile` ([#5939]). They cause a lot of issues, especially with tools
- like `docker-compose` and `podman`, and will be removed in a future release.
-- Flags `-h`, `--host`, `-p`, `--port` have been deprecated. The `-h` flag
- will work as an alias for `--help`, instead of the deprecated `--host` in the
- future releases.
+- The `HEALTHCHECK` section and the use of `tini` in the `ENTRYPOINT` section in `Dockerfile` ([#5939]). They cause a lot of issues, especially with tools like `docker-compose` and `podman`, and will be removed in a future release.
+
+- Flags `-h`, `--host`, `-p`, `--port` have been deprecated. The `-h` flag will work as an alias for `--help`, instead of the deprecated `--host` in the future releases.
### Fixed
-- Ignoring of `/etc/hosts` file when resolving the hostnames of upstream DNS
- servers ([#5902]).
+- Ignoring of `/etc/hosts` file when resolving the hostnames of upstream DNS servers ([#5902]).
+
- Excessive error logging when using DNS-over-QUIC ([#5285]).
-- Inability to set `bind_host` in `AdGuardHome.yaml` in Docker ([#4231],
- [#4235]).
+
+- Inability to set `bind_host` in `AdGuardHome.yaml` in Docker ([#4231], [#4235]).
+
- The blocklists can now be deleted properly ([#5700]).
-- Queries with the question-section target `.`, for example `NS .`, are now
- counted in the statistics and correctly shown in the query log ([#5910]).
-- Safe Search not working with `AAAA` queries for domains that don't have `AAAA`
- records ([#5913]).
+
+- Queries with the question-section target `.`, for example `NS .`, are now counted in the statistics and correctly shown in the query log ([#5910]).
+
+- Safe Search not working with `AAAA` queries for domains that don’t have `AAAA` records ([#5913]).
[#951]: https://github.com/AdguardTeam/AdGuardHome/issues/951
[#1577]: https://github.com/AdguardTeam/AdGuardHome/issues/1577
@@ -1229,17 +1141,11 @@ In this release, the schema version has changed from 20 to 23.
[ms-v0.107.33]: https://github.com/AdguardTeam/AdGuardHome/milestone/68?closed=1
-
-
## [v0.107.32] - 2023-06-13
### Fixed
-- DNSCrypt upstream not resetting the client and resolver information on
- dialing errors ([#5872]).
-
-
-
+- DNSCrypt upstream not resetting the client and resolver information on dialing errors ([#5872]).
## [v0.107.31] - 2023-06-08
@@ -1248,8 +1154,8 @@ See also the [v0.107.31 GitHub milestone][ms-v0.107.31].
### Fixed
- Startup errors on OpenWrt ([#5872]).
-- Plain-UDP upstreams always falling back to TCP, causing outages and slowdowns
- ([#5873], [#5874]).
+
+- Plain-UDP upstreams always falling back to TCP, causing outages and slowdowns ([#5873], [#5874]).
[#5872]: https://github.com/AdguardTeam/AdGuardHome/issues/5872
[#5873]: https://github.com/AdguardTeam/AdGuardHome/issues/5873
@@ -1257,58 +1163,49 @@ See also the [v0.107.31 GitHub milestone][ms-v0.107.31].
[ms-v0.107.31]: https://github.com/AdguardTeam/AdGuardHome/milestone/67?closed=1
-
-
## [v0.107.30] - 2023-06-07
See also the [v0.107.30 GitHub milestone][ms-v0.107.30].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2023-29402, CVE-2023-29403, and CVE-2023-29404 Go vulnerabilities fixed in
- [Go 1.19.10][go-1.19.10].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2023-29402, CVE-2023-29403, and CVE-2023-29404 Go vulnerabilities fixed in [Go 1.19.10][go-1.19.10].
### Fixed
-- Unquoted IPv6 bind hosts with trailing colons erroneously considered
- unspecified addresses are now properly validated ([#5752]).
+- Unquoted IPv6 bind hosts with trailing colons erroneously considered unspecified addresses are now properly validated ([#5752]).
- **NOTE:** the Docker healthcheck script now also doesn't interpret the `""`
- value as unspecified address.
-- Incorrect `Content-Type` header value in `POST /control/version.json` and `GET
- /control/dhcp/interfaces` HTTP APIs ([#5716]).
-- Provided bootstrap servers are now used to resolve the hostnames of plain
- UDP/TCP upstream servers.
+ **NOTE:** the Docker healthcheck script now also doesn’t interpret the `""` value as unspecified address.
+
+- Incorrect `Content-Type` header value in `POST /control/version.json` and `GET /control/dhcp/interfaces` HTTP APIs ([#5716]).
+
+- Provided bootstrap servers are now used to resolve the hostnames of plain UDP/TCP upstream servers.
[#5716]: https://github.com/AdguardTeam/AdGuardHome/issues/5716
[go-1.19.10]: https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ
[ms-v0.107.30]: https://github.com/AdguardTeam/AdGuardHome/milestone/66?closed=1
-
-
## [v0.107.29] - 2023-04-18
See also the [v0.107.29 GitHub milestone][ms-v0.107.29].
### Added
-- The ability to exclude client activity from the query log or statistics by
- editing client's settings on the respective page in the UI ([#1717], [#4299]).
+- The ability to exclude client activity from the query log or statistics by editing client’s settings on the respective page in the UI ([#1717], [#4299]).
### Changed
-- Stored DHCP leases moved from `leases.db` to `data/leases.json`. The file
- format has also been optimized.
+- Stored DHCP leases moved from `leases.db` to `data/leases.json`. The file format has also been optimized.
### Fixed
-- The `github.com/mdlayher/raw` dependency has been temporarily returned to
- support raw connections on Darwin ([#5712]).
-- Incorrect recording of blocked results as “Blocked by CNAME or IP” in the
- query log ([#5725]).
+- The `github.com/mdlayher/raw` dependency has been temporarily returned to support raw connections on Darwin ([#5712]).
+
+- Incorrect recording of blocked results as “Blocked by CNAME or IP” in the query log ([#5725]).
+
- All Safe Search services being unchecked by default.
+
- Panic when a DNSCrypt stamp is invalid ([#5721]).
[#5712]: https://github.com/AdguardTeam/AdGuardHome/issues/5712
@@ -1318,125 +1215,108 @@ See also the [v0.107.29 GitHub milestone][ms-v0.107.29].
[ms-v0.107.29]: https://github.com/AdguardTeam/AdGuardHome/milestone/65?closed=1
-
-
## [v0.107.28] - 2023-04-12
See also the [v0.107.28 GitHub milestone][ms-v0.107.28].
### Added
-- The ability to exclude client activity from the query log or statistics by
- using the new properties `ignore_querylog` and `ignore_statistics` of the
- items of the `clients.persistent` array ([#1717], [#4299]). The UI changes
- are coming in the upcoming releases.
+- The ability to exclude client activity from the query log or statistics by using the new properties `ignore_querylog` and `ignore_statistics` of the items of the `clients.persistent` array ([#1717], [#4299]). The UI changes are coming in the upcoming releases.
+
- Better profiling information when `debug_pprof` is set to `true`.
+
- IPv6 support in Safe Search for some services.
-- The ability to make bootstrap DNS lookups prefer IPv6 addresses to IPv4 ones
- using the new `dns.bootstrap_prefer_ipv6` configuration file property
- ([#4262]).
-- Docker container's healthcheck ([#3290]).
-- The new HTTP API `POST /control/protection`, that updates protection state
- and adds an optional pause duration ([#1333]). The format of request body
- is described in `openapi/openapi.yaml`. The duration of this pause could
- also be set with the property `protection_disabled_until` in the `dns` object
- of the YAML configuration file.
-- The ability to create a static DHCP lease from a dynamic one more easily
- ([#3459]).
-- Two new HTTP APIs, `PUT /control/stats/config/update` and `GET
- control/stats/config`, which can be used to set and receive the query log
- configuration. See `openapi/openapi.yaml` for the full description.
-- Two new HTTP APIs, `PUT /control/querylog/config/update` and `GET
- control/querylog/config`, which can be used to set and receive the statistics
- configuration. See `openapi/openapi.yaml` for the full description.
-- The ability to set custom IP for EDNS Client Subnet by using the DNS-server
- configuration section on the DNS settings page in the UI ([#1472]).
-- The ability to manage Safe Search for each service by using the new
- `safe_search` property ([#1163]).
+
+- The ability to make bootstrap DNS lookups prefer IPv6 addresses to IPv4 ones using the new `dns.bootstrap_prefer_ipv6` configuration file property ([#4262]).
+
+- Docker container’s healthcheck ([#3290]).
+
+- The new HTTP API `POST /control/protection`, that updates protection state and adds an optional pause duration ([#1333]). The format of request body is described in `openapi/openapi.yaml`. The duration of this pause could also be set with the property `protection_disabled_until` in the `dns` object of the YAML configuration file.
+
+- The ability to create a static DHCP lease from a dynamic one more easily ([#3459]).
+
+- Two new HTTP APIs, `PUT /control/stats/config/update` and `GET control/stats/config`, which can be used to set and receive the query log configuration. See `openapi/openapi.yaml` for the full description.
+
+- Two new HTTP APIs, `PUT /control/querylog/config/update` and `GET control/querylog/config`, which can be used to set and receive the statistics configuration. See `openapi/openapi.yaml` for the full description.
+
+- The ability to set custom IP for EDNS Client Subnet by using the DNS-server configuration section on the DNS settings page in the UI ([#1472]).
+
+- The ability to manage Safe Search for each service by using the new `safe_search` property ([#1163]).
### Changed
-- ARPA domain names containing a subnet within private networks now also
- considered private, behaving closer to [RFC 6761][rfc6761] ([#5567]).
+- ARPA domain names containing a subnet within private networks now also considered private, behaving closer to [RFC 6761][rfc6761] ([#5567]).
#### Configuration changes
In this release, the schema version has changed from 17 to 20.
-- Property `statistics.interval`, which in schema versions 19 and earlier used
- to be an integer number of days, is now a string with a human-readable
- duration:
+- Property `statistics.interval`, which in schema versions 19 and earlier used to be an integer number of days, is now a string with a human-readable duration:
- ```yaml
- # BEFORE:
- 'statistics':
- # …
- 'interval': 1
-
- # AFTER:
- 'statistics':
- # …
- 'interval': '24h'
- ```
-
- To rollback this change, convert the property back into days and change the
- `schema_version` back to `19`.
-- The `dns.safesearch_enabled` property has been replaced with `safe_search`
- object containing per-service settings.
-- The `clients.persistent.safesearch_enabled` property has been replaced with
- `safe_search` object containing per-service settings.
-
- ```yaml
+ ```yaml
# BEFORE:
- 'safesearch_enabled': true
+ 'statistics':
+ # …
+ 'interval': 1
# AFTER:
- 'safe_search':
- 'enabled': true
- 'bing': true
- 'duckduckgo': true
- 'google': true
- 'pixabay': true
- 'yandex': true
- 'youtube': true
- ```
+ 'statistics':
+ # …
+ 'interval': '24h'
+ ```
- To rollback this change, move the value of `dns.safe_search.enabled` into the
- `dns.safesearch_enabled`, then remove `dns.safe_search` property. Do the same
- client's specific `clients.persistent.safesearch` and then change the
- `schema_version` back to `17`.
+ To rollback this change, convert the property back into days and change the `schema_version` back to `19`.
+
+- The `dns.safesearch_enabled` property has been replaced with `safe_search` object containing per-service settings.
+
+- The `clients.persistent.safesearch_enabled` property has been replaced with `safe_search` object containing per-service settings.
+
+ ```yaml
+ # BEFORE:
+ 'safesearch_enabled': true
+
+ # AFTER:
+ 'safe_search':
+ 'enabled': true
+ 'bing': true
+ 'duckduckgo': true
+ 'google': true
+ 'pixabay': true
+ 'yandex': true
+ 'youtube': true
+ ```
+
+ To rollback this change, move the value of `dns.safe_search.enabled` into the `dns.safesearch_enabled`, then remove `dns.safe_search` property. Do the same client’s specific `clients.persistent.safesearch` and then change the `schema_version` back to `17`.
### Deprecated
-- The `POST /control/safesearch/enable` HTTP API is deprecated. Use the new
- `PUT /control/safesearch/settings` API.
-- The `POST /control/safesearch/disable` HTTP API is deprecated. Use the new
- `PUT /control/safesearch/settings` API
+- The `POST /control/safesearch/enable` HTTP API is deprecated. Use the new `PUT /control/safesearch/settings` API.
+
+- The `POST /control/safesearch/disable` HTTP API is deprecated. Use the new `PUT /control/safesearch/settings` API
+
- The `safesearch_enabled` property is deprecated in the following HTTP APIs:
- - `GET /control/clients`;
- - `POST /control/clients/add`;
- - `POST /control/clients/update`;
- - `GET /control/clients/find?ip0=...&ip1=...&ip2=...`.
+ - `GET /control/clients`;
+ - `POST /control/clients/add`;
+ - `POST /control/clients/update`;
+ - `GET /control/clients/find?ip0=...&ip1=...&ip2=...`.
- Check `openapi/openapi.yaml` for more details.
-- The `GET /control/stats_info` HTTP API; use the new `GET
- /control/stats/config` API instead.
+ Check `openapi/openapi.yaml` for more details.
- **NOTE:** If interval is custom then it will be equal to `90` days for
- compatibility reasons. See `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
-- The `POST /control/stats_config` HTTP API; use the new `PUT
- /control/stats/config/update` API instead.
-- The `GET /control/querylog_info` HTTP API; use the new `GET
- /control/querylog/config` API instead.
+- The `GET /control/stats_info` HTTP API; use the new `GET /control/stats/config` API instead.
- **NOTE:** If interval is custom then it will be equal to `90` days for
- compatibility reasons. See `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
-- The `POST /control/querylog_config` HTTP API; use the new `PUT
- /control/querylog/config/update` API instead.
+ **NOTE:** If interval is custom then it will be equal to `90` days for compatibility reasons. See `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
+
+- The `POST /control/stats_config` HTTP API; use the new `PUT /control/stats/config/update` API instead.
+
+- The `GET /control/querylog_info` HTTP API; use the new `GET /control/querylog/config` API instead.
+
+ **NOTE:** If interval is custom then it will be equal to `90` days for compatibility reasons. See `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
+
+- The `POST /control/querylog_config` HTTP API; use the new `PUT /control/querylog/config/update` API instead.
### Fixed
-- Logging of the client's IP address after failed login attempts ([#5701]).
+- Logging of the client’s IP address after failed login attempts ([#5701]).
[#1163]: https://github.com/AdguardTeam/AdGuardHome/issues/1163
[#1333]: https://github.com/AdguardTeam/AdGuardHome/issues/1333
@@ -1450,26 +1330,21 @@ In this release, the schema version has changed from 17 to 20.
[ms-v0.107.28]: https://github.com/AdguardTeam/AdGuardHome/milestone/64?closed=1
[rfc6761]: https://datatracker.ietf.org/doc/html/rfc6761
-
-
-
## [v0.107.27] - 2023-04-05
See also the [v0.107.27 GitHub milestone][ms-v0.107.27].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, and CVE-2023-24538 Go
- vulnerabilities fixed in [Go 1.19.8][go-1.19.8].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, and CVE-2023-24538 Go vulnerabilities fixed in [Go 1.19.8][go-1.19.8].
### Fixed
-- Query log not showing all filtered queries when the “Filtered” log filter is
- selected ([#5639]).
-- Panic in empty hostname in the filter's URL ([#5631]).
-- Panic caused by empty top-level domain name label in `/etc/hosts` files
- ([#5584]).
+- Query log not showing all filtered queries when the “Filtered” log filter is selected ([#5639]).
+
+- Panic in empty hostname in the filter’s URL ([#5631]).
+
+- Panic caused by empty top-level domain name label in `/etc/hosts` files ([#5584]).
[#5584]: https://github.com/AdguardTeam/AdGuardHome/issues/5584
[#5631]: https://github.com/AdguardTeam/AdGuardHome/issues/5631
@@ -1478,62 +1353,53 @@ See also the [v0.107.27 GitHub milestone][ms-v0.107.27].
[go-1.19.8]: https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8/m/OV40vnafAwAJ
[ms-v0.107.27]: https://github.com/AdguardTeam/AdGuardHome/milestone/63?closed=1
-
-
## [v0.107.26] - 2023-03-09
See also the [v0.107.26 GitHub milestone][ms-v0.107.26].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2023-24532 Go vulnerability fixed in [Go 1.19.7][go-1.19.7].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2023-24532 Go vulnerability fixed in [Go 1.19.7][go-1.19.7].
### Added
-- The ability to set custom IP for EDNS Client Subnet by using the new
- `dns.edns_client_subnet.use_custom` and `dns.edns_client_subnet.custom_ip`
- properties ([#1472]). The UI changes are coming in the upcoming releases.
-- The ability to use `dnstype` rules in the disallowed domains list ([#5468]).
- This allows dropping requests based on their question types.
+- The ability to set custom IP for EDNS Client Subnet by using the new `dns.edns_client_subnet.use_custom` and `dns.edns_client_subnet.custom_ip` properties ([#1472]). The UI changes are coming in the upcoming releases.
+
+- The ability to use `dnstype` rules in the disallowed domains list ([#5468]). This allows dropping requests based on their question types.
### Changed
#### Configuration changes
-- Property `edns_client_subnet`, which in schema versions 16 and earlier used
- to be a part of the `dns` object, is now part of the `dns.edns_client_subnet`
- object:
+- Property `edns_client_subnet`, which in schema versions 16 and earlier used to be a part of the `dns` object, is now part of the `dns.edns_client_subnet` object:
- ```yaml
- # BEFORE:
- 'dns':
- # …
- 'edns_client_subnet': false
+ ```yaml
+ # BEFORE:
+ 'dns':
+ # …
+ 'edns_client_subnet': false
- # AFTER:
- 'dns':
- # …
- 'edns_client_subnet':
- 'enabled': false
- 'use_custom': false
- 'custom_ip': ''
- ```
+ # AFTER:
+ 'dns':
+ # …
+ 'edns_client_subnet':
+ 'enabled': false
+ 'use_custom': false
+ 'custom_ip': ''
+ ```
- To rollback this change, move the value of `dns.edns_client_subnet.enabled`
- into the `dns.edns_client_subnet`, remove the properties
- `dns.edns_client_subnet.enabled`, `dns.edns_client_subnet.use_custom`,
- `dns.edns_client_subnet.custom_ip`, and change the `schema_version` back to
- `16`.
+ To rollback this change, move the value of `dns.edns_client_subnet.enabled` into the `dns.edns_client_subnet`, remove the properties `dns.edns_client_subnet.enabled`, `dns.edns_client_subnet.use_custom`, `dns.edns_client_subnet.custom_ip`, and change the `schema_version` back to `16`.
### Fixed
- Obsolete value of the Interface MTU DHCP option is now omitted ([#5281]).
+
- Various dark theme bugs ([#5439], [#5441], [#5442], [#5515]).
-- Automatic update on MIPS64 and little-endian 32-bit MIPS architectures
- ([#5270], [#5373]).
-- Requirements to domain names in domain-specific upstream configurations have
- been relaxed to meet those from [RFC 3696][rfc3696] ([#4884]).
+
+- Automatic update on MIPS64 and little-endian 32-bit MIPS architectures ([#5270], [#5373]).
+
+- Requirements to domain names in domain-specific upstream configurations have been relaxed to meet those from [RFC 3696][rfc3696] ([#4884]).
+
- Failing service installation via script on FreeBSD ([#5431]).
[#4884]: https://github.com/AdguardTeam/AdGuardHome/issues/4884
@@ -1551,8 +1417,6 @@ See also the [v0.107.26 GitHub milestone][ms-v0.107.26].
[ms-v0.107.26]: https://github.com/AdguardTeam/AdGuardHome/milestone/62?closed=1
[rfc3696]: https://datatracker.ietf.org/doc/html/rfc3696
-
-
## [v0.107.25] - 2023-02-21
See also the [v0.107.25 GitHub milestone][ms-v0.107.25].
@@ -1565,26 +1429,19 @@ See also the [v0.107.25 GitHub milestone][ms-v0.107.25].
[ms-v0.107.25]: https://github.com/AdguardTeam/AdGuardHome/milestone/61?closed=1
-
-
## [v0.107.24] - 2023-02-15
See also the [v0.107.24 GitHub milestone][ms-v0.107.24].
### Security
-- Go version has been updated, both because Go 1.18 has reached end of life an
- to prevent the possibility of exploiting the Go vulnerabilities fixed in [Go
- 1.19.6][go-1.19.6].
+- Go version has been updated, both because Go 1.18 has reached end of life an to prevent the possibility of exploiting the Go vulnerabilities fixed in [Go 1.19.6][go-1.19.6].
### Added
-- The ability to disable statistics by using the new `statistics.enabled`
- property. Previously it was necessary to set the `statistics_interval` to 0,
- losing the previous value ([#1717], [#4299]).
-- The ability to exclude domain names from the query log or statistics by using
- the new `querylog.ignored` or `statistics.ignored` properties ([#1717],
- [#4299]). The UI changes are coming in the upcoming releases.
+- The ability to disable statistics by using the new `statistics.enabled` property. Previously it was necessary to set the `statistics_interval` to 0, losing the previous value ([#1717], [#4299]).
+
+- The ability to exclude domain names from the query log or statistics by using the new `querylog.ignored` or `statistics.ignored` properties ([#1717], [#4299]). The UI changes are coming in the upcoming releases.
### Changed
@@ -1592,47 +1449,42 @@ See also the [v0.107.24 GitHub milestone][ms-v0.107.24].
In this release, the schema version has changed from 14 to 16.
-- Property `statistics_interval`, which in schema versions 15 and earlier used
- to be a part of the `dns` object, is now a part of the `statistics` object:
+- Property `statistics_interval`, which in schema versions 15 and earlier used to be a part of the `dns` object, is now a part of the `statistics` object:
- ```yaml
- # BEFORE:
- 'dns':
- # …
- 'statistics_interval': 1
+ ```yaml
+ # BEFORE:
+ 'dns':
+ # …
+ 'statistics_interval': 1
- # AFTER:
- 'statistics':
- # …
- 'interval': 1
- ```
+ # AFTER:
+ 'statistics':
+ # …
+ 'interval': 1
+ ```
- To rollback this change, move the property back into the `dns` object and
- change the `schema_version` back to `15`.
-- The properties `dns.querylog_enabled`, `dns.querylog_file_enabled`,
- `dns.querylog_interval`, and `dns.querylog_size_memory` have been moved to the
- new `querylog` object.
+ To rollback this change, move the property back into the `dns` object and change the `schema_version` back to `15`.
- ```yaml
- # BEFORE:
- 'dns':
- 'querylog_enabled': true
- 'querylog_file_enabled': true
- 'querylog_interval': '2160h'
- 'querylog_size_memory': 1000
+- The properties `dns.querylog_enabled`, `dns.querylog_file_enabled`, `dns.querylog_interval`, and `dns.querylog_size_memory` have been moved to the new `querylog` object.
- # AFTER:
- 'querylog':
- 'enabled': true
- 'file_enabled': true
- 'interval': '2160h'
- 'size_memory': 1000
- 'ignored': []
- ```
+ ```yaml
+ # BEFORE:
+ 'dns':
+ 'querylog_enabled': true
+ 'querylog_file_enabled': true
+ 'querylog_interval': '2160h'
+ 'querylog_size_memory': 1000
- To rollback this change, rename and move properties back into the `dns`
- object, remove `querylog` object and `querylog.ignored` property, and change
- the `schema_version` back to `14`.
+ # AFTER:
+ 'querylog':
+ 'enabled': true
+ 'file_enabled': true
+ 'interval': '2160h'
+ 'size_memory': 1000
+ 'ignored': []
+ ```
+
+ To rollback this change, rename and move properties back into the `dns` object, remove `querylog` object and `querylog.ignored` property, and change the `schema_version` back to `14`.
### Deprecated
@@ -1640,9 +1492,10 @@ In this release, the schema version has changed from 14 to 16.
### Fixed
-- Setting the AD (Authenticated Data) flag on responses that have the DO (DNSSEC
- OK) flag set but not the AD flag ([#5479]).
+- Setting the AD (Authenticated Data) flag on responses that have the DO (DNSSEC OK) flag set but not the AD flag ([#5479]).
+
- Client names resolved via reverse DNS not being updated ([#4939]).
+
- The icon for League Of Legends on the Blocked services page ([#5433]).
### Removed
@@ -1658,32 +1511,25 @@ In this release, the schema version has changed from 14 to 16.
[go-1.19.6]: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
[ms-v0.107.24]: https://github.com/AdguardTeam/AdGuardHome/milestone/60?closed=1
-
-
## [v0.107.23] - 2023-02-01
See also the [v0.107.23 GitHub milestone][ms-v0.107.23].
### Added
-- DNS64 support ([#5117]). The function may be enabled with new `use_dns64`
- property under `dns` object in the configuration along with `dns64_prefixes`,
- the set of exclusion prefixes to filter AAAA responses. The Well-Known Prefix
- (`64:ff9b::/96`) is used if no custom prefixes are specified.
+- DNS64 support ([#5117]). The function may be enabled with new `use_dns64` property under `dns` object in the configuration along with `dns64_prefixes`, the set of exclusion prefixes to filter AAAA responses. The Well-Known Prefix (`64:ff9b::/96`) is used if no custom prefixes are specified.
### Fixed
- Filtering rules with `*` as the hostname not working properly ([#5245]).
+
- Various dark theme bugs ([#5375]).
### Removed
-- The “beta frontend” and the corresponding APIs. They never quite worked
- properly, and the future new version of AdGuard Home API will probably be
- different.
+- The “beta frontend” and the corresponding APIs. They never quite worked properly, and the future new version of AdGuard Home API will probably be different.
- Correspondingly, the configuration parameter `beta_bind_port` has been removed
- as well.
+ Correspondingly, the configuration parameter `beta_bind_port` has been removed as well.
[#5117]: https://github.com/AdguardTeam/AdGuardHome/issues/5117
[#5245]: https://github.com/AdguardTeam/AdGuardHome/issues/5245
@@ -1691,8 +1537,6 @@ See also the [v0.107.23 GitHub milestone][ms-v0.107.23].
[ms-v0.107.23]: https://github.com/AdguardTeam/AdGuardHome/milestone/59?closed=1
-
-
## [v0.107.22] - 2023-01-19
See also the [v0.107.22 GitHub milestone][ms-v0.107.22].
@@ -1700,25 +1544,24 @@ See also the [v0.107.22 GitHub milestone][ms-v0.107.22].
### Added
- Experimental Dark UI theme ([#613]).
-- The new HTTP API `PUT /control/profile/update`, that updates current user
- language and UI theme. The format of request body is described in
- `openapi/openapi.yaml`.
+
+- The new HTTP API `PUT /control/profile/update`, that updates current user language and UI theme. The format of request body is described in `openapi/openapi.yaml`.
### Changed
-- The HTTP API `GET /control/profile` now returns enhanced object with
- current user's name, language, and UI theme. The format of response body is
- described in `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
+- The HTTP API `GET /control/profile` now returns enhanced object with current user’s name, language, and UI theme. The format of response body is described in `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
### Fixed
-- `AdGuardHome --update` freezing when another instance of AdGuard Home is
- running ([#4223], [#5191]).
+- `AdGuardHome --update` freezing when another instance of AdGuard Home is running ([#4223], [#5191]).
+
- The `--update` flag performing an update even when there is no version change.
+
- Failing HTTPS redirection on saving the encryption settings ([#4898]).
+
- Zeroing rules counter of erroneously edited filtering rule lists ([#5290]).
-- Filters updating strategy, which could sometimes lead to use of broken or
- incompletely downloaded lists ([#5258]).
+
+- Filters updating strategy, which could sometimes lead to use of broken or incompletely downloaded lists ([#5258]).
[#613]: https://github.com/AdguardTeam/AdGuardHome/issues/613
[#5191]: https://github.com/AdguardTeam/AdGuardHome/issues/5191
@@ -1727,42 +1570,32 @@ See also the [v0.107.22 GitHub milestone][ms-v0.107.22].
[ms-v0.107.22]: https://github.com/AdguardTeam/AdGuardHome/milestone/58?closed=1
-
-
## [v0.107.21] - 2022-12-15
See also the [v0.107.21 GitHub milestone][ms-v0.107.21].
### Changed
-- The URLs of the default filters for new installations are synchronized to
- those introduced in v0.107.20 ([#5238]).
+- The URLs of the default filters for new installations are synchronized to those introduced in v0.107.20 ([#5238]).
- **NOTE:** Some users may need to re-add the lists from the vetted filter lists
- to update the URLs to the new ones. Custom filters added by users themselves
- do not require re-adding.
+ **NOTE:** Some users may need to re-add the lists from the vetted filter lists to update the URLs to the new ones. Custom filters added by users themselves do not require re-adding.
### Fixed
-- Errors popping up during updates of settings, which could sometimes cause the
- server to stop responding ([#5251]).
+- Errors popping up during updates of settings, which could sometimes cause the server to stop responding ([#5251]).
[#5238]: https://github.com/AdguardTeam/AdGuardHome/issues/5238
[#5251]: https://github.com/AdguardTeam/AdGuardHome/issues/5251
[ms-v0.107.21]: https://github.com/AdguardTeam/AdGuardHome/milestone/57?closed=1
-
-
## [v0.107.20] - 2022-12-07
See also the [v0.107.20 GitHub milestone][ms-v0.107.20].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2022-41717 and CVE-2022-41720 Go vulnerabilities fixed in [Go
- 1.18.9][go-1.18.9].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2022-41717 and CVE-2022-41720 Go vulnerabilities fixed in [Go 1.18.9][go-1.18.9].
### Added
@@ -1770,16 +1603,16 @@ See also the [v0.107.20 GitHub milestone][ms-v0.107.20].
### Changed
-- DHCP server initialization errors are now logged at debug level if the server
- itself disabled ([#4944]).
+- DHCP server initialization errors are now logged at debug level if the server itself disabled ([#4944]).
### Fixed
- Wrong validation error messages on the DHCP configuration page ([#5208]).
+
- Slow upstream checks making the API unresponsive ([#5193]).
-- The TLS initialization errors preventing AdGuard Home from starting ([#5189]).
- Instead, AdGuard Home disables encryption and shows an error message on the
- encryption settings page in the UI, which was the intended previous behavior.
+
+- The TLS initialization errors preventing AdGuard Home from starting ([#5189]). Instead, AdGuard Home disables encryption and shows an error message on the encryption settings page in the UI, which was the intended previous behavior.
+
- URLs of some vetted blocklists.
[#4944]: https://github.com/AdguardTeam/AdGuardHome/issues/4944
@@ -1791,18 +1624,15 @@ See also the [v0.107.20 GitHub milestone][ms-v0.107.20].
[go-1.18.9]: https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU
[ms-v0.107.20]: https://github.com/AdguardTeam/AdGuardHome/milestone/56?closed=1
-
-
## [v0.107.19] - 2022-11-23
See also the [v0.107.19 GitHub milestone][ms-v0.107.19].
### Added
-- The ability to block popular Mastodon instances
- ([AdguardTeam/HostlistsRegistry#100]).
-- The new `--update` command-line option, which allows updating AdGuard Home
- silently ([#4223]).
+- The ability to block popular Mastodon instances ([AdguardTeam/HostlistsRegistry#100]).
+
+- The new `--update` command-line option, which allows updating AdGuard Home silently ([#4223]).
### Changed
@@ -1814,67 +1644,60 @@ See also the [v0.107.19 GitHub milestone][ms-v0.107.19].
[AdguardTeam/HostlistsRegistry#100]: https://github.com/AdguardTeam/HostlistsRegistry/pull/100
-
-
## [v0.107.18] - 2022-11-08
See also the [v0.107.18 GitHub milestone][ms-v0.107.18].
### Fixed
-- Crash on some systems when domains from system hosts files are processed
- ([#5089]).
+- Crash on some systems when domains from system hosts files are processed ([#5089]).
[#5089]: https://github.com/AdguardTeam/AdGuardHome/issues/5089
[ms-v0.107.18]: https://github.com/AdguardTeam/AdGuardHome/milestone/54?closed=1
-
-
## [v0.107.17] - 2022-11-02
See also the [v0.107.17 GitHub milestone][ms-v0.107.17].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2022-41716 Go vulnerability fixed in [Go 1.18.8][go-1.18.8].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2022-41716 Go vulnerability fixed in [Go 1.18.8][go-1.18.8].
### Added
-- The warning message when adding a certificate having no IP addresses
- ([#4898]).
-- Several new blockable services ([#3972]). Those will now be more in sync with
- the services that are already blockable in AdGuard DNS.
-- A new HTTP API, `GET /control/blocked_services/all`, that lists all available
- blocked services and their data, such as SVG icons ([#3972]).
-- The new optional `tls.override_tls_ciphers` property, which allows
- overriding TLS ciphers used by AdGuard Home ([#4925], [#4990]).
+- The warning message when adding a certificate having no IP addresses ([#4898]).
+
+- Several new blockable services ([#3972]). Those will now be more in sync with the services that are already blockable in AdGuard DNS.
+
+- A new HTTP API, `GET /control/blocked_services/all`, that lists all available blocked services and their data, such as SVG icons ([#3972]).
+
+- The new optional `tls.override_tls_ciphers` property, which allows overriding TLS ciphers used by AdGuard Home ([#4925], [#4990]).
+
- The ability to serve DNS on link-local IPv6 addresses ([#2926]).
-- The ability to put [ClientIDs][clientid] into DNS-over-HTTPS hostnames as
- opposed to URL paths ([#3418]). Note that AdGuard Home checks the server name
- only if the URL does not contain a ClientID.
+
+- The ability to put [ClientIDs][clientid] into DNS-over-HTTPS hostnames as opposed to URL paths ([#3418]). Note that AdGuard Home checks the server name only if the URL does not contain a ClientID.
### Changed
-- DNS-over-TLS resolvers aren't returned anymore when the configured TLS
- certificate contains no IP addresses ([#4927]).
+- DNS-over-TLS resolvers aren’t returned anymore when the configured TLS certificate contains no IP addresses ([#4927]).
+
- Responses with `SERVFAIL` code are now cached for at least 30 seconds.
### Deprecated
-- The `GET /control/blocked_services/services` HTTP API; use the new
- `GET /control/blocked_services/all` API instead ([#3972]).
+- The `GET /control/blocked_services/services` HTTP API; use the new `GET /control/blocked_services/all` API instead ([#3972]).
### Fixed
- ClientIDs not working when using DNS-over-HTTPS with HTTP/3.
-- Editing the URL of an enabled rule list also includes validation of the filter
- contents preventing from saving a bad one ([#4916]).
-- The default value of `dns.cache_size` accidentally set to 0 has now been
- reverted to 4 MiB ([#5010]).
-- Responses for which the DNSSEC validation had explicitly been omitted aren't
- cached now ([#4942]).
+
+- Editing the URL of an enabled rule list also includes validation of the filter contents preventing from saving a bad one ([#4916]).
+
+- The default value of `dns.cache_size` accidentally set to 0 has now been reverted to 4 MiB ([#5010]).
+
+- Responses for which the DNSSEC validation had explicitly been omitted aren’t cached now ([#4942]).
+
- Web UI not switching to HTTP/3 ([#4986], [#4993]).
[#2926]: https://github.com/AdguardTeam/AdGuardHome/issues/2926
@@ -1893,53 +1716,39 @@ See also the [v0.107.17 GitHub milestone][ms-v0.107.17].
[go-1.18.8]: https://groups.google.com/g/golang-announce/c/mbHY1UY3BaM
[ms-v0.107.17]: https://github.com/AdguardTeam/AdGuardHome/milestone/53?closed=1
-
-
## [v0.107.16] - 2022-10-07
-This is a security update. There is no GitHub milestone, since no GitHub issues
-were resolved.
+This is a security update. There is no GitHub milestone, since no GitHub issues were resolved.
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2022-2879, CVE-2022-2880, and CVE-2022-41715 Go vulnerabilities fixed in
- [Go 1.18.7][go-1.18.7].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2022-2879, CVE-2022-2880, and CVE-2022-41715 Go vulnerabilities fixed in [Go 1.18.7][go-1.18.7].
[go-1.18.7]: https://groups.google.com/g/golang-announce/c/xtuG5faxtaU
-
-
## [v0.107.15] - 2022-10-03
See also the [v0.107.15 GitHub milestone][ms-v0.107.15].
### Security
-- As an additional CSRF protection measure, AdGuard Home now ensures that
- requests that change its state but have no body (such as `POST
- /control/stats_reset` requests) do not have a `Content-Type` header set on
- them ([#4970]).
+- As an additional CSRF protection measure, AdGuard Home now ensures that requests that change its state but have no body (such as `POST /control/stats_reset` requests) do not have a `Content-Type` header set on them ([#4970]).
### Added
#### Experimental HTTP/3 Support
-See [#3955] and the related issues for more details. These features are still
-experimental and may break or change in the future.
+See [#3955] and the related issues for more details. These features are still experimental and may break or change in the future.
-- DNS-over-HTTP/3 DNS and web UI client request support. This feature must be
- explicitly enabled by setting the new property `dns.serve_http3` in the
- configuration file to `true`.
-- DNS-over-HTTP upstreams can now upgrade to HTTP/3 if the new configuration
- file property `dns.use_http3_upstreams` is set to `true`.
-- Upstreams with forced DNS-over-HTTP/3 and no fallback to prior HTTP versions
- using the `h3://` scheme.
+- DNS-over-HTTP/3 DNS and web UI client request support. This feature must be explicitly enabled by setting the new property `dns.serve_http3` in the configuration file to `true`.
+
+- DNS-over-HTTP upstreams can now upgrade to HTTP/3 if the new configuration file property `dns.use_http3_upstreams` is set to `true`.
+
+- Upstreams with forced DNS-over-HTTP/3 and no fallback to prior HTTP versions using the `h3://` scheme.
### Fixed
-- User-specific blocked services not applying correctly ([#4945], [#4982],
- [#4983]).
+- User-specific blocked services not applying correctly ([#4945], [#4982], [#4983]).
- `only application/json is allowed` errors in various APIs ([#4970]).
[#3955]: https://github.com/AdguardTeam/AdGuardHome/issues/3955
@@ -1950,36 +1759,25 @@ experimental and may break or change in the future.
[ms-v0.107.15]: https://github.com/AdguardTeam/AdGuardHome/milestone/51?closed=1
-
-
## [v0.107.14] - 2022-09-29
See also the [v0.107.14 GitHub milestone][ms-v0.107.14].
### Security
-A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. We thank
-Daniel Elkabes from Mend.io for reporting this vulnerability to us. This is
-[CVE-2022-32175].
+A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. We thank Daniel Elkabes from Mend.io for reporting this vulnerability to us. This is [CVE-2022-32175].
#### `SameSite` Policy
-The `SameSite` policy on the AdGuard Home session cookies is now set to `Lax`.
-Which means that the only cross-site HTTP request for which the browser is
-allowed to send the session cookie is navigating to the AdGuard Home domain.
+The `SameSite` policy on the AdGuard Home session cookies is now set to `Lax`. Which means that the only cross-site HTTP request for which the browser is allowed to send the session cookie is navigating to the AdGuard Home domain.
-**Users are strongly advised to log out, clear browser cache, and log in again
-after updating.**
+**Users are strongly advised to log out, clear browser cache, and log in again after updating.**
#### Removal Of Plain-Text APIs (BREAKING API CHANGE)
-We have implemented several measures to prevent such vulnerabilities in the
-future, but some of these measures break backwards compatibility for the sake of
-better protection.
+We have implemented several measures to prevent such vulnerabilities in the future, but some of these measures break backwards compatibility for the sake of better protection.
-The following APIs, which previously accepted or returned `text/plain` data,
-now accept or return data as JSON. All new formats for the request and response
-bodies are documented in `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
+The following APIs, which previously accepted or returned `text/plain` data, now accept or return data as JSON. All new formats for the request and response bodies are documented in `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
- `GET /control/i18n/current_language`;
- `POST /control/dhcp/find_active_dhcp`;
@@ -1988,18 +1786,15 @@ bodies are documented in `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
#### Stricter Content-Type Checks (BREAKING API CHANGE)
-All JSON APIs that expect a body now check if the request actually has
-`Content-Type` set to `application/json`.
+All JSON APIs that expect a body now check if the request actually has `Content-Type` set to `application/json`.
#### Other Security Changes
-- Weaker cipher suites that use the CBC (cipher block chaining) mode of
- operation have been disabled ([#2993]).
+- Weaker cipher suites that use the CBC (cipher block chaining) mode of operation have been disabled ([#2993]).
### Added
-- Support for plain (unencrypted) HTTP/2 ([#4930]). This is useful for AdGuard
- Home installations behind a reverse proxy.
+- Support for plain (unencrypted) HTTP/2 ([#4930]). This is useful for AdGuard Home installations behind a reverse proxy.
### Fixed
@@ -2012,22 +1807,17 @@ All JSON APIs that expect a body now check if the request actually has
[CVE-2022-32175]: https://www.cvedetails.com/cve/CVE-2022-32175
[ms-v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/milestone/50?closed=1
-
-
## [v0.107.13] - 2022-09-14
See also the [v0.107.13 GitHub milestone][ms-v0.107.13].
### Added
-- The new optional `dns.ipset_file` property, which can be set in the
- configuration file. It allows loading the `ipset` list from a file, just like
- `dns.upstream_dns_file` does for upstream servers ([#4686]).
+- The new optional `dns.ipset_file` property, which can be set in the configuration file. It allows loading the `ipset` list from a file, just like `dns.upstream_dns_file` does for upstream servers ([#4686]).
### Changed
-- The minimum DHCP message size is reassigned back to BOOTP's constraint of 300
- bytes ([#4904]).
+- The minimum DHCP message size is reassigned back to BOOTP’s constraint of 300 bytes ([#4904]).
### Fixed
@@ -2039,56 +1829,46 @@ See also the [v0.107.13 GitHub milestone][ms-v0.107.13].
[ms-v0.107.13]: https://github.com/AdguardTeam/AdGuardHome/milestone/49?closed=1
-
-
## [v0.107.12] - 2022-09-07
See also the [v0.107.12 GitHub milestone][ms-v0.107.12].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2022-27664 and CVE-2022-32190 Go vulnerabilities fixed in
- [Go 1.18.6][go-1.18.6].
+- Go version has been updated to prevent the possibility of exploiting the CVE-2022-27664 and CVE-2022-32190 Go vulnerabilities fixed in [Go 1.18.6][go-1.18.6].
### Added
-- New `bool`, `dur`, `u8`, and `u16` DHCP options to provide more convenience on
- options control by setting values in a human-readable format ([#4705]). See
- also a [Wiki page][wiki-dhcp-opts].
-- New `del` DHCP option which removes the corresponding option from server's
- response ([#4337]). See also a [Wiki page][wiki-dhcp-opts].
+- New `bool`, `dur`, `u8`, and `u16` DHCP options to provide more convenience on options control by setting values in a human-readable format ([#4705]). See also a [Wiki page][wiki-dhcp-opts].
- **NOTE:** This modifier affects all the parameters in the response and not
- only the requested ones.
-- A new HTTP API, `GET /control/blocked_services/services`, that lists all
- available blocked services ([#4535]).
+- New `del` DHCP option which removes the corresponding option from server’s response ([#4337]). See also a [Wiki page][wiki-dhcp-opts].
+
+ **NOTE:** This modifier affects all the parameters in the response and not only the requested ones.
+
+- A new HTTP API, `GET /control/blocked_services/services`, that lists all available blocked services ([#4535]).
### Changed
- The DHCP options handling is now closer to the [RFC 2131][rfc-2131] ([#4705]).
-- When the DHCP server is enabled, queries for domain names under
- `dhcp.local_domain_name` not pointing to real DHCP client hostnames are now
- processed by filters ([#4865]).
-- The `DHCPREQUEST` handling is now closer to the [RFC 2131][rfc-2131]
- ([#4863]).
-- The internal DNS client, used to resolve hostnames of external clients and
- also during automatic updates, now respects the upstream mode settings for the
- main DNS client ([#4403]).
+
+- When the DHCP server is enabled, queries for domain names under `dhcp.local_domain_name` not pointing to real DHCP client hostnames are now processed by filters ([#4865]).
+
+- The `DHCPREQUEST` handling is now closer to the [RFC 2131][rfc-2131] ([#4863]).
+
+- The internal DNS client, used to resolve hostnames of external clients and also during automatic updates, now respects the upstream mode settings for the main DNS client ([#4403]).
### Deprecated
-- Ports 784 and 8853 for DNS-over-QUIC in Docker images. Users who still serve
- DoQ on these ports are encouraged to move to the standard port 853. These
- ports will be removed from the `EXPOSE` section of our `Dockerfile` in a
- future release.
+- Ports 784 and 8853 for DNS-over-QUIC in Docker images. Users who still serve DoQ on these ports are encouraged to move to the standard port 853. These ports will be removed from the `EXPOSE` section of our `Dockerfile` in a future release.
+
- Go 1.18 support. Future versions will require at least Go 1.19 to build.
### Fixed
-- The length of the DHCP server's response is now at least 576 bytes as per
- [RFC 2131][rfc-2131] recommendation ([#4337]).
+- The length of the DHCP server’s response is now at least 576 bytes as per [RFC 2131][rfc-2131] recommendation ([#4337]).
+
- Dynamic leases created with empty hostnames ([#4745]).
+
- Unnecessary logging of non-critical statistics errors ([#4850]).
[#4337]: https://github.com/AdguardTeam/AdGuardHome/issues/4337
@@ -2105,8 +1885,6 @@ See also the [v0.107.12 GitHub milestone][ms-v0.107.12].
[rfc-2131]: https://datatracker.ietf.org/doc/html/rfc2131
[wiki-dhcp-opts]: https://github.com/adguardTeam/adGuardHome/wiki/DHCP#config-4
-
-
## [v0.107.11] - 2022-08-19
See also the [v0.107.11 GitHub milestone][ms-v0.107.11].
@@ -2128,8 +1906,6 @@ See also the [v0.107.11 GitHub milestone][ms-v0.107.11].
[ms-v0.107.11]: https://github.com/AdguardTeam/AdGuardHome/milestone/47?closed=1
-
-
## [v0.107.10] - 2022-08-17
See also the [v0.107.10 GitHub milestone][ms-v0.107.10].
@@ -2137,8 +1913,8 @@ See also the [v0.107.10 GitHub milestone][ms-v0.107.10].
### Added
- Arabic localization.
-- Support for Discovery of Designated Resolvers (DDR) according to the [RFC
- draft][ddr-draft] ([#4463]).
+
+- Support for Discovery of Designated Resolvers (DDR) according to the [RFC draft][ddr-draft] ([#4463]).
### Changed
@@ -2147,8 +1923,9 @@ See also the [v0.107.10 GitHub milestone][ms-v0.107.10].
### Fixed
- DHCP not working on most OSes ([#4836]).
-- `invalid argument` errors during update checks on older Linux kernels
- ([#4670]).
+
+- `invalid argument` errors during update checks on older Linux kernels ([#4670]).
+
- Data races and concurrent map access in statistics module ([#4358], [#4342]).
[#4342]: https://github.com/AdguardTeam/AdGuardHome/issues/4342
@@ -2159,33 +1936,28 @@ See also the [v0.107.10 GitHub milestone][ms-v0.107.10].
[ddr-draft]: https://datatracker.ietf.org/doc/html/draft-ietf-add-ddr-08
[ms-v0.107.10]: https://github.com/AdguardTeam/AdGuardHome/milestone/46?closed=1
-
-
## [v0.107.9] - 2022-08-03
See also the [v0.107.9 GitHub milestone][ms-v0.107.9].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2022-32189 Go vulnerability fixed in [Go 1.18.5][go-1.18.5]. Go 1.17
- support has also been removed, as it has reached end of life and will not
- receive security updates.
+- Go version has been updated to prevent the possibility of exploiting the CVE-2022-32189 Go vulnerability fixed in [Go 1.18.5][go-1.18.5]. Go 1.17 support has also been removed, as it has reached end of life and will not receive security updates.
### Added
-- Domain-specific upstream servers test. If such test fails, a warning message
- is shown ([#4517]).
+- Domain-specific upstream servers test. If such test fails, a warning message is shown ([#4517]).
+
- `windows/arm64` support ([#3057]).
### Changed
-- UI and update links have been changed to make them more resistant to DNS
- blocking.
+- UI and update links have been changed to make them more resistant to DNS blocking.
### Fixed
- DHCP not working on most OSes ([#4836]).
+
- Several UI issues ([#4775], [#4776], [#4782]).
### Removed
@@ -2202,31 +1974,24 @@ See also the [v0.107.9 GitHub milestone][ms-v0.107.9].
[go-1.18.5]: https://groups.google.com/g/golang-announce/c/YqYYG87xB10
[ms-v0.107.9]: https://github.com/AdguardTeam/AdGuardHome/milestone/45?closed=1
-
-
## [v0.107.8] - 2022-07-13
See also the [v0.107.8 GitHub milestone][ms-v0.107.8].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- CVE-2022-1705, CVE-2022-32148, CVE-2022-30631, and other Go vulnerabilities
- fixed in [Go 1.17.12][go-1.17.12].
-
-
+- Go version has been updated to prevent the possibility of exploiting the CVE-2022-1705, CVE-2022-32148, CVE-2022-30631, and other Go vulnerabilities fixed in [Go 1.17.12][go-1.17.12].
### Fixed
-- DHCP lease validation incorrectly letting users assign the IP address of the
- gateway as the address of the lease ([#4698]).
-- Updater no longer expects a hardcoded name for `AdGuardHome` executable
- ([#4219]).
+- DHCP lease validation incorrectly letting users assign the IP address of the gateway as the address of the lease ([#4698]).
+
+- Updater no longer expects a hardcoded name for `AdGuardHome` executable ([#4219]).
+
- Inconsistent names of runtime clients from hosts files ([#4683]).
-- PTR requests for addresses leased by DHCP will now be resolved into hostnames
- under `dhcp.local_domain_name` ([#4699]).
+
+- PTR requests for addresses leased by DHCP will now be resolved into hostnames under `dhcp.local_domain_name` ([#4699]).
+
- Broken service installation on OpenWrt ([#4677]).
[#4219]: https://github.com/AdguardTeam/AdGuardHome/issues/4219
@@ -2238,129 +2003,115 @@ See also the [v0.107.8 GitHub milestone][ms-v0.107.8].
[go-1.17.12]: https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE
[ms-v0.107.8]: https://github.com/AdguardTeam/AdGuardHome/milestone/44?closed=1
-
-
## [v0.107.7] - 2022-06-06
See also the [v0.107.7 GitHub milestone][ms-v0.107.7].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- [CVE-2022-29526], [CVE-2022-30634], [CVE-2022-30629], [CVE-2022-30580], and
- [CVE-2022-29804] Go vulnerabilities.
+- Go version has been updated to prevent the possibility of exploiting the [CVE-2022-29526], [CVE-2022-30634], [CVE-2022-30629], [CVE-2022-30580], and [CVE-2022-29804] Go vulnerabilities.
+
- Enforced password strength policy ([#3503]).
### Added
- Support for the final DNS-over-QUIC standard, [RFC 9250][rfc-9250] ([#4592]).
+
- Support upstreams for subdomains of a domain only ([#4503]).
-- The ability to control each source of runtime clients separately via
- `clients.runtime_sources` configuration object ([#3020]).
-- The ability to customize the set of networks that are considered private
- through the new `dns.private_networks` property in the configuration file
- ([#3142]).
-- EDNS Client-Subnet information in the request details section of a query log
- record ([#3978]).
-- Support for hostnames for plain UDP upstream servers using the `udp://` scheme
- ([#4166]).
-- Logs are now collected by default on FreeBSD and OpenBSD when AdGuard Home is
- installed as a service ([#4213]).
+
+- The ability to control each source of runtime clients separately via `clients.runtime_sources` configuration object ([#3020]).
+
+- The ability to customize the set of networks that are considered private through the new `dns.private_networks` property in the configuration file ([#3142]).
+
+- EDNS Client-Subnet information in the request details section of a query log record ([#3978]).
+
+- Support for hostnames for plain UDP upstream servers using the `udp://` scheme ([#4166]).
+
+- Logs are now collected by default on FreeBSD and OpenBSD when AdGuard Home is installed as a service ([#4213]).
### Changed
-- On OpenBSD, the daemon script now uses the recommended `/bin/ksh` shell
- instead of the `/bin/sh` one ([#4533]). To apply this change, backup your
- data and run `AdGuardHome -s uninstall && AdGuardHome -s install`.
-- The default DNS-over-QUIC port number is now `853` instead of `754` in
- accordance with [RFC 9250][rfc-9250] ([#4276]).
-- Reverse DNS now has a greater priority as the source of runtime clients'
- information than ARP neighborhood.
-- Improved detection of runtime clients through more resilient ARP processing
- ([#3597]).
-- The TTL of responses served from the optimistic cache is now lowered to 10
- seconds.
-- Domain-specific private reverse DNS upstream servers are now validated to
- allow only `*.in-addr.arpa` and `*.ip6.arpa` domains pointing to
- locally-served networks ([#3381]).
+- On OpenBSD, the daemon script now uses the recommended `/bin/ksh` shell instead of the `/bin/sh` one ([#4533]). To apply this change, backup your data and run `AdGuardHome -s uninstall && AdGuardHome -s install`.
- **NOTE:** If you already have invalid entries in your configuration, consider
- removing them manually, since they essentially had no effect.
-- Response filtering is now performed using the record types of the answer
- section of messages as opposed to the type of the question ([#4238]).
-- Instead of adding the build time information, the build scripts now use the
- standardized environment variable [`SOURCE_DATE_EPOCH`][repr] to add the date
- of the commit from which the binary was built ([#4221]). This should simplify
- reproducible builds for package maintainers and those who compile their own
- AdGuard Home.
-- The property `local_domain_name` is now in the `dhcp` object in the
- configuration file to avoid confusion ([#3367]).
-- The `dns.bogus_nxdomain` property in the configuration file now supports CIDR
- notation alongside IP addresses ([#1730]).
+- The default DNS-over-QUIC port number is now `853` instead of `754` in accordance with [RFC 9250][rfc-9250] ([#4276]).
+
+- Reverse DNS now has a greater priority as the source of runtime clients’ information than ARP neighborhood.
+
+- Improved detection of runtime clients through more resilient ARP processing ([#3597]).
+
+- The TTL of responses served from the optimistic cache is now lowered to 10 seconds.
+
+- Domain-specific private reverse DNS upstream servers are now validated to allow only `*.in-addr.arpa` and `*.ip6.arpa` domains pointing to locally-served networks ([#3381]).
+
+ **NOTE:** If you already have invalid entries in your configuration, consider removing them manually, since they essentially had no effect.
+
+- Response filtering is now performed using the record types of the answer section of messages as opposed to the type of the question ([#4238]).
+
+- Instead of adding the build time information, the build scripts now use the standardized environment variable [`SOURCE_DATE_EPOCH`][repr] to add the date of the commit from which the binary was built ([#4221]). This should simplify reproducible builds for package maintainers and those who compile their own AdGuard Home.
+
+- The property `local_domain_name` is now in the `dhcp` object in the configuration file to avoid confusion ([#3367]).
+
+- The `dns.bogus_nxdomain` property in the configuration file now supports CIDR notation alongside IP addresses ([#1730]).
#### Configuration changes
In this release, the schema version has changed from 12 to 14.
-- Object `clients`, which in schema versions 13 and earlier was an array of
- actual persistent clients, is now consist of `persistent` and
- `runtime_sources` properties:
+- Object `clients`, which in schema versions 13 and earlier was an array of actual persistent clients, is now consist of `persistent` and `runtime_sources` properties:
- ```yaml
- # BEFORE:
- 'clients':
- - name: client-name
- # …
+ ```yaml
+ # BEFORE:
+ 'clients':
+ - name: client-name
+ # …
- # AFTER:
- 'clients':
- 'persistent':
- - name: client-name
- # …
- 'runtime_sources':
- whois: true
- arp: true
- rdns: true
- dhcp: true
- hosts: true
- ```
+ # AFTER:
+ 'clients':
+ 'persistent':
+ - name: client-name
+ # …
+ 'runtime_sources':
+ whois: true
+ arp: true
+ rdns: true
+ dhcp: true
+ hosts: true
+ ```
- The value for `clients.runtime_sources.rdns` property is taken from
- `dns.resolve_clients` property. To rollback this change, remove the
- `runtime_sources` property, move the contents of `persistent` into the
- `clients` itself, the value of `clients.runtime_sources.rdns` into the
- `dns.resolve_clients`, and change the `schema_version` back to `13`.
-- Property `local_domain_name`, which in schema versions 12 and earlier used to
- be a part of the `dns` object, is now a part of the `dhcp` object:
+ The value for `clients.runtime_sources.rdns` property is taken from `dns.resolve_clients` property. To rollback this change, remove the `runtime_sources` property, move the contents of `persistent` into the `clients` itself, the value of `clients.runtime_sources.rdns` into the `dns.resolve_clients`, and change the `schema_version` back to `13`.
- ```yaml
- # BEFORE:
- 'dns':
- # …
- 'local_domain_name': 'lan'
+- Property `local_domain_name`, which in schema versions 12 and earlier used to be a part of the `dns` object, is now a part of the `dhcp` object:
- # AFTER:
- 'dhcp':
- # …
- 'local_domain_name': 'lan'
- ```
+ ```yaml
+ # BEFORE:
+ 'dns':
+ # …
+ 'local_domain_name': 'lan'
- To rollback this change, move the property back into the `dns` object and
- change the `schema_version` back to `12`.
+ # AFTER:
+ 'dhcp':
+ # …
+ 'local_domain_name': 'lan'
+ ```
+
+ To rollback this change, move the property back into the `dns` object and change the `schema_version` back to `12`.
### Deprecated
-- The `--no-etc-hosts` option. Its functionality is now controlled by
- `clients.runtime_sources.hosts` configuration property. v0.109.0 will remove
- the flag completely.
+- The `--no-etc-hosts` option. Its functionality is now controlled by `clients.runtime_sources.hosts` configuration property. v0.109.0 will remove the flag completely.
### Fixed
- Query log occasionally going into an infinite loop ([#4591]).
+
- Service startup on boot on systems using SysV-init ([#4480]).
+
- Detection of the stopped service status on macOS and Linux ([#4273]).
+
- Case-sensitive ClientID ([#4542]).
+
- Slow version update queries making other HTTP APIs unresponsive ([#4499]).
+
- ARP tables refreshing process causing excessive PTR requests ([#3157]).
[#1730]: https://github.com/AdguardTeam/AdGuardHome/issues/1730
@@ -2394,8 +2145,6 @@ In this release, the schema version has changed from 12 to 14.
[ms-v0.107.7]: https://github.com/AdguardTeam/AdGuardHome/milestone/43?closed=1
[rfc-9250]: https://datatracker.ietf.org/doc/html/rfc9250
-
-
## [v0.107.6] - 2022-04-13
See also the [v0.107.6 GitHub milestone][ms-v0.107.6].
@@ -2403,39 +2152,34 @@ See also the [v0.107.6 GitHub milestone][ms-v0.107.6].
### Security
- `User-Agent` HTTP header removed from outgoing DNS-over-HTTPS requests.
-- Go version has been updated to prevent the possibility of exploiting the
- [CVE-2022-24675], [CVE-2022-27536], and [CVE-2022-28327] Go vulnerabilities.
+
+- Go version has been updated to prevent the possibility of exploiting the [CVE-2022-24675], [CVE-2022-27536], and [CVE-2022-28327] Go vulnerabilities.
### Added
-- Support for SVCB/HTTPS parameter `dohpath` in filtering rules with
- the `dnsrewrite` modifier according to the [RFC draft][dns-draft-02]
- ([#4463]).
+- Support for SVCB/HTTPS parameter `dohpath` in filtering rules with the `dnsrewrite` modifier according to the [RFC draft][dns-draft-02] ([#4463]).
### Changed
-- Filtering rules with the `dnsrewrite` modifier that create SVCB or HTTPS
- responses should use `ech` instead of `echconfig` to conform with the [latest
- drafts][svcb-draft-08].
+- Filtering rules with the `dnsrewrite` modifier that create SVCB or HTTPS responses should use `ech` instead of `echconfig` to conform with the [latest drafts][svcb-draft-08].
### Deprecated
-- SVCB/HTTPS parameter name `echconfig` in filtering rules with the `dnsrewrite`
- modifier. Use `ech` instead. v0.109.0 will remove support for the outdated
- name `echconfig`.
-- Obsolete `--no-mem-optimization` option ([#4437]). v0.109.0 will remove the
- flag completely.
+- SVCB/HTTPS parameter name `echconfig` in filtering rules with the `dnsrewrite` modifier. Use `ech` instead. v0.109.0 will remove support for the outdated name `echconfig`.
+
+- Obsolete `--no-mem-optimization` option ([#4437]). v0.109.0 will remove the flag completely.
### Fixed
- I/O timeout errors when checking for the presence of another DHCP server.
+
- Network interfaces being incorrectly labeled as down during installation.
+
- Rules for blocking the QQ service ([#3717]).
### Removed
-- Go 1.16 support, since that branch of the Go compiler has reached end of life
- and doesn't receive security updates anymore.
+- Go 1.16 support, since that branch of the Go compiler has reached end of life and doesn’t receive security updates anymore.
[#3717]: https://github.com/AdguardTeam/AdGuardHome/issues/3717
[#4437]: https://github.com/AdguardTeam/AdGuardHome/issues/4437
@@ -2449,37 +2193,29 @@ See also the [v0.107.6 GitHub milestone][ms-v0.107.6].
[repr]: https://reproducible-builds.org/docs/source-date-epoch/
[svcb-draft-08]: https://www.ietf.org/archive/id/draft-ietf-dnsop-svcb-https-08.html
-
-
## [v0.107.5] - 2022-03-04
-This is a security update. There is no GitHub milestone, since no GitHub issues
-were resolved.
+This is a security update. There is no GitHub milestone, since no GitHub issues were resolved.
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- [CVE-2022-24921] Go vulnerability.
+- Go version has been updated to prevent the possibility of exploiting the [CVE-2022-24921] Go vulnerability.
[CVE-2022-24921]: https://www.cvedetails.com/cve/CVE-2022-24921
-
-
## [v0.107.4] - 2022-03-01
See also the [v0.107.4 GitHub milestone][ms-v0.107.4].
### Security
-- Go version has been updated to prevent the possibility of exploiting the
- [CVE-2022-23806], [CVE-2022-23772], and [CVE-2022-23773] Go vulnerabilities.
+- Go version has been updated to prevent the possibility of exploiting the [CVE-2022-23806], [CVE-2022-23772], and [CVE-2022-23773] Go vulnerabilities.
### Fixed
-- Optimistic cache now responds with expired items even if those can't be
- resolved again ([#4254]).
-- Unnecessarily complex hosts-related logic leading to infinite recursion in
- some cases ([#4216]).
+- Optimistic cache now responds with expired items even if those can’t be resolved again ([#4254]).
+
+- Unnecessarily complex hosts-related logic leading to infinite recursion in some cases ([#4216]).
[#4216]: https://github.com/AdguardTeam/AdGuardHome/issues/4216
[#4254]: https://github.com/AdguardTeam/AdGuardHome/issues/4254
@@ -2489,24 +2225,23 @@ See also the [v0.107.4 GitHub milestone][ms-v0.107.4].
[CVE-2022-23806]: https://www.cvedetails.com/cve/CVE-2022-23806
[ms-v0.107.4]: https://github.com/AdguardTeam/AdGuardHome/milestone/41?closed=1
-
-
## [v0.107.3] - 2022-01-25
See also the [v0.107.3 GitHub milestone][ms-v0.107.3].
### Added
-- Support for a `dnsrewrite` modifier with an empty `NOERROR` response
- ([#4133]).
+- Support for a `dnsrewrite` modifier with an empty `NOERROR` response ([#4133]).
### Fixed
- Wrong set of ports checked for duplicates during the initial setup ([#4095]).
+
- Incorrectly invalidated service domains ([#4120]).
+
- Poor testing of domain-specific upstream servers ([#4074]).
-- Omitted aliases of hosts specified by another line within the OS's hosts file
- ([#4079]).
+
+- Omitted aliases of hosts specified by another line within the OS’s hosts file ([#4079]).
[#4074]: https://github.com/AdguardTeam/AdGuardHome/issues/4074
[#4079]: https://github.com/AdguardTeam/AdGuardHome/issues/4079
@@ -2516,8 +2251,6 @@ See also the [v0.107.3 GitHub milestone][ms-v0.107.3].
[ms-v0.107.3]: https://github.com/AdguardTeam/AdGuardHome/milestone/40?closed=1
-
-
## [v0.107.2] - 2021-12-29
See also the [v0.107.2 GitHub milestone][ms-v0.107.2].
@@ -2530,28 +2263,29 @@ See also the [v0.107.2 GitHub milestone][ms-v0.107.2].
[ms-v0.107.2]: https://github.com/AdguardTeam/AdGuardHome/milestone/38?closed=1
-
-
## [v0.107.1] - 2021-12-29
See also the [v0.107.1 GitHub milestone][ms-v0.107.1].
### Changed
-- The validation error message for duplicated allow- and blocklists in DNS
- settings now shows the duplicated elements ([#3975]).
+- The validation error message for duplicated allow- and blocklists in DNS settings now shows the duplicated elements ([#3975]).
### Fixed
- `ipset` initialization bugs ([#4027]).
+
- Legacy DNS rewrites from a wildcard pattern to a subdomain ([#4016]).
-- Service not being stopped before running the `uninstall` service action
- ([#3868]).
+
+- Service not being stopped before running the `uninstall` service action ([#3868]).
+
- Broken `reload` service action on FreeBSD.
-- Legacy DNS rewrites responding from upstream when a request other than `A` or
- `AAAA` is received ([#4008]).
+
+- Legacy DNS rewrites responding from upstream when a request other than `A` or `AAAA` is received ([#4008]).
+
- Panic on port availability check during installation ([#3987]).
-- Incorrect application of rules from the OS's hosts files ([#3998]).
+
+- Incorrect application of rules from the OS’s hosts files ([#3998]).
[#3868]: https://github.com/AdguardTeam/AdGuardHome/issues/3868
[#3975]: https://github.com/AdguardTeam/AdGuardHome/issues/3975
@@ -2563,120 +2297,130 @@ See also the [v0.107.1 GitHub milestone][ms-v0.107.1].
[ms-v0.107.1]: https://github.com/AdguardTeam/AdGuardHome/milestone/37?closed=1
-
-
## [v0.107.0] - 2021-12-21
See also the [v0.107.0 GitHub milestone][ms-v0.107.0].
### Added
-- Upstream server information for responses from cache ([#3772]). Note that old
- log entries concerning cached responses won't include that information.
+- Upstream server information for responses from cache ([#3772]). Note that old log entries concerning cached responses won’t include that information.
+
- Finnish and Ukrainian localizations.
-- Setting the timeout for IP address pinging in the "Fastest IP address" mode
- through the new `fastest_timeout` property in the configuration file ([#1992]).
+
+- Setting the timeout for IP address pinging in the "Fastest IP address" mode through the new `fastest_timeout` property in the configuration file ([#1992]).
+
- Static IP address detection on FreeBSD ([#3289]).
+
- Optimistic cache ([#2145]).
+
- New possible value of `6h` for `querylog_interval` property ([#2504]).
+
- Blocking access using ClientIDs ([#2624], [#3162]).
+
- `source` directives support in `/etc/network/interfaces` on Linux ([#3257]).
+
- [RFC 9000][rfc-9000] support in QUIC.
-- Completely disabling statistics by setting the statistics interval to zero
- ([#2141]).
+
+- Completely disabling statistics by setting the statistics interval to zero ([#2141]).
+
- The ability to completely purge DHCP leases ([#1691]).
+
- Settable timeouts for querying the upstream servers ([#2280]).
-- Configuration file properties to change group and user ID on startup on Unix
- ([#2763]).
-- Experimental OpenBSD support for AMD64 and 64-bit ARM CPUs ([#2439], [#3225],
- [#3226]).
-- Support for custom port in DNS-over-HTTPS profiles for Apple's devices
- ([#3172]).
+
+- Configuration file properties to change group and user ID on startup on Unix ([#2763]).
+
+- Experimental OpenBSD support for AMD64 and 64-bit ARM CPUs ([#2439], [#3225], [#3226]).
+
+- Support for custom port in DNS-over-HTTPS profiles for Apple’s devices ([#3172]).
+
- `darwin/arm64` support ([#2443]).
+
- `freebsd/arm64` support ([#2441]).
-- Output of the default addresses of the upstreams used for resolving PTRs for
- private addresses ([#3136]).
-- Detection and handling of recurrent PTR requests for locally-served addresses
- ([#3185]).
-- The ability to completely disable reverse DNS resolving of IPs from
- locally-served networks ([#3184]).
-- New flag `--local-frontend` to serve dynamically changeable frontend files
- from disk as opposed to the ones that were compiled into the binary.
+
+- Output of the default addresses of the upstreams used for resolving PTRs for private addresses ([#3136]).
+
+- Detection and handling of recurrent PTR requests for locally-served addresses ([#3185]).
+
+- The ability to completely disable reverse DNS resolving of IPs from locally-served networks ([#3184]).
+
+- New flag `--local-frontend` to serve dynamically changeable frontend files from disk as opposed to the ones that were compiled into the binary.
### Changed
- Port bindings are now checked for uniqueness ([#3835]).
-- The DNSSEC check now simply checks against the AD flag in the response
- ([#3904]).
+
+- The DNSSEC check now simply checks against the AD flag in the response ([#3904]).
+
- Client objects in the configuration file are now sorted ([#3933]).
+
- Responses from cache are now labeled ([#3772]).
-- Better error message for ED25519 private keys, which are not widely supported
- ([#3737]).
+
+- Better error message for ED25519 private keys, which are not widely supported ([#3737]).
+
- Cache now follows RFC more closely for negative answers ([#3707]).
-- `dnsrewrite` rules and other DNS rewrites will now be applied even when the
- protection is disabled ([#1558]).
-- DHCP gateway address, subnet mask, IP address range, and leases validations
- ([#3529]).
-- The `systemd` service script will now create the `/var/log` directory when it
- doesn't exist ([#3579]).
-- Items in allowed clients, disallowed clients, and blocked hosts lists are now
- required to be unique ([#3419]).
-- The TLS private key previously saved as a string isn't shown in API responses
- anymore ([#1898]).
+
+- `dnsrewrite` rules and other DNS rewrites will now be applied even when the protection is disabled ([#1558]).
+
+- DHCP gateway address, subnet mask, IP address range, and leases validations ([#3529]).
+
+- The `systemd` service script will now create the `/var/log` directory when it doesn’t exist ([#3579]).
+
+- Items in allowed clients, disallowed clients, and blocked hosts lists are now required to be unique ([#3419]).
+
+- The TLS private key previously saved as a string isn’t shown in API responses anymore ([#1898]).
+
- Better OpenWrt detection ([#3435]).
-- DNS-over-HTTPS queries that come from HTTP proxies in the `trusted_proxies`
- list now use the real IP address of the client instead of the address of the
- proxy ([#2799]).
-- Clients who are blocked by access settings now receive a `REFUSED` response
- when a protocol other than DNS-over-UDP and DNSCrypt is used.
+
+- DNS-over-HTTPS queries that come from HTTP proxies in the `trusted_proxies` list now use the real IP address of the client instead of the address of the proxy ([#2799]).
+
+- Clients who are blocked by access settings now receive a `REFUSED` response when a protocol other than DNS-over-UDP and DNSCrypt is used.
+
- `dns.querylog_interval` property is now formatted in hours.
+
- Query log search now supports internationalized domains ([#3012]).
-- Internationalized domains are now shown decoded in the query log with the
- original encoded version shown in request details ([#3013]).
-- When `/etc/hosts`-type rules have several IPs for one host, all IPs are now
- returned instead of only the first one ([#1381]).
-- Property `rlimit_nofile` is now in the `os` object of the configuration
- file, together with the new `group` and `user` properties ([#2763]).
+
+- Internationalized domains are now shown decoded in the query log with the original encoded version shown in request details ([#3013]).
+
+- When `/etc/hosts`-type rules have several IPs for one host, all IPs are now returned instead of only the first one ([#1381]).
+
+- Property `rlimit_nofile` is now in the `os` object of the configuration file, together with the new `group` and `user` properties ([#2763]).
+
- Permissions on filter files are now `0o644` instead of `0o600` ([#3198]).
#### Configuration changes
In this release, the schema version has changed from 10 to 12.
-- Property `dns.querylog_interval`, which in schema versions 11 and earlier used
- to be an integer number of days, is now a string with a human-readable
- duration:
+- Property `dns.querylog_interval`, which in schema versions 11 and earlier used to be an integer number of days, is now a string with a human-readable duration:
- ```yaml
- # BEFORE:
- 'dns':
- # …
- 'querylog_interval': 90
+ ```yaml
+ # BEFORE:
+ 'dns':
+ # …
+ 'querylog_interval': 90
- # AFTER:
- 'dns':
- # …
- 'querylog_interval': '2160h'
- ```
+ # AFTER:
+ 'dns':
+ # …
+ 'querylog_interval': '2160h'
+ ```
- To rollback this change, convert the property back into days and change the
- `schema_version` back to `11`.
-- Property `rlimit_nofile`, which in schema versions 10 and earlier used to be
- on the top level, is now moved to the new `os` object:
+ To rollback this change, convert the property back into days and change the `schema_version` back to `11`.
- ```yaml
- # BEFORE:
- 'rlimit_nofile': 42
+- Property `rlimit_nofile`, which in schema versions 10 and earlier used to be on the top level, is now moved to the new `os` object:
- # AFTER:
- 'os':
- 'group': ''
+ ```yaml
+ # BEFORE:
'rlimit_nofile': 42
- 'user': ''
- ```
- To rollback this change, move the property on the top level and change the
- `schema_version` back to `10`.
+ # AFTER:
+ 'os':
+ 'group': ''
+ 'rlimit_nofile': 42
+ 'user': ''
+ ```
+
+ To rollback this change, move the property on the top level and change the `schema_version` back to `10`.
### Deprecated
@@ -2685,49 +2429,69 @@ In this release, the schema version has changed from 10 to 12.
### Fixed
- EDNS0 TCP keepalive option handling ([#3778]).
-- Rules with the `denyallow` modifier applying to IP addresses when they
- shouldn't ([#3175]).
-- The length of the EDNS0 client subnet option appearing too long for some
- upstream servers ([#3887]).
-- Invalid redirection to the HTTPS web interface after saving enabled encryption
- settings ([#3558]).
-- Incomplete propagation of the client's IP anonymization setting to the
- statistics ([#3890]).
-- Incorrect results with the `dnsrewrite` modifier for entries from the
- operating system's hosts file ([#3815]).
+
+- Rules with the `denyallow` modifier applying to IP addresses when they shouldn’t ([#3175]).
+
+- The length of the EDNS0 client subnet option appearing too long for some upstream servers ([#3887]).
+
+- Invalid redirection to the HTTPS web interface after saving enabled encryption settings ([#3558]).
+
+- Incomplete propagation of the client’s IP anonymization setting to the statistics ([#3890]).
+
+- Incorrect results with the `dnsrewrite` modifier for entries from the operating system’s hosts file ([#3815]).
+
- Matching against rules with `|` at the end of the domain name ([#3371]).
+
- Incorrect assignment of explicitly configured DHCP options ([#3744]).
+
- Occasional panic during shutdown ([#3655]).
-- Addition of IPs into only one as opposed to all matching ipsets on Linux
- ([#3638]).
+
+- Addition of IPs into only one as opposed to all matching ipsets on Linux ([#3638]).
+
- Removal of temporary filter files ([#3567]).
-- Panic when an upstream server responds with an empty question section
- ([#3551]).
+
+- Panic when an upstream server responds with an empty question section ([#3551]).
+
- 9GAG blocking ([#3564]).
-- DHCP now follows RFCs more closely when it comes to response sending and
- option selection ([#3443], [#3538]).
+
+- DHCP now follows RFCs more closely when it comes to response sending and option selection ([#3443], [#3538]).
+
- Occasional panics when reading old statistics databases ([#3506]).
+
- `reload` service action on macOS and FreeBSD ([#3457]).
+
- Inaccurate using of service actions in the installation script ([#3450]).
+
- ClientID checking ([#3437]).
+
- Discovering other DHCP servers on `darwin` and `freebsd` ([#3417]).
-- Switching listening address to unspecified one when bound to a single
- specified IPv4 address on Darwin (macOS) ([#2807]).
+
+- Switching listening address to unspecified one when bound to a single specified IPv4 address on Darwin (macOS) ([#2807]).
+
- Incomplete HTTP response for static IP address.
-- DNSCrypt queries weren't appearing in query log ([#3372]).
+
+- DNSCrypt queries weren’t appearing in query log ([#3372]).
+
- Wrong IP address for proxied DNS-over-HTTPS queries ([#2799]).
+
- Domain name letter case mismatches in DNS rewrites ([#3351]).
+
- Conflicts between IPv4 and IPv6 DNS rewrites ([#3343]).
+
- Letter case mismatches in `CNAME` filtering ([#3335]).
+
- Occasional breakages on network errors with DNS-over-HTTP upstreams ([#3217]).
+
- Errors when setting static IP on Linux ([#3257]).
-- Treatment of domain names and FQDNs in custom rules with the `dnsrewrite`
- modifier that use the `PTR` type ([#3256]).
-- Redundant hostname generating while loading static leases with empty hostname
- ([#3166]).
+
+- Treatment of domain names and FQDNs in custom rules with the `dnsrewrite` modifier that use the `PTR` type ([#3256]).
+
+- Redundant hostname generating while loading static leases with empty hostname ([#3166]).
+
- Domain name case in responses ([#3194]).
-- Custom upstreams selection for clients with ClientIDs in DNS-over-TLS and
- DNS-over-HTTP ([#3186]).
+
+- Custom upstreams selection for clients with ClientIDs in DNS-over-TLS and DNS-over-HTTP ([#3186]).
+
- Incorrect client-based filtering applying logic ([#2875]).
### Removed
@@ -2805,16 +2569,14 @@ In this release, the schema version has changed from 10 to 12.
[ms-v0.107.0]: https://github.com/AdguardTeam/AdGuardHome/milestone/23?closed=1
[rfc-9000]: https://datatracker.ietf.org/doc/html/rfc9000
-
-
## [v0.106.3] - 2021-05-19
See also the [v0.106.3 GitHub milestone][ms-v0.106.3].
### Added
-- Support for reinstall (`-r`) and uninstall (`-u`) flags in the installation
- script ([#2462]).
+- Support for reinstall (`-r`) and uninstall (`-u`) flags in the installation script ([#2462]).
+
- Support for DHCP `DECLINE` and `RELEASE` message types ([#3053]).
### Changed
@@ -2824,11 +2586,15 @@ See also the [v0.106.3 GitHub milestone][ms-v0.106.3].
### Fixed
- Intermittent "Warning: ID mismatch" errors ([#3087]).
+
- Error when using installation script on some ARMv7 devices ([#2542]).
+
- DHCP leases validation ([#3107], [#3127]).
+
- Local PTR request recursion in Docker containers ([#3064]).
-- Ignoring client-specific filtering settings when filtering is disabled in
- general settings ([#2875]).
+
+- Ignoring client-specific filtering settings when filtering is disabled in general settings ([#2875]).
+
- Disallowed domains are now case-insensitive ([#3115]).
[#2462]: https://github.com/AdguardTeam/AdGuardHome/issues/2462
@@ -2842,8 +2608,6 @@ See also the [v0.106.3 GitHub milestone][ms-v0.106.3].
[ms-v0.106.3]: https://github.com/AdguardTeam/AdGuardHome/milestone/35?closed=1
-
-
## [v0.106.2] - 2021-05-06
See also the [v0.106.2 GitHub milestone][ms-v0.106.2].
@@ -2856,8 +2620,6 @@ See also the [v0.106.2 GitHub milestone][ms-v0.106.2].
[ms-v0.106.2]: https://github.com/AdguardTeam/AdGuardHome/milestone/34?closed=1
-
-
## [v0.106.1] - 2021-04-30
See also the [v0.106.1 GitHub milestone][ms-v0.106.1].
@@ -2865,7 +2627,9 @@ See also the [v0.106.1 GitHub milestone][ms-v0.106.1].
### Fixed
- Local domain name handling when the DHCP server is disabled ([#3028]).
+
- Normalization of previously-saved invalid static DHCP leases ([#3027]).
+
- Validation of IPv6 addresses with zones in system resolvers ([#3022]).
[#3022]: https://github.com/AdguardTeam/AdGuardHome/issues/3022
@@ -2874,48 +2638,54 @@ See also the [v0.106.1 GitHub milestone][ms-v0.106.1].
[ms-v0.106.1]: https://github.com/AdguardTeam/AdGuardHome/milestone/33?closed=1
-
-
## [v0.106.0] - 2021-04-28
See also the [v0.106.0 GitHub milestone][ms-v0.106.0].
### Added
-- The ability to block user for login after configurable number of unsuccessful
- attempts for configurable time ([#2826]).
+- The ability to block user for login after configurable number of unsuccessful attempts for configurable time ([#2826]).
+
- `denyallow` modifier for filters ([#2923]).
+
- Hostname uniqueness validation in the DHCP server ([#2952]).
-- Hostname generating for DHCP clients which don't provide their own ([#2723]).
-- New flag `--no-etc-hosts` to disable client domain name lookups in the
- operating system's `/etc/hosts` files ([#1947]).
-- The ability to set up custom upstreams to resolve PTR queries for local
- addresses and to disable the automatic resolving of clients' addresses
- ([#2704]).
-- Logging of the client's IP address after failed login attempts ([#2824]).
-- Search by clients' names in the query log ([#1273]).
+
+- Hostname generating for DHCP clients which don’t provide their own ([#2723]).
+
+- New flag `--no-etc-hosts` to disable client domain name lookups in the operating system’s `/etc/hosts` files ([#1947]).
+
+- The ability to set up custom upstreams to resolve PTR queries for local addresses and to disable the automatic resolving of clients’ addresses ([#2704]).
+
+- Logging of the client’s IP address after failed login attempts ([#2824]).
+
+- Search by clients’ names in the query log ([#1273]).
+
- Verbose version output with `-v --version` ([#2416]).
-- The ability to set a custom TLD or domain name for known hosts in the local
- network ([#2393], [#2961]).
+
+- The ability to set a custom TLD or domain name for known hosts in the local network ([#2393], [#2961]).
+
- The ability to serve DNS queries on multiple hosts and interfaces ([#1401]).
+
- `ips` and `text` DHCP server options ([#2385]).
-- `SRV` records support in filtering rules with the `dnsrewrite` modifier
- ([#2533]).
+
+- `SRV` records support in filtering rules with the `dnsrewrite` modifier ([#2533]).
### Changed
-- Our DoQ implementation is now updated to conform to the latest standard
- [draft][doq-draft-02] ([#2843]).
+- Our DoQ implementation is now updated to conform to the latest standard [draft][doq-draft-02] ([#2843]).
+
- Quality of logging ([#2954]).
+
- Normalization of hostnames sent by DHCP clients ([#2945], [#2952]).
-- The access to the private hosts is now forbidden for users from external
- networks ([#2889]).
-- The reverse lookup for local addresses is now performed via local resolvers
- ([#2704]).
-- Stricter validation of the IP addresses of static leases in the DHCP server
- with regards to the netmask ([#2838]).
-- Stricter validation of `dnsrewrite` filtering rule modifier parameters
- ([#2498]).
+
+- The access to the private hosts is now forbidden for users from external networks ([#2889]).
+
+- The reverse lookup for local addresses is now performed via local resolvers ([#2704]).
+
+- Stricter validation of the IP addresses of static leases in the DHCP server with regards to the netmask ([#2838]).
+
+- Stricter validation of `dnsrewrite` filtering rule modifier parameters ([#2498]).
+
- New, more correct versioning scheme ([#2412]).
### Deprecated
@@ -2924,15 +2694,20 @@ See also the [v0.106.0 GitHub milestone][ms-v0.106.0].
### Fixed
-- Multiple answers for a `dnsrewrite` rule matching requests with repeating
- patterns in it ([#2981]).
+- Multiple answers for a `dnsrewrite` rule matching requests with repeating patterns in it ([#2981]).
+
- Root server resolving when custom upstreams for hosts are specified ([#2994]).
-- Inconsistent resolving of DHCP clients when the DHCP server is disabled
- ([#2934]).
-- Comment handling in clients' custom upstreams ([#2947]).
+
+- Inconsistent resolving of DHCP clients when the DHCP server is disabled ([#2934]).
+
+- Comment handling in clients’ custom upstreams ([#2947]).
+
- Overwriting of DHCPv4 options when using the HTTP API ([#2927]).
+
- Assumption that MAC addresses always have the length of 6 octets ([#2828]).
+
- Support for more than one `/24` subnet in DHCP ([#2541]).
+
- Invalid filenames in the `mobileconfig` API responses ([#2835]).
### Removed
@@ -2972,25 +2747,28 @@ See also the [v0.106.0 GitHub milestone][ms-v0.106.0].
[doq-draft-02]: https://tools.ietf.org/html/draft-ietf-dprive-dnsoquic-02
[ms-v0.106.0]: https://github.com/AdguardTeam/AdGuardHome/milestone/26?closed=1
-
-
## [v0.105.2] - 2021-03-10
### Security
-- Session token doesn't contain user's information anymore ([#2470]).
+- Session token doesn’t contain user’s information anymore ([#2470]).
See also the [v0.105.2 GitHub milestone][ms-v0.105.2].
### Fixed
- Incomplete hostnames with trailing zero-bytes handling ([#2582]).
+
- Wrong DNS-over-TLS ALPN configuration ([#2681]).
-- Inconsistent responses for messages with EDNS0 and AD when DNS caching is
- enabled ([#2600]).
+
+- Inconsistent responses for messages with EDNS0 and AD when DNS caching is enabled ([#2600]).
+
- Incomplete OpenWrt detection ([#2757]).
-- DHCP lease's `expired` property incorrect time format ([#2692]).
+
+- DHCP lease’s `expired` property incorrect time format ([#2692]).
+
- Incomplete DNS upstreams validation ([#2674]).
+
- Wrong parsing of DHCP options of the `ip` type ([#2688]).
[#2470]: https://github.com/AdguardTeam/AdGuardHome/issues/2470
@@ -3004,8 +2782,6 @@ See also the [v0.105.2 GitHub milestone][ms-v0.105.2].
[ms-v0.105.2]: https://github.com/AdguardTeam/AdGuardHome/milestone/32?closed=1
-
-
## [v0.105.1] - 2021-02-15
See also the [v0.105.1 GitHub milestone][ms-v0.105.1].
@@ -3013,28 +2789,32 @@ See also the [v0.105.1 GitHub milestone][ms-v0.105.1].
### Changed
- Increased HTTP API timeouts ([#2671], [#2682]).
-- "Permission denied" errors when checking if the machine has a static IP no
- longer prevent the DHCP server from starting ([#2667]).
-- The server name sent by clients of TLS APIs is not only checked when
- `strict_sni_check` is enabled ([#2664]).
-- HTTP API request body size limit for the `POST /control/access/set` and `POST
- /control/filtering/set_rules` HTTP APIs is increased ([#2666], [#2675]).
+
+- "Permission denied" errors when checking if the machine has a static IP no longer prevent the DHCP server from starting ([#2667]).
+
+- The server name sent by clients of TLS APIs is not only checked when `strict_sni_check` is enabled ([#2664]).
+
+- HTTP API request body size limit for the `POST /control/access/set` and `POST /control/filtering/set_rules` HTTP APIs is increased ([#2666], [#2675]).
### Fixed
-- Error when enabling the DHCP server when AdGuard Home couldn't determine if
- the machine has a static IP.
+- Error when enabling the DHCP server when AdGuard Home couldn’t determine if the machine has a static IP.
+
- Optical issue on custom rules ([#2641]).
+
- Occasional crashes during startup.
-- The property `"range_start"` in the `GET /control/dhcp/status` HTTP API
- response is now correctly named again ([#2678]).
-- DHCPv6 server's `ra_slaac_only` and `ra_allow_slaac` properties aren't reset
- to `false` on update anymore ([#2653]).
-- The `Vary` header is now added along with `Access-Control-Allow-Origin` to
- prevent cache-related and other issues in browsers ([#2658]).
+
+- The property `"range_start"` in the `GET /control/dhcp/status` HTTP API response is now correctly named again ([#2678]).
+
+- DHCPv6 server’s `ra_slaac_only` and `ra_allow_slaac` properties aren’t reset to `false` on update anymore ([#2653]).
+
+- The `Vary` header is now added along with `Access-Control-Allow-Origin` to prevent cache-related and other issues in browsers ([#2658]).
+
- The request body size limit is now set for HTTPS requests as well.
+
- Incorrect version tag in the Docker release ([#2663]).
-- DNSCrypt queries weren't marked as such in logs ([#2662]).
+
+- DNSCrypt queries weren’t marked as such in logs ([#2662]).
[#2641]: https://github.com/AdguardTeam/AdGuardHome/issues/2641
[#2653]: https://github.com/AdguardTeam/AdGuardHome/issues/2653
@@ -3051,8 +2831,6 @@ See also the [v0.105.1 GitHub milestone][ms-v0.105.1].
[ms-v0.105.1]: https://github.com/AdguardTeam/AdGuardHome/milestone/31?closed=1
-
-
## [v0.105.0] - 2021-02-10
See also the [v0.105.0 GitHub milestone][ms-v0.105.0].
@@ -3060,65 +2838,75 @@ See also the [v0.105.0 GitHub milestone][ms-v0.105.0].
### Added
- Added more services to the "Blocked services" list ([#2224], [#2401]).
+
- `ipset` subdomain matching, just like `dnsmasq` does ([#2179]).
-- ClientID support for DNS-over-HTTPS, DNS-over-QUIC, and DNS-over-TLS
- ([#1383]).
+
+- ClientID support for DNS-over-HTTPS, DNS-over-QUIC, and DNS-over-TLS ([#1383]).
+
- The new `dnsrewrite` modifier for filters ([#2102]).
-- The host checking API and the query logs API can now return multiple matched
- rules ([#2102]).
-- Detecting of network interface configured to have static IP address via
- `/etc/network/interfaces` ([#2302]).
+
+- The host checking API and the query logs API can now return multiple matched rules ([#2102]).
+
+- Detecting of network interface configured to have static IP address via `/etc/network/interfaces` ([#2302]).
+
- DNSCrypt protocol support ([#1361]).
-- A 5 second wait period until a DHCP server's network interface gets an IP
- address ([#2304]).
+
+- A 5 second wait period until a DHCP server’s network interface gets an IP address ([#2304]).
+
- `dnstype` modifier for filters ([#2337]).
+
- HTTP API request body size limit ([#2305]).
### Changed
-- `Access-Control-Allow-Origin` is now only set to the same origin as the
- domain, but with an HTTP scheme as opposed to `*` ([#2484]).
+- `Access-Control-Allow-Origin` is now only set to the same origin as the domain, but with an HTTP scheme as opposed to `*` ([#2484]).
+
- `workDir` now supports symlinks.
-- Stopped mounting together the directories `/opt/adguardhome/conf` and
- `/opt/adguardhome/work` in our Docker images ([#2589]).
-- When `dns.bogus_nxdomain` option is used, the server will now transform
- responses if there is at least one bogus address instead of all of them
- ([#2394]). The new behavior is the same as in `dnsmasq`.
-- Post-updating relaunch possibility is now determined OS-dependently ([#2231],
- [#2391]).
-- Made the mobileconfig HTTP API more robust and predictable, add parameters and
- improve error response ([#2358]).
+
+- Stopped mounting together the directories `/opt/adguardhome/conf` and `/opt/adguardhome/work` in our Docker images ([#2589]).
+
+- When `dns.bogus_nxdomain` option is used, the server will now transform responses if there is at least one bogus address instead of all of them ([#2394]). The new behavior is the same as in `dnsmasq`.
+
+- Post-updating relaunch possibility is now determined OS-dependently ([#2231], [#2391]).
+
+- Made the mobileconfig HTTP API more robust and predictable, add parameters and improve error response ([#2358]).
+
- Improved HTTP requests handling and timeouts ([#2343]).
+
- Our snap package now uses the `core20` image as its base ([#2306]).
-- New build system and various internal improvements ([#2271], [#2276], [#2297],
- [#2509], [#2552], [#2639], [#2646]).
+
+- New build system and various internal improvements ([#2271], [#2276], [#2297], [#2509], [#2552], [#2639], [#2646]).
### Deprecated
- Go 1.14 support. v0.106.0 will require at least Go 1.15 to build.
+
- The `darwin/386` port. It will be removed in v0.106.0.
-- The `"rule"` and `"filter_id"` property in `GET /filtering/check_host` and
- `GET /querylog` responses. They will be removed in v0.106.0 ([#2102]).
+
+- The `"rule"` and `"filter_id"` property in `GET /filtering/check_host` and `GET /querylog` responses. They will be removed in v0.106.0 ([#2102]).
### Fixed
- Autoupdate bug in the Darwin (macOS) version ([#2630]).
+
- Unnecessary conversions from `string` to `net.IP`, and vice versa ([#2508]).
+
- Inability to set DNS cache TTL limits ([#2459]).
+
- Possible freezes on slower machines ([#2225]).
-- A mitigation against records being shown in the wrong order on the query log
- page ([#2293]).
+
+- A mitigation against records being shown in the wrong order on the query log page ([#2293]).
+
- A JSON parsing error in query log ([#2345]).
-- Incorrect detection of the IPv6 address of an interface as well as another
- infinite loop in the `/dhcp/find_active_dhcp` HTTP API ([#2355]).
+
+- Incorrect detection of the IPv6 address of an interface as well as another infinite loop in the `/dhcp/find_active_dhcp` HTTP API ([#2355]).
### Removed
-- The undocumented ability to use hostnames as any of `bind_host` values in
- configuration. Documentation requires them to be valid IP addresses, and now
- the implementation makes sure that that is the case ([#2508]).
-- `Dockerfile` ([#2276]). Replaced with the script
- `scripts/make/build-docker.sh` which uses `scripts/make/Dockerfile`.
+- The undocumented ability to use hostnames as any of `bind_host` values in configuration. Documentation requires them to be valid IP addresses, and now the implementation makes sure that that is the case ([#2508]).
+
+- `Dockerfile` ([#2276]). Replaced with the script `scripts/make/build-docker.sh` which uses `scripts/make/Dockerfile`.
+
- Support for pre-v0.99.3 format of query logs ([#2102]).
[#1361]: https://github.com/AdguardTeam/AdGuardHome/issues/1361
@@ -3156,8 +2944,6 @@ See also the [v0.105.0 GitHub milestone][ms-v0.105.0].
[ms-v0.105.0]: https://github.com/AdguardTeam/AdGuardHome/milestone/27?closed=1
-
-
## [v0.104.3] - 2020-11-19
See also the [v0.104.3 GitHub milestone][ms-v0.104.3].
@@ -3170,8 +2956,6 @@ See also the [v0.104.3 GitHub milestone][ms-v0.104.3].
[ms-v0.104.3]: https://github.com/AdguardTeam/AdGuardHome/milestone/30?closed=1
-
-
## [v0.104.2] - 2020-11-19
See also the [v0.104.2 GitHub milestone][ms-v0.104.2].
@@ -3179,6 +2963,7 @@ See also the [v0.104.2 GitHub milestone][ms-v0.104.2].
### Added
- This changelog :-) ([#2294]).
+
- `HACKING.md`, a guide for developers.
### Changed
@@ -3188,9 +2973,11 @@ See also the [v0.104.2 GitHub milestone][ms-v0.104.2].
### Fixed
- Query logs from file not loading after the ones buffered in memory ([#2325]).
+
- Unnecessary errors in query logs when switching between log files ([#2324]).
-- `404 Not Found` errors on the DHCP settings page on Windows. The page now
- correctly shows that DHCP is not currently available on that OS ([#2295]).
+
+- `404 Not Found` errors on the DHCP settings page on Windows. The page now correctly shows that DHCP is not currently available on that OS ([#2295]).
+
- Infinite loop in `/dhcp/find_active_dhcp` ([#2301]).
[#2273]: https://github.com/AdguardTeam/AdGuardHome/issues/2273
@@ -3202,14 +2989,13 @@ See also the [v0.104.2 GitHub milestone][ms-v0.104.2].
[ms-v0.104.2]: https://github.com/AdguardTeam/AdGuardHome/milestone/28?closed=1
-
-
-[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.55...HEAD
+[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.56...HEAD
+[v0.107.56]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.55...v0.107.56
[v0.107.55]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.54...v0.107.55
[v0.107.54]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.53...v0.107.54
[v0.107.53]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.52...v0.107.53
diff --git a/Makefile b/Makefile
index 6c09f06e..15149924 100644
--- a/Makefile
+++ b/Makefile
@@ -27,7 +27,7 @@ DIST_DIR = dist
GOAMD64 = v1
GOPROXY = https://proxy.golang.org|direct
GOTELEMETRY = off
-GOTOOLCHAIN = go1.23.4
+GOTOOLCHAIN = go1.23.5
GPG_KEY = devteam@adguard.com
GPG_KEY_PASSPHRASE = not-a-real-password
NPM = npm
diff --git a/bamboo-specs/release.yaml b/bamboo-specs/release.yaml
index 1f96e853..1504f65b 100644
--- a/bamboo-specs/release.yaml
+++ b/bamboo-specs/release.yaml
@@ -8,7 +8,7 @@
'variables':
'channel': 'edge'
'dockerFrontend': 'adguard/home-js-builder:2.0'
- 'dockerGo': 'adguard/go-builder:1.23.4--1'
+ 'dockerGo': 'adguard/go-builder:1.23.5--1'
'stages':
- 'Build frontend':
@@ -278,7 +278,7 @@
'variables':
'channel': 'beta'
'dockerFrontend': 'adguard/home-js-builder:2.0'
- 'dockerGo': 'adguard/go-builder:1.23.4--1'
+ 'dockerGo': 'adguard/go-builder:1.23.5--1'
# release-vX.Y.Z branches are the branches from which the actual final
# release is built.
- '^release-v[0-9]+\.[0-9]+\.[0-9]+':
@@ -294,4 +294,4 @@
'variables':
'channel': 'release'
'dockerFrontend': 'adguard/home-js-builder:2.0'
- 'dockerGo': 'adguard/go-builder:1.23.4--1'
+ 'dockerGo': 'adguard/go-builder:1.23.5--1'
diff --git a/bamboo-specs/test.yaml b/bamboo-specs/test.yaml
index 9f89a92c..53f052d3 100644
--- a/bamboo-specs/test.yaml
+++ b/bamboo-specs/test.yaml
@@ -6,7 +6,7 @@
'name': 'AdGuard Home - Build and run tests'
'variables':
'dockerFrontend': 'adguard/home-js-builder:2.0'
- 'dockerGo': 'adguard/go-builder:1.23.4--1'
+ 'dockerGo': 'adguard/go-builder:1.23.5--1'
'channel': 'development'
'stages':
@@ -196,5 +196,5 @@
# may need to build a few of these.
'variables':
'dockerFrontend': 'adguard/home-js-builder:2.0'
- 'dockerGo': 'adguard/go-builder:1.23.4--1'
+ 'dockerGo': 'adguard/go-builder:1.23.5--1'
'channel': 'candidate'
diff --git a/client/src/__locales/nl.json b/client/src/__locales/nl.json
index a3f2857c..c7adc28c 100644
--- a/client/src/__locales/nl.json
+++ b/client/src/__locales/nl.json
@@ -166,7 +166,7 @@
"encryption_settings": "Encryptie instellingen",
"dhcp_settings": "DHCP instellingen",
"upstream_dns": "Upstream DNS-servers",
- "upstream_dns_help": "Een server-adres per regel invoeren. Meer weten over het configureren van upstream DNS-servers.",
+ "upstream_dns_help": "Een server-adres per regel invoeren. Meer informatie over het configureren van upstream DNS-servers.",
"upstream_dns_configured_in_file": "Geconfigureerd in {{path}}",
"test_upstream_btn": "Test upstream",
"upstreams": "Upstreams",
diff --git a/client/src/__locales/uk.json b/client/src/__locales/uk.json
index eac41472..868e320f 100644
--- a/client/src/__locales/uk.json
+++ b/client/src/__locales/uk.json
@@ -20,7 +20,7 @@
"resolve_clients_title": "Увімкнути зворотне вирішення IP-адрес клієнтів",
"resolve_clients_desc": "Визначати доменні імена клієнтів за допомогою PTR-запитів до відповідних серверів — приватних DNS-серверів для локальних клієнтів та upstream-серверів для клієнтів з публічними IP-адресами.",
"use_private_ptr_resolvers_title": "Використовувати приватні зворотні DNS-резолвери",
- "use_private_ptr_resolvers_desc": "Надсилати зворотні DNS-запити до вказаних серверів для клієнтів, що обслуговуються локально. Якщо вимкнено, AdGuard Home буде відповідати NXDOMAIN на всі такі PTR-запити, окрім запитів про клієнтів, що уже відомі завдяки DHCP, /etc/hosts тощо.",
+ "use_private_ptr_resolvers_desc": "Розвʼязувати запити PTR, SOA та NS для доменів ARPA, що містять приватні IP-адреси, через приватні вихідні сервери, DHCP, /etc/hosts тощо. Якщо вимкнено, AdGuard Home відповідатиме на всі такі запити з NXDOMAIN.",
"check_dhcp_servers": "Перевірити DHCP-сервери",
"save_config": "Зберегти конфігурацію",
"enabled_dhcp": "DHCP-сервер увімкнено",
@@ -343,10 +343,10 @@
"known_tracker": "Відомі трекери",
"install_welcome_title": "Вітаємо в AdGuard Home!",
"install_welcome_desc": "AdGuard Home — це мережевий DNS-сервер, що блокує рекламу та відстеження. Його мета — надати вам контроль над усією мережею та всіма пристроями в ній без потреби використання програми на стороні клієнта.",
- "install_settings_title": "Веб-інтерфейс адміністратора",
+ "install_settings_title": "Вебінтерфейс адміністратора",
"install_settings_listen": "Мережевий інтерфейс",
"install_settings_port": "Порт",
- "install_settings_interface_link": "Веб-інтерфейс адміністратора AdGuard Home буде доступний за такими адресами:",
+ "install_settings_interface_link": "Вебінтерфейс адміністратора AdGuard Home буде доступний за такими адресами:",
"form_error_port": "Уведіть правильне значення порту",
"install_settings_dns": "DNS-сервер",
"install_settings_dns_desc": "Вам потрібно буде налаштувати свої пристрої або маршрутизатор для використання DNS-сервера за такими адресами:",
diff --git a/client/src/__locales/zh-tw.json b/client/src/__locales/zh-tw.json
index 837bca3b..8df53e16 100644
--- a/client/src/__locales/zh-tw.json
+++ b/client/src/__locales/zh-tw.json
@@ -20,7 +20,7 @@
"resolve_clients_title": "啟用用戶端的 IP 位址之反向的解析",
"resolve_clients_desc": "透過傳送指標(PTR)查詢到對應的解析器(私人 DNS 伺服器供區域的用戶端,上游的伺服器供有公共 IP 位址的用戶端),反向地解析用戶端的 IP 位址變為它們的主機名稱。",
"use_private_ptr_resolvers_title": "使用私人反向的 DNS 解析器",
- "use_private_ptr_resolvers_desc": "使用私人上游伺服器、DHCP、/etc/hosts 等方式解析包含私人 IP 位址的 ARPA 網域的 PTR、SOA 和 NS 請求。如果禁用,AdGuard Home 將對所有此類請求以 NXDOMAIN 回應。",
+ "use_private_ptr_resolvers_desc": "通過私人上游伺服器、DHCP、/etc/hosts 等等,對包含私人 IP 位址的 ARPA 網域解析 PTR、SOA 和 NS 請求。如果被禁用,AdGuard Home 將對所有此類的請求以 NXDOMAIN 回覆。",
"check_dhcp_servers": "檢查動態主機設定協定(DHCP)伺服器",
"save_config": "儲存配置",
"enabled_dhcp": "動態主機設定協定(DHCP)伺服器被啟用",
diff --git a/client/src/actions/stats.ts b/client/src/actions/stats.ts
index d0dcc852..05b189ed 100644
--- a/client/src/actions/stats.ts
+++ b/client/src/actions/stats.ts
@@ -46,7 +46,7 @@ export const getStats = () => async (dispatch: any) => {
const normalizedTopClients = normalizeTopStats(stats.top_clients);
const clientsParams = getParamsForClientsSearch(normalizedTopClients, 'name');
- const clients = await apiClient.findClients(clientsParams);
+ const clients = await apiClient.searchClients(clientsParams);
const topClientsWithInfo = addClientInfo(normalizedTopClients, clients, 'name');
const normalizedStats = {
diff --git a/client/src/api/Api.ts b/client/src/api/Api.ts
index 40423ab0..c77264dd 100644
--- a/client/src/api/Api.ts
+++ b/client/src/api/Api.ts
@@ -415,7 +415,7 @@ class Api {
// Per-client settings
GET_CLIENTS = { path: 'clients', method: 'GET' };
- FIND_CLIENTS = { path: 'clients/find', method: 'GET' };
+ SEARCH_CLIENTS = { path: 'clients/search', method: 'POST' };
ADD_CLIENT = { path: 'clients/add', method: 'POST' };
@@ -453,11 +453,12 @@ class Api {
return this.makeRequest(path, method, parameters);
}
- findClients(params: any) {
- const { path, method } = this.FIND_CLIENTS;
- const url = getPathWithQueryString(path, params);
-
- return this.makeRequest(url, method);
+ searchClients(config: any) {
+ const { path, method } = this.SEARCH_CLIENTS;
+ const parameters = {
+ data: config,
+ };
+ return this.makeRequest(path, method, parameters);
}
// DNS access settings
diff --git a/client/src/components/Dashboard/Counters.tsx b/client/src/components/Dashboard/Counters.tsx
index e68ce417..d281086d 100644
--- a/client/src/components/Dashboard/Counters.tsx
+++ b/client/src/components/Dashboard/Counters.tsx
@@ -23,7 +23,7 @@ interface RowProps {
const Row = ({ label, count, response_status, tooltipTitle, translationComponents }: RowProps) => {
const content = response_status ? (
- {formatNumber(count)}
+ {count}
) : (
count
);
@@ -77,16 +77,16 @@ const Counters = ({ refreshButton, subtitle }: CountersProps) => {
? t('number_of_dns_query_hours', { count: msToHours(interval) })
: t('number_of_dns_query_days', { count: msToDays(interval) });
- const rows = [
+ const rows: RowProps[] = [
{
label: 'dns_query',
- count: numDnsQueries.toString(),
+ count: formatNumber(numDnsQueries),
tooltipTitle: dnsQueryTooltip,
response_status: RESPONSE_FILTER.ALL.QUERY,
},
{
label: 'blocked_by',
- count: numBlockedFiltering.toString(),
+ count: formatNumber(numBlockedFiltering),
tooltipTitle: 'number_of_dns_query_blocked_24_hours',
response_status: RESPONSE_FILTER.BLOCKED.QUERY,
@@ -98,19 +98,19 @@ const Counters = ({ refreshButton, subtitle }: CountersProps) => {
},
{
label: 'stats_malware_phishing',
- count: numReplacedSafebrowsing.toString(),
+ count: formatNumber(numReplacedSafebrowsing),
tooltipTitle: 'number_of_dns_query_blocked_24_hours_by_sec',
response_status: RESPONSE_FILTER.BLOCKED_THREATS.QUERY,
},
{
label: 'stats_adult',
- count: numReplacedParental.toString(),
+ count: formatNumber(numReplacedParental),
tooltipTitle: 'number_of_dns_query_blocked_24_hours_adult',
response_status: RESPONSE_FILTER.BLOCKED_ADULT_WEBSITES.QUERY,
},
{
label: 'enforced_save_search',
- count: numReplacedSafesearch.toString(),
+ count: formatNumber(numReplacedSafesearch),
tooltipTitle: 'number_of_dns_query_to_safe_search',
response_status: RESPONSE_FILTER.SAFE_SEARCH.QUERY,
},
diff --git a/client/src/components/Settings/Clients/ClientsTable/ClientsTable.tsx b/client/src/components/Settings/Clients/ClientsTable/ClientsTable.tsx
index e41caac1..9dfe319d 100644
--- a/client/src/components/Settings/Clients/ClientsTable/ClientsTable.tsx
+++ b/client/src/components/Settings/Clients/ClientsTable/ClientsTable.tsx
@@ -306,7 +306,7 @@ const ClientsTable = ({
return content;
}
- return {content};
+ return {content};
},
},
{
diff --git a/client/src/helpers/helpers.tsx b/client/src/helpers/helpers.tsx
index 1a0f368b..d04676c4 100644
--- a/client/src/helpers/helpers.tsx
+++ b/client/src/helpers/helpers.tsx
@@ -451,13 +451,10 @@ export const getParamsForClientsSearch = (data: any, param: any, additionalParam
clients.add(e[additionalParam]);
}
});
- const params = {};
- const ids = Array.from(clients.values());
- ids.forEach((id, i) => {
- params[`ip${i}`] = id;
- });
- return params;
+ return {
+ clients: Array.from(clients).map(id => ({ id })),
+ };
};
/**
@@ -524,7 +521,7 @@ export const getObjDiff = (initialValues: any, values: any) =>
* @param num {number} to format
* @returns {string} Returns a string with a language-sensitive representation of this number
*/
-export const formatNumber = (num: any) => {
+export const formatNumber = (num: number): string => {
const currentLanguage = i18n.languages[0] || DEFAULT_LANGUAGE;
return num.toLocaleString(currentLanguage);
};
diff --git a/client/src/helpers/trackers/trackers.json b/client/src/helpers/trackers/trackers.json
index f8859577..c0c1799a 100644
--- a/client/src/helpers/trackers/trackers.json
+++ b/client/src/helpers/trackers/trackers.json
@@ -1,5 +1,5 @@
{
- "timeUpdated": "2024-12-03T12:12:08.316Z",
+ "timeUpdated": "2025-01-13T10:04:54.031Z",
"categories": {
"0": "audio_video_player",
"1": "comments",
@@ -9772,6 +9772,13 @@
"url": "http://www.jetinteractive.com.au/",
"companyId": "jet_interactive"
},
+ "jetbrains": {
+ "name": "JetBrains",
+ "categoryId": 8,
+ "url": "https://www.jetbrains.com/",
+ "companyId": "jetbrains",
+ "source": "AdGuard"
+ },
"jetlore": {
"name": "Jetlore",
"categoryId": 6,
@@ -22410,6 +22417,7 @@
"adservice.google.pl": "google_marketing",
"adservice.google.ru": "google_marketing",
"adservice.google.vg": "google_marketing",
+ "adtrafficquality.google": "google_marketing",
"dai.google.com": "google_marketing",
"doubleclickbygoogle.com": "google_marketing",
"googlesyndication-cn.com": "google_marketing",
@@ -22763,6 +22771,22 @@
"jeeng.com": "jeeng",
"api.jeeng.com": "jeeng_widgets",
"phone-analytics.com": "jet_interactive",
+ "grazie.ai": "jetbrains",
+ "intellij.net": "jetbrains",
+ "jb.gg": "jetbrains",
+ "jetbrains.ai": "jetbrains",
+ "jetbrains.com": "jetbrains",
+ "jetbrains.com.cn": "jetbrains",
+ "jetbrains.dev": "jetbrains",
+ "jetbrains.net": "jetbrains",
+ "jetbrains.org": "jetbrains",
+ "jetbrains.ru": "jetbrains",
+ "jetbrains.space": "jetbrains",
+ "kotl.in": "jetbrains",
+ "kotlinconf.com": "jetbrains",
+ "kotlinlang.org": "jetbrains",
+ "myjetbrains.com": "jetbrains",
+ "talkingkotlin.com": "jetbrains",
"jetlore.com": "jetlore",
"pixel.wp.com": "jetpack",
"stats.wp.com": "jetpack",
diff --git a/go.mod b/go.mod
index 429f6ef8..1ed09910 100644
--- a/go.mod
+++ b/go.mod
@@ -1,10 +1,10 @@
module github.com/AdguardTeam/AdGuardHome
-go 1.23.4
+go 1.23.5
require (
- github.com/AdguardTeam/dnsproxy v0.73.4
- github.com/AdguardTeam/golibs v0.30.5
+ github.com/AdguardTeam/dnsproxy v0.73.5
+ github.com/AdguardTeam/golibs v0.31.0
github.com/AdguardTeam/urlfilter v0.20.0
github.com/NYTimes/gziphandler v1.1.1
github.com/ameshkov/dnscrypt/v2 v2.3.0
@@ -19,7 +19,7 @@ require (
github.com/google/gopacket v1.1.19
github.com/google/renameio/v2 v2.0.0
github.com/google/uuid v1.6.0
- github.com/insomniacslk/dhcp v0.0.0-20240829085014-a3a4c1f04475
+ github.com/insomniacslk/dhcp v0.0.0-20241203100832-a481575ed0ef
github.com/josharian/native v1.1.1-0.20230202152459-5c7d0dd6ab86
github.com/kardianos/service v1.2.2
github.com/mdlayher/ethernet v0.0.0-20220221185849-529eae5b6118
@@ -33,9 +33,9 @@ require (
github.com/stretchr/testify v1.10.0
github.com/ti-mo/netfilter v0.5.2
go.etcd.io/bbolt v1.3.11
- golang.org/x/crypto v0.29.0
- golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f
- golang.org/x/net v0.31.0
+ golang.org/x/crypto v0.31.0
+ golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67
+ golang.org/x/net v0.33.0
golang.org/x/sys v0.28.0
gopkg.in/natefinch/lumberjack.v2 v2.2.1
gopkg.in/yaml.v3 v3.0.1
@@ -49,9 +49,9 @@ require (
github.com/beefsack/go-rate v0.0.0-20220214233405-116f4ca011a0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
- github.com/google/pprof v0.0.0-20241101162523-b92577c0c142 // indirect
+ github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad // indirect
github.com/mdlayher/socket v0.5.1 // indirect
- github.com/onsi/ginkgo/v2 v2.21.0 // indirect
+ github.com/onsi/ginkgo/v2 v2.22.1 // indirect
github.com/patrickmn/go-cache v2.1.0+incompatible // indirect
github.com/pierrec/lz4/v4 v4.1.21 // indirect
github.com/pkg/errors v0.9.1 // indirect
@@ -60,8 +60,8 @@ require (
github.com/u-root/uio v0.0.0-20240224005618-d2acac8f3701 // indirect
go.uber.org/mock v0.5.0 // indirect
golang.org/x/mod v0.22.0 // indirect
- golang.org/x/sync v0.9.0 // indirect
- golang.org/x/text v0.20.0 // indirect
- golang.org/x/tools v0.27.0 // indirect
+ golang.org/x/sync v0.10.0 // indirect
+ golang.org/x/text v0.21.0 // indirect
+ golang.org/x/tools v0.28.0 // indirect
gonum.org/v1/gonum v0.15.1 // indirect
)
diff --git a/go.sum b/go.sum
index 7cc52185..ed6ca788 100644
--- a/go.sum
+++ b/go.sum
@@ -1,7 +1,7 @@
-github.com/AdguardTeam/dnsproxy v0.73.4 h1:FTIXX34wQqePjtWUD1I4QfWTq2B2N1gfOW/TzZDdR4o=
-github.com/AdguardTeam/dnsproxy v0.73.4/go.mod h1:18ssqhDgOCiVIwYmmVuXVM05wSwrzkO2yjKhVRWJX/g=
-github.com/AdguardTeam/golibs v0.30.5 h1:xqat/N9o/V/AnakaWpqq+fGU/qJhKtL4A2pj66kC+TE=
-github.com/AdguardTeam/golibs v0.30.5/go.mod h1:2wOvoAsubo/REnBiuu/YWYmkkzyFR52/QljMdQ2R58M=
+github.com/AdguardTeam/dnsproxy v0.73.5 h1:3EiVaTfmuW6PcJGbqloR6ZdHACsrYkm9z0eH8ZQTZnQ=
+github.com/AdguardTeam/dnsproxy v0.73.5/go.mod h1:Oqw+k7LyjDObfYzXYCkpgtirbzbUrmotr92jrb3N09I=
+github.com/AdguardTeam/golibs v0.31.0 h1:Z0oPfLTLw6iZmpE58dePy2Bel0MaX+lnDwtFEE5EmIo=
+github.com/AdguardTeam/golibs v0.31.0/go.mod h1:wIkZ9o2UnppeW6/YD7yJB71dYbMhiuC1Fh/I2ElW7GQ=
github.com/AdguardTeam/urlfilter v0.20.0 h1:X32qiuVCVd8WDYCEsbdZKfXMzwdVqrdulamtUi4rmzs=
github.com/AdguardTeam/urlfilter v0.20.0/go.mod h1:gjrywLTxfJh6JOkwi9SU+frhP7kVVEZ5exFGkR99qpk=
github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cqUQ3I=
@@ -42,8 +42,8 @@ github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF8=
github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo=
-github.com/google/pprof v0.0.0-20241101162523-b92577c0c142 h1:sAGdeJj0bnMgUNVeUpp6AYlVdCt3/GdI3pGRqsNSQLs=
-github.com/google/pprof v0.0.0-20241101162523-b92577c0c142/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
+github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad h1:a6HEuzUHeKH6hwfN/ZoQgRgVIWFJljSWa/zetS2WTvg=
+github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
github.com/google/renameio/v2 v2.0.0 h1:UifI23ZTGY8Tt29JbYFiuyIU3eX+RNFtUwefq9qAhxg=
github.com/google/renameio/v2 v2.0.0/go.mod h1:BtmJXm5YlszgC+TD4HOEEUFgkJP3nLxehU6hfe7jRt4=
github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@@ -51,8 +51,8 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/hugelgupf/socketpair v0.0.0-20190730060125-05d35a94e714 h1:/jC7qQFrv8CrSJVmaolDVOxTfS9kc36uB6H40kdbQq8=
github.com/hugelgupf/socketpair v0.0.0-20190730060125-05d35a94e714/go.mod h1:2Goc3h8EklBH5mspfHFxBnEoURQCGzQQH1ga9Myjvis=
-github.com/insomniacslk/dhcp v0.0.0-20240829085014-a3a4c1f04475 h1:hxST5pwMBEOWmxpkX20w9oZG+hXdhKmAIPQ3NGGAxas=
-github.com/insomniacslk/dhcp v0.0.0-20240829085014-a3a4c1f04475/go.mod h1:KclMyHxX06VrVr0DJmeFSUb1ankt7xTfoOA35pCkoic=
+github.com/insomniacslk/dhcp v0.0.0-20241203100832-a481575ed0ef h1:NzQKDfd5ZOPnuZYf9MnRee8x2qecsVqzsnaLjEZiBko=
+github.com/insomniacslk/dhcp v0.0.0-20241203100832-a481575ed0ef/go.mod h1:KclMyHxX06VrVr0DJmeFSUb1ankt7xTfoOA35pCkoic=
github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
github.com/josharian/native v1.0.0/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w=
github.com/josharian/native v1.1.1-0.20230202152459-5c7d0dd6ab86 h1:elKwZS1OcdQ0WwEDBeqxKwb7WB62QX8bvZ/FJnVXIfk=
@@ -80,10 +80,10 @@ github.com/miekg/dns v1.1.62 h1:cN8OuEF1/x5Rq6Np+h1epln8OiyPWV+lROx9LxcGgIQ=
github.com/miekg/dns v1.1.62/go.mod h1:mvDlcItzm+br7MToIKqkglaGhlFMHJ9DTNNWONWXbNQ=
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
-github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM=
-github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo=
-github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8=
-github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc=
+github.com/onsi/ginkgo/v2 v2.22.1 h1:QW7tbJAUDyVDVOM5dFa7qaybo+CRfR7bemlQUN6Z8aM=
+github.com/onsi/ginkgo/v2 v2.22.1/go.mod h1:S6aTpoRsSq2cZOd+pssHAlKW/Q/jZt6cPrPlnj4a1xM=
+github.com/onsi/gomega v1.36.1 h1:bJDPBO7ibjxcbHMgSCoo4Yj18UWbKDlLwX1x9sybDcw=
+github.com/onsi/gomega v1.36.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog=
github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc=
github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
github.com/pierrec/lz4/v4 v4.1.21 h1:yOVMLb6qSIDP67pl/5F7RepeKYu/VmTyEXvuMI5d9mQ=
@@ -126,10 +126,10 @@ go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU=
go.uber.org/mock v0.5.0/go.mod h1:ge71pBPLYDk7QIi1LupWxdAykm7KIEFchiOqd6z7qMM=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
-golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
-golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f h1:XdNn9LlyWAhLVp6P/i8QYBW+hlyhrhei9uErw2B5GJo=
-golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:D5SMRVC3C2/4+F/DB1wZsLRnSNimn2Sp/NPsCrsv8ak=
+golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
+golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
+golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 h1:1UoZQm6f0P/ZO0w1Ri+f+ifG/gXhegadRdwBIXEFWDo=
+golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67/go.mod h1:qj5a5QZpwLU2NLQudwIN5koi3beDhSAlJwa67PuM98c=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
@@ -140,12 +140,12 @@ golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
-golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
+golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190322080309-f49334f85ddc/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -161,20 +161,20 @@ golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
+golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
+golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.27.0 h1:qEKojBykQkQ4EynWy4S8Weg69NumxKdn40Fce3uc/8o=
-golang.org/x/tools v0.27.0/go.mod h1:sUi0ZgbwW9ZPAq26Ekut+weQPR5eIM6GQLQ1Yjm1H0Q=
+golang.org/x/tools v0.28.0 h1:WuB6qZ4RPCQo5aP3WdKZS7i595EdWqWR8vqJTlwTVK8=
+golang.org/x/tools v0.28.0/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
gonum.org/v1/gonum v0.15.1 h1:FNy7N6OUZVUaWG9pTiD+jlhdQ3lMP+/LcTpJ6+a8sQ0=
gonum.org/v1/gonum v0.15.1/go.mod h1:eZTZuRFrzu5pcyjN5wJhcIhnUdNijYxX1T2IcrOGY0o=
-google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
-google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA=
+google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/internal/configmigrate/migrations_internal_test.go b/internal/configmigrate/migrations_internal_test.go
index 34bbb847..cf681834 100644
--- a/internal/configmigrate/migrations_internal_test.go
+++ b/internal/configmigrate/migrations_internal_test.go
@@ -521,7 +521,7 @@ func TestUpgradeSchema11to12(t *testing.T) {
name string
}{{
ivl: 1,
- want: timeutil.Duration{Duration: timeutil.Day},
+ want: timeutil.Duration(timeutil.Day),
wantErr: "",
name: "success",
}, {
@@ -604,7 +604,7 @@ func TestUpgradeSchema11to12(t *testing.T) {
ivlVal, ok = ivl.(timeutil.Duration)
require.True(t, ok)
- assert.Equal(t, 90*24*time.Hour, ivlVal.Duration)
+ assert.Equal(t, 90*24*time.Hour, time.Duration(ivlVal))
})
}
@@ -1055,12 +1055,12 @@ func TestUpgradeSchema19to20(t *testing.T) {
name string
}{{
ivl: 1,
- want: timeutil.Duration{Duration: timeutil.Day},
+ want: timeutil.Duration(timeutil.Day),
wantErr: "",
name: "success",
}, {
ivl: 0,
- want: timeutil.Duration{Duration: timeutil.Day},
+ want: timeutil.Duration(timeutil.Day),
wantErr: "",
name: "success",
}, {
@@ -1143,7 +1143,7 @@ func TestUpgradeSchema19to20(t *testing.T) {
ivlVal, ok = ivl.(timeutil.Duration)
require.True(t, ok)
- assert.Equal(t, 24*time.Hour, ivlVal.Duration)
+ assert.Equal(t, 24*time.Hour, time.Duration(ivlVal))
})
}
diff --git a/internal/configmigrate/v12.go b/internal/configmigrate/v12.go
index 40afca80..5551c6be 100644
--- a/internal/configmigrate/v12.go
+++ b/internal/configmigrate/v12.go
@@ -37,7 +37,7 @@ func migrateTo12(diskConf yobj) (err error) {
qlogIvl = 90
}
- dns[field] = timeutil.Duration{Duration: time.Duration(qlogIvl) * timeutil.Day}
+ dns[field] = timeutil.Duration(time.Duration(qlogIvl) * timeutil.Day)
return nil
}
diff --git a/internal/configmigrate/v20.go b/internal/configmigrate/v20.go
index d207ac0b..d8dba097 100644
--- a/internal/configmigrate/v20.go
+++ b/internal/configmigrate/v20.go
@@ -38,7 +38,7 @@ func migrateTo20(diskConf yobj) (err error) {
ivl = 1
}
- stats[field] = timeutil.Duration{Duration: time.Duration(ivl) * timeutil.Day}
+ stats[field] = timeutil.Duration(time.Duration(ivl) * timeutil.Day)
return nil
}
diff --git a/internal/configmigrate/v23.go b/internal/configmigrate/v23.go
index 5cda964d..b808da08 100644
--- a/internal/configmigrate/v23.go
+++ b/internal/configmigrate/v23.go
@@ -48,7 +48,7 @@ func migrateTo23(diskConf yobj) (err error) {
diskConf["http"] = yobj{
"address": netip.AddrPortFrom(bindHostAddr, uint16(bindPort)).String(),
- "session_ttl": timeutil.Duration{Duration: time.Duration(sessionTTL) * time.Hour}.String(),
+ "session_ttl": timeutil.Duration(time.Duration(sessionTTL) * time.Hour).String(),
}
delete(diskConf, "bind_host")
diff --git a/internal/dhcpd/README.md b/internal/dhcpd/README.md
index 8bb51147..18c7d1d7 100644
--- a/internal/dhcpd/README.md
+++ b/internal/dhcpd/README.md
@@ -1,61 +1,50 @@
- # Testing DHCP Server
+# Testing DHCP Server
Contents:
- * [Test setup with Virtual Box](#vbox)
- * [Quick test with DHCPTest](#dhcptest)
-## Test setup with Virtual Box
+- [Test setup with Virtual Box](#vbox)
+- [Quick test with DHCPTest](#dhcptest)
- ### Prerequisites
+## Test setup with Virtual Box
+
+### Prerequisites
To set up a test environment for DHCP server you will need:
- * Linux AG Home host machine (Virtual).
- * Virtual Box.
- * Virtual machine (guest OS doesn't matter).
+- Linux AG Home host machine (Virtual)
+- Virtual Box
+- Virtual machine (guest OS doesn't matter)
- ### Configure Virtual Box
+### Configure Virtual Box
- 1. Install Virtual Box and run the following command to create a Host-Only
- network:
+1. Install Virtual Box and run the following command to create a Host-Only network:
- ```sh
- $ VBoxManage hostonlyif create
- ```
+ ```sh
+ VBoxManage hostonlyif create
+ ```
- You can check its status by `ip a` command.
+ You can check its status by `ip a` command.
- You can also set up Host-Only network using Virtual Box menu:
+ You can also set up Host-Only network using Virtual Box menu in *File → Host Network Manager.*
- ```
- File -> Host Network Manager...
- ```
+2. Create your virtual machine and set up its network in *VM Settings → Network → Host-only Adapter.*
- 2. Create your virtual machine and set up its network:
+3. Start your VM, install an OS. Configure your network interface to use DHCP and the OS should ask for a IP address from our DHCP server.
- ```
- VM Settings -> Network -> Host-only Adapter
- ```
+4. To see the current IP addresses on client OS you can use `ip a` command on Linux or `ipconfig` on Windows.
- 3. Start your VM, install an OS. Configure your network interface to use
- DHCP and the OS should ask for a IP address from our DHCP server.
+5. To force the client OS to request an IP from DHCP server again, you can use `dhclient` on Linux or `ipconfig /release` on Windows.
- 4. To see the current IP addresses on client OS you can use `ip a` command on
- Linux or `ipconfig` on Windows.
+### Configure server
- 5. To force the client OS to request an IP from DHCP server again, you can
- use `dhclient` on Linux or `ipconfig /release` on Windows.
+1. Edit server configuration file `AdGuardHome.yaml`, for example:
- ### Configure server
-
- 1. Edit server configuration file `AdGuardHome.yaml`, for example:
-
- ```yaml
- dhcp:
- enabled: true
- interface_name: vboxnet0
- local_domain_name: lan
- dhcpv4:
+ ```yaml
+ dhcp:
+ enabled: true
+ interface_name: vboxnet0
+ local_domain_name: lan
+ dhcpv4:
gateway_ip: 192.168.56.1
subnet_mask: 255.255.255.0
range_start: 192.168.56.2
@@ -63,34 +52,33 @@ To set up a test environment for DHCP server you will need:
lease_duration: 86400
icmp_timeout_msec: 1000
options: []
- dhcpv6:
+ dhcpv6:
range_start: 2001::1
lease_duration: 86400
ra_slaac_only: false
ra_allow_slaac: false
- ```
+ ```
- 2. Start the server
+2. Start the server:
- ```sh
- ./AdGuardHome -v
- ```
+ ```sh
+ ./AdGuardHome -v
+ ```
- There should be a message in log which shows that DHCP server is ready:
+ There should be a message in log which shows that DHCP server is ready:
- ```
- [info] DHCP: listening on 0.0.0.0:67
- ```
+ ```none
+ [info] dhcpv4: listening
+ ```
-## Quick test with DHCPTest utility
+## Quick test with DHCPTest utility
- ### Prerequisites
+### Prerequisites
- * [DHCP test utility][dhcptest-gh].
+- [DHCP test utility][dhcptest-gh].
- ### Quick test
+### Quick test
-The DHCP server could be tested for DISCOVER-OFFER packets with in
-interactive mode.
+The DHCP server could be tested for DISCOVER-OFFER packets with in interactive mode.
[dhcptest-gh]: https://github.com/CyberShadow/dhcptest
diff --git a/internal/dhcpd/options_unix.go b/internal/dhcpd/options_unix.go
index 6881d942..d7366bb2 100644
--- a/internal/dhcpd/options_unix.go
+++ b/internal/dhcpd/options_unix.go
@@ -84,7 +84,7 @@ func parseDHCPOptionDur(s string) (val dhcpv4.OptionValue, err error) {
return nil, fmt.Errorf("decoding dur: %w", err)
}
- return dhcpv4.Duration(v.Duration), nil
+ return dhcpv4.Duration(v), nil
}
// parseDHCPOptionUint parses a DHCP option as an unsigned integer. bitSize is
diff --git a/internal/dhcpd/options_unix_test.go b/internal/dhcpd/options_unix_test.go
index a4ab7dc8..24abf807 100644
--- a/internal/dhcpd/options_unix_test.go
+++ b/internal/dhcpd/options_unix_test.go
@@ -144,8 +144,8 @@ func TestParseOpt(t *testing.T) {
in: "24 dur 3y",
wantCode: nil,
wantVal: nil,
- wantErrMsg: "invalid option string \"24 dur 3y\": decoding dur: " +
- "unmarshaling duration: time: unknown unit \"y\" in duration \"3y\"",
+ wantErrMsg: `invalid option string "24 dur 3y": decoding dur: time: ` +
+ `unknown unit "y" in duration "3y"`,
}, {
name: "u8_error",
in: "23 u8 256",
diff --git a/internal/dnsforward/beforerequest.go b/internal/dnsforward/beforerequest.go
index 8a1b0272..5d09c2e5 100644
--- a/internal/dnsforward/beforerequest.go
+++ b/internal/dnsforward/beforerequest.go
@@ -81,7 +81,7 @@ func (s *Server) clientIDFromDNSContext(pctx *proxy.DNSContext) (clientID string
cliSrvName, err := clientServerName(pctx, proto)
if err != nil {
- return "", err
+ return "", fmt.Errorf("getting client server-name: %w", err)
}
clientID, err = clientIDFromClientServerName(
diff --git a/internal/dnsforward/clientid.go b/internal/dnsforward/clientid.go
index 6cda328c..352db4f2 100644
--- a/internal/dnsforward/clientid.go
+++ b/internal/dnsforward/clientid.go
@@ -3,6 +3,7 @@ package dnsforward
import (
"crypto/tls"
"fmt"
+ "net/http"
"path"
"strings"
@@ -118,17 +119,13 @@ func clientServerName(pctx *proxy.DNSContext, proto proxy.Proto) (srvName string
switch proto {
case proxy.ProtoHTTPS:
- r := pctx.HTTPRequest
- if connState := r.TLS; connState != nil {
- srvName = connState.ServerName
- } else if r.Host != "" {
- var host string
- host, err = netutil.SplitHost(r.Host)
- if err != nil {
- return "", fmt.Errorf("parsing host: %w", err)
- }
+ var fromHost bool
+ srvName, fromHost, err = clientServerNameFromHTTP(pctx.HTTPRequest)
+ if err != nil {
+ return "", fmt.Errorf("from http: %w", err)
+ }
- srvName = host
+ if fromHost {
from = "host header"
}
case proxy.ProtoQUIC:
@@ -153,3 +150,23 @@ func clientServerName(pctx *proxy.DNSContext, proto proxy.Proto) (srvName string
return srvName, nil
}
+
+// clientServerNameFromHTTP returns the TLS server name or the value of the host
+// header depending on the protocol. fromHost is true if srvName comes from the
+// "Host" HTTP header.
+func clientServerNameFromHTTP(r *http.Request) (srvName string, fromHost bool, err error) {
+ if connState := r.TLS; connState != nil {
+ return connState.ServerName, false, nil
+ }
+
+ if r.Host == "" {
+ return "", false, nil
+ }
+
+ srvName, err = netutil.SplitHost(r.Host)
+ if err != nil {
+ return "", false, fmt.Errorf("parsing host: %w", err)
+ }
+
+ return srvName, true, nil
+}
diff --git a/internal/dnsforward/config.go b/internal/dnsforward/config.go
index c2054217..e91657ed 100644
--- a/internal/dnsforward/config.go
+++ b/internal/dnsforward/config.go
@@ -348,7 +348,7 @@ func (s *Server) newProxyConfig() (conf *proxy.Config, err error) {
conf.EDNSAddr = net.IP(srvConf.EDNSClientSubnet.CustomIP.AsSlice())
}
- err = setProxyUpstreamMode(conf, srvConf.UpstreamMode, srvConf.FastestTimeout.Duration)
+ err = setProxyUpstreamMode(conf, srvConf.UpstreamMode, time.Duration(srvConf.FastestTimeout))
if err != nil {
return nil, fmt.Errorf("upstream mode: %w", err)
}
diff --git a/internal/dnsforward/dnsforward.go b/internal/dnsforward/dnsforward.go
index 27037234..9413e828 100644
--- a/internal/dnsforward/dnsforward.go
+++ b/internal/dnsforward/dnsforward.go
@@ -740,7 +740,7 @@ func (s *Server) prepareInternalProxy() (err error) {
MessageConstructor: s,
}
- err = setProxyUpstreamMode(conf, srvConf.UpstreamMode, srvConf.FastestTimeout.Duration)
+ err = setProxyUpstreamMode(conf, srvConf.UpstreamMode, time.Duration(srvConf.FastestTimeout))
if err != nil {
return fmt.Errorf("invalid upstream mode: %w", err)
}
diff --git a/internal/home/clients.go b/internal/home/clients.go
index 4aff4b25..0f9b5266 100644
--- a/internal/home/clients.go
+++ b/internal/home/clients.go
@@ -400,7 +400,7 @@ func (clients *clientsContainer) UpstreamConfigByID(
upstreams,
&upstream.Options{
Bootstrap: bootstrap,
- Timeout: config.DNS.UpstreamTimeout.Duration,
+ Timeout: time.Duration(config.DNS.UpstreamTimeout),
HTTPVersions: dnsforward.UpstreamHTTPVersions(config.DNS.UseHTTP3Upstreams),
PreferIPv6: config.DNS.BootstrapPreferIPv6,
},
diff --git a/internal/home/clientshttp.go b/internal/home/clientshttp.go
index 8cea8650..2971dfea 100644
--- a/internal/home/clientshttp.go
+++ b/internal/home/clientshttp.go
@@ -424,6 +424,8 @@ func (clients *clientsContainer) handleUpdateClient(w http.ResponseWriter, r *ht
}
// handleFindClient is the handler for GET /control/clients/find HTTP API.
+//
+// Deprecated: Remove it when migration to the new API is over.
func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http.Request) {
q := r.URL.Query()
data := []map[string]*clientJSON{}
@@ -433,19 +435,58 @@ func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http
break
}
- ip, _ := netip.ParseAddr(idStr)
- c, ok := clients.storage.Find(idStr)
- var cj *clientJSON
- if !ok {
- cj = clients.findRuntime(ip, idStr)
- } else {
- cj = clientToJSON(c)
- disallowed, rule := clients.clientChecker.IsBlockedClient(ip, idStr)
- cj.Disallowed, cj.DisallowedRule = &disallowed, &rule
- }
-
data = append(data, map[string]*clientJSON{
- idStr: cj,
+ idStr: clients.findClient(idStr),
+ })
+ }
+
+ aghhttp.WriteJSONResponseOK(w, r, data)
+}
+
+// findClient returns available information about a client by idStr from the
+// client's storage or access settings. cj is guaranteed to be non-nil.
+func (clients *clientsContainer) findClient(idStr string) (cj *clientJSON) {
+ ip, _ := netip.ParseAddr(idStr)
+ c, ok := clients.storage.Find(idStr)
+ if !ok {
+ return clients.findRuntime(ip, idStr)
+ }
+
+ cj = clientToJSON(c)
+ disallowed, rule := clients.clientChecker.IsBlockedClient(ip, idStr)
+ cj.Disallowed, cj.DisallowedRule = &disallowed, &rule
+
+ return cj
+}
+
+// searchQueryJSON is a request to the POST /control/clients/search HTTP API.
+//
+// TODO(s.chzhen): Add UIDs.
+type searchQueryJSON struct {
+ Clients []searchClientJSON `json:"clients"`
+}
+
+// searchClientJSON is a part of [searchQueryJSON] that contains a string
+// representation of the client's IP address, CIDR, MAC address, or ClientID.
+type searchClientJSON struct {
+ ID string `json:"id"`
+}
+
+// handleSearchClient is the handler for the POST /control/clients/search HTTP API.
+func (clients *clientsContainer) handleSearchClient(w http.ResponseWriter, r *http.Request) {
+ q := searchQueryJSON{}
+ err := json.NewDecoder(r.Body).Decode(&q)
+ if err != nil {
+ aghhttp.Error(r, w, http.StatusBadRequest, "failed to process request body: %s", err)
+
+ return
+ }
+
+ data := []map[string]*clientJSON{}
+ for _, c := range q.Clients {
+ idStr := c.ID
+ data = append(data, map[string]*clientJSON{
+ idStr: clients.findClient(idStr),
})
}
@@ -493,5 +534,8 @@ func (clients *clientsContainer) registerWebHandlers() {
httpRegister(http.MethodPost, "/control/clients/add", clients.handleAddClient)
httpRegister(http.MethodPost, "/control/clients/delete", clients.handleDelClient)
httpRegister(http.MethodPost, "/control/clients/update", clients.handleUpdateClient)
+ httpRegister(http.MethodPost, "/control/clients/search", clients.handleSearchClient)
+
+ // Deprecated handler.
httpRegister(http.MethodGet, "/control/clients/find", clients.handleFindClient)
}
diff --git a/internal/home/clientshttp_internal_test.go b/internal/home/clientshttp_internal_test.go
index a10ca8d1..c1c495f2 100644
--- a/internal/home/clientshttp_internal_test.go
+++ b/internal/home/clientshttp_internal_test.go
@@ -16,6 +16,7 @@ import (
"github.com/AdguardTeam/AdGuardHome/internal/client"
"github.com/AdguardTeam/AdGuardHome/internal/filtering"
"github.com/AdguardTeam/AdGuardHome/internal/schedule"
+ "github.com/AdguardTeam/AdGuardHome/internal/whois"
"github.com/AdguardTeam/golibs/testutil"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
@@ -408,3 +409,145 @@ func TestClientsContainer_HandleFindClient(t *testing.T) {
})
}
}
+
+func TestClientsContainer_HandleSearchClient(t *testing.T) {
+ var (
+ runtimeCli = "runtime_client1"
+
+ runtimeCliIP = "3.3.3.3"
+ blockedCliIP = "4.4.4.4"
+ nonExistentCliIP = "5.5.5.5"
+
+ allowed = false
+ dissallowed = true
+
+ emptyRule = ""
+ disallowedRule = "disallowed_rule"
+ )
+
+ clients := newClientsContainer(t)
+ clients.clientChecker = &testBlockedClientChecker{
+ onIsBlockedClient: func(ip netip.Addr, _ string) (ok bool, rule string) {
+ if ip == netip.MustParseAddr(blockedCliIP) {
+ return true, disallowedRule
+ }
+
+ return false, emptyRule
+ },
+ }
+
+ ctx := testutil.ContextWithTimeout(t, testTimeout)
+
+ clientOne := newPersistentClientWithIDs(t, "client1", []string{testClientIP1})
+ err := clients.storage.Add(ctx, clientOne)
+ require.NoError(t, err)
+
+ clientTwo := newPersistentClientWithIDs(t, "client2", []string{testClientIP2})
+ err = clients.storage.Add(ctx, clientTwo)
+ require.NoError(t, err)
+
+ assertPersistentClients(t, clients, []*client.Persistent{clientOne, clientTwo})
+
+ clients.UpdateAddress(ctx, netip.MustParseAddr(runtimeCliIP), runtimeCli, nil)
+
+ testCases := []struct {
+ name string
+ query *searchQueryJSON
+ wantPersistent []*client.Persistent
+ wantRuntime *clientJSON
+ }{{
+ name: "single",
+ query: &searchQueryJSON{
+ Clients: []searchClientJSON{{
+ ID: testClientIP1,
+ }},
+ },
+ wantPersistent: []*client.Persistent{clientOne},
+ }, {
+ name: "multiple",
+ query: &searchQueryJSON{
+ Clients: []searchClientJSON{{
+ ID: testClientIP1,
+ }, {
+ ID: testClientIP2,
+ }},
+ },
+ wantPersistent: []*client.Persistent{clientOne, clientTwo},
+ }, {
+ name: "runtime",
+ query: &searchQueryJSON{
+ Clients: []searchClientJSON{{
+ ID: runtimeCliIP,
+ }},
+ },
+ wantRuntime: &clientJSON{
+ Name: runtimeCli,
+ IDs: []string{runtimeCliIP},
+ Disallowed: &allowed,
+ DisallowedRule: &emptyRule,
+ WHOIS: &whois.Info{},
+ },
+ }, {
+ name: "blocked_access",
+ query: &searchQueryJSON{
+ Clients: []searchClientJSON{{
+ ID: blockedCliIP,
+ }},
+ },
+ wantRuntime: &clientJSON{
+ IDs: []string{blockedCliIP},
+ Disallowed: &dissallowed,
+ DisallowedRule: &disallowedRule,
+ WHOIS: &whois.Info{},
+ },
+ }, {
+ name: "non_existing_client",
+ query: &searchQueryJSON{
+ Clients: []searchClientJSON{{
+ ID: nonExistentCliIP,
+ }},
+ },
+ wantRuntime: &clientJSON{
+ IDs: []string{nonExistentCliIP},
+ Disallowed: &allowed,
+ DisallowedRule: &emptyRule,
+ WHOIS: &whois.Info{},
+ },
+ }}
+
+ for _, tc := range testCases {
+ t.Run(tc.name, func(t *testing.T) {
+ var body []byte
+ body, err = json.Marshal(tc.query)
+ require.NoError(t, err)
+
+ var r *http.Request
+ r, err = http.NewRequest(http.MethodPost, "", bytes.NewReader(body))
+ require.NoError(t, err)
+
+ rw := httptest.NewRecorder()
+ clients.handleSearchClient(rw, r)
+ require.NoError(t, err)
+ require.Equal(t, http.StatusOK, rw.Code)
+
+ body, err = io.ReadAll(rw.Body)
+ require.NoError(t, err)
+
+ clientData := []map[string]*clientJSON{}
+ err = json.Unmarshal(body, &clientData)
+ require.NoError(t, err)
+
+ if tc.wantPersistent != nil {
+ assertPersistentClientsData(t, clients, clientData, tc.wantPersistent)
+
+ return
+ }
+
+ require.Len(t, clientData, 1)
+ require.Len(t, clientData[0], 1)
+
+ rc := clientData[0][tc.wantRuntime.IDs[0]]
+ assert.Equal(t, tc.wantRuntime, rc)
+ })
+ }
+}
diff --git a/internal/home/config.go b/internal/home/config.go
index 3c5c16f9..315a3345 100644
--- a/internal/home/config.go
+++ b/internal/home/config.go
@@ -339,7 +339,7 @@ var config = &configuration{
AuthBlockMin: 15,
HTTPConfig: httpConfig{
Address: netip.AddrPortFrom(netip.IPv4Unspecified(), 3000),
- SessionTTL: timeutil.Duration{Duration: 30 * timeutil.Day},
+ SessionTTL: timeutil.Duration(30 * timeutil.Day),
Pprof: &httpPprofConfig{
Enabled: false,
Port: 6060,
@@ -355,9 +355,7 @@ var config = &configuration{
RefuseAny: true,
UpstreamMode: dnsforward.UpstreamModeLoadBalance,
HandleDDR: true,
- FastestTimeout: timeutil.Duration{
- Duration: fastip.DefaultPingWaitTimeout,
- },
+ FastestTimeout: timeutil.Duration(fastip.DefaultPingWaitTimeout),
TrustedProxies: []netutil.Prefix{{
Prefix: netip.MustParsePrefix("127.0.0.0/8"),
@@ -378,7 +376,7 @@ var config = &configuration{
// was later increased to 300 due to https://github.com/AdguardTeam/AdGuardHome/issues/2257
MaxGoroutines: 300,
},
- UpstreamTimeout: timeutil.Duration{Duration: dnsforward.DefaultTimeout},
+ UpstreamTimeout: timeutil.Duration(dnsforward.DefaultTimeout),
UsePrivateRDNS: true,
ServePlainDNS: true,
HostsFileEnabled: true,
@@ -391,13 +389,13 @@ var config = &configuration{
QueryLog: queryLogConfig{
Enabled: true,
FileEnabled: true,
- Interval: timeutil.Duration{Duration: 90 * timeutil.Day},
+ Interval: timeutil.Duration(90 * timeutil.Day),
MemSize: 1000,
Ignored: []string{},
},
Stats: statsConfig{
Enabled: true,
- Interval: timeutil.Duration{Duration: 1 * timeutil.Day},
+ Interval: timeutil.Duration(1 * timeutil.Day),
Ignored: []string{},
},
// NOTE: Keep these parameters in sync with the one put into
@@ -565,8 +563,8 @@ func parseConfig() (err error) {
return err
}
- if config.DNS.UpstreamTimeout.Duration == 0 {
- config.DNS.UpstreamTimeout = timeutil.Duration{Duration: dnsforward.DefaultTimeout}
+ if config.DNS.UpstreamTimeout == 0 {
+ config.DNS.UpstreamTimeout = timeutil.Duration(dnsforward.DefaultTimeout)
}
// Do not wrap the error because it's informative enough as is.
@@ -659,7 +657,7 @@ func (c *configuration) write() (err error) {
if Context.stats != nil {
statsConf := stats.Config{}
Context.stats.WriteDiskConfig(&statsConf)
- config.Stats.Interval = timeutil.Duration{Duration: statsConf.Limit}
+ config.Stats.Interval = timeutil.Duration(statsConf.Limit)
config.Stats.Enabled = statsConf.Enabled
config.Stats.Ignored = statsConf.Ignored.Values()
}
@@ -670,7 +668,7 @@ func (c *configuration) write() (err error) {
config.DNS.AnonymizeClientIP = dc.AnonymizeClientIP
config.QueryLog.Enabled = dc.Enabled
config.QueryLog.FileEnabled = dc.FileEnabled
- config.QueryLog.Interval = timeutil.Duration{Duration: dc.RotationIvl}
+ config.QueryLog.Interval = timeutil.Duration(dc.RotationIvl)
config.QueryLog.MemSize = dc.MemSize
config.QueryLog.Ignored = dc.Ignored.Values()
}
diff --git a/internal/home/controlinstall.go b/internal/home/controlinstall.go
index 3051f0f6..9d7a96a0 100644
--- a/internal/home/controlinstall.go
+++ b/internal/home/controlinstall.go
@@ -5,6 +5,7 @@ import (
"encoding/json"
"fmt"
"io"
+ "log/slog"
"net/http"
"net/netip"
"os"
@@ -19,7 +20,7 @@ import (
"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
"github.com/AdguardTeam/AdGuardHome/internal/version"
"github.com/AdguardTeam/golibs/errors"
- "github.com/AdguardTeam/golibs/log"
+ "github.com/AdguardTeam/golibs/logutil/slogutil"
"github.com/quic-go/quic-go/http3"
)
@@ -124,6 +125,8 @@ func (req *checkConfReq) validateWeb(tcpPorts aghalg.UniqChecker[tcpPort]) (err
// be set. canAutofix is true if the port can be unbound by AdGuard Home
// automatically.
func (req *checkConfReq) validateDNS(
+ ctx context.Context,
+ l *slog.Logger,
tcpPorts aghalg.UniqChecker[tcpPort],
) (canAutofix bool, err error) {
defer func() { err = errors.Annotate(err, "validating ports: %w") }()
@@ -154,10 +157,10 @@ func (req *checkConfReq) validateDNS(
}
// Try to fix automatically.
- canAutofix = checkDNSStubListener()
+ canAutofix = checkDNSStubListener(ctx, l)
if canAutofix && req.DNS.Autofix {
- if derr := disableDNSStubListener(); derr != nil {
- log.Error("disabling DNSStubListener: %s", err)
+ if derr := disableDNSStubListener(ctx, l); derr != nil {
+ l.ErrorContext(ctx, "disabling DNSStubListener", slogutil.KeyError, err)
}
err = aghnet.CheckPort("udp", netip.AddrPortFrom(req.DNS.IP, port))
@@ -184,7 +187,7 @@ func (web *webAPI) handleInstallCheckConfig(w http.ResponseWriter, r *http.Reque
resp.Web.Status = err.Error()
}
- if resp.DNS.CanAutofix, err = req.validateDNS(tcpPorts); err != nil {
+ if resp.DNS.CanAutofix, err = req.validateDNS(r.Context(), web.logger, tcpPorts); err != nil {
resp.DNS.Status = err.Error()
} else if !req.DNS.IP.IsUnspecified() {
resp.StaticIP = handleStaticIP(req.DNS.IP, req.SetStaticIP)
@@ -233,27 +236,39 @@ func handleStaticIP(ip netip.Addr, set bool) staticIPJSON {
return resp
}
-// Check if DNSStubListener is active
-func checkDNSStubListener() bool {
+// checkDNSStubListener returns true if DNSStubListener is active.
+func checkDNSStubListener(ctx context.Context, l *slog.Logger) (ok bool) {
if runtime.GOOS != "linux" {
return false
}
cmd := exec.Command("systemctl", "is-enabled", "systemd-resolved")
- log.Tracef("executing %s %v", cmd.Path, cmd.Args)
+ l.DebugContext(ctx, "executing", "cmd", cmd.Path, "args", cmd.Args)
_, err := cmd.Output()
if err != nil || cmd.ProcessState.ExitCode() != 0 {
- log.Info("command %s has failed: %v code:%d",
- cmd.Path, err, cmd.ProcessState.ExitCode())
+ l.InfoContext(
+ ctx,
+ "execution failed",
+ "cmd", cmd.Path,
+ "code", cmd.ProcessState.ExitCode(),
+ slogutil.KeyError, err,
+ )
+
return false
}
cmd = exec.Command("grep", "-E", "#?DNSStubListener=yes", "/etc/systemd/resolved.conf")
- log.Tracef("executing %s %v", cmd.Path, cmd.Args)
+ l.DebugContext(ctx, "executing", "cmd", cmd.Path, "args", cmd.Args)
_, err = cmd.Output()
if err != nil || cmd.ProcessState.ExitCode() != 0 {
- log.Info("command %s has failed: %v code:%d",
- cmd.Path, err, cmd.ProcessState.ExitCode())
+ l.InfoContext(
+ ctx,
+ "execution failed",
+ "cmd", cmd.Path,
+ "code", cmd.ProcessState.ExitCode(),
+ slogutil.KeyError, err,
+ )
+
return false
}
@@ -269,8 +284,9 @@ DNSStubListener=no
)
const resolvConfPath = "/etc/resolv.conf"
-// Deactivate DNSStubListener
-func disableDNSStubListener() (err error) {
+// disableDNSStubListener deactivates DNSStubListerner and returns an error, if
+// any.
+func disableDNSStubListener(ctx context.Context, l *slog.Logger) (err error) {
dir := filepath.Dir(resolvedConfPath)
err = os.MkdirAll(dir, 0o755)
if err != nil {
@@ -290,7 +306,7 @@ func disableDNSStubListener() (err error) {
}
cmd := exec.Command("systemctl", "reload-or-restart", "systemd-resolved")
- log.Tracef("executing %s %v", cmd.Path, cmd.Args)
+ l.DebugContext(ctx, "executing", "cmd", cmd.Path, "args", cmd.Args)
_, err = cmd.Output()
if err != nil {
return err
@@ -327,9 +343,9 @@ func copyInstallSettings(dst, src *configuration) {
// shutdownTimeout is the timeout for shutting HTTP server down operation.
const shutdownTimeout = 5 * time.Second
-// shutdownSrv shuts srv down and prints error messages to the log.
-func shutdownSrv(ctx context.Context, srv *http.Server) {
- defer log.OnPanic("")
+// shutdownSrv shuts down srv and logs the error, if any. l must not be nil.
+func shutdownSrv(ctx context.Context, l *slog.Logger, srv *http.Server) {
+ defer slogutil.RecoverAndLog(ctx, l)
if srv == nil {
return
@@ -340,19 +356,19 @@ func shutdownSrv(ctx context.Context, srv *http.Server) {
return
}
- const msgFmt = "shutting down http server %q: %s"
- if errors.Is(err, context.Canceled) {
- log.Debug(msgFmt, srv.Addr, err)
- } else {
- log.Error(msgFmt, srv.Addr, err)
+ lvl := slog.LevelDebug
+ if !errors.Is(err, context.Canceled) {
+ lvl = slog.LevelError
}
+
+ l.Log(ctx, lvl, "shutting down http server", "addr", srv.Addr, slogutil.KeyError, err)
}
-// shutdownSrv3 shuts srv down and prints error messages to the log.
+// shutdownSrv3 shuts down srv and logs the error, if any. l must not be nil.
//
// TODO(a.garipov): Think of a good way to merge with [shutdownSrv].
-func shutdownSrv3(srv *http3.Server) {
- defer log.OnPanic("")
+func shutdownSrv3(ctx context.Context, l *slog.Logger, srv *http3.Server) {
+ defer slogutil.RecoverAndLog(ctx, l)
if srv == nil {
return
@@ -363,12 +379,12 @@ func shutdownSrv3(srv *http3.Server) {
return
}
- const msgFmt = "shutting down http/3 server %q: %s"
- if errors.Is(err, context.Canceled) {
- log.Debug(msgFmt, srv.Addr, err)
- } else {
- log.Error(msgFmt, srv.Addr, err)
+ lvl := slog.LevelDebug
+ if !errors.Is(err, context.Canceled) {
+ lvl = slog.LevelError
}
+
+ l.Log(ctx, lvl, "shutting down http/3 server", "addr", srv.Addr, slogutil.KeyError, err)
}
// PasswordMinRunes is the minimum length of user's password in runes.
@@ -436,7 +452,7 @@ func (web *webAPI) handleInstallConfigure(w http.ResponseWriter, r *http.Request
// moment we'll allow setting up TLS in the initial configuration or the
// configuration itself will use HTTPS protocol, because the underlying
// functions potentially restart the HTTPS server.
- err = startMods(web.logger)
+ err = startMods(web.baseLogger)
if err != nil {
Context.firstRun = true
copyInstallSettings(config, curConfig)
@@ -472,12 +488,11 @@ func (web *webAPI) handleInstallConfigure(w http.ResponseWriter, r *http.Request
// and with its own context, because it waits until all requests are handled
// and will be blocked by it's own caller.
go func(timeout time.Duration) {
- defer log.OnPanic("web")
-
ctx, cancel := context.WithTimeout(context.Background(), timeout)
+ defer slogutil.RecoverAndLog(ctx, web.logger)
defer cancel()
- shutdownSrv(ctx, web.httpServer)
+ shutdownSrv(ctx, web.logger, web.httpServer)
}(shutdownTimeout)
}
diff --git a/internal/home/controlupdate.go b/internal/home/controlupdate.go
index aeab8810..bdecc4e9 100644
--- a/internal/home/controlupdate.go
+++ b/internal/home/controlupdate.go
@@ -4,6 +4,7 @@ import (
"context"
"encoding/json"
"fmt"
+ "log/slog"
"net/http"
"os"
"os/exec"
@@ -16,7 +17,8 @@ import (
"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
"github.com/AdguardTeam/AdGuardHome/internal/updater"
"github.com/AdguardTeam/golibs/errors"
- "github.com/AdguardTeam/golibs/log"
+ "github.com/AdguardTeam/golibs/logutil/slogutil"
+ "github.com/AdguardTeam/golibs/osutil"
)
// temporaryError is the interface for temporary errors from the Go standard
@@ -52,7 +54,7 @@ func (web *webAPI) handleVersionJSON(w http.ResponseWriter, r *http.Request) {
}
}
- err = web.requestVersionInfo(resp, req.Recheck)
+ err = web.requestVersionInfo(r.Context(), resp, req.Recheck)
if err != nil {
// Don't wrap the error, because it's informative enough as is.
aghhttp.Error(r, w, http.StatusBadGateway, "%s", err)
@@ -73,7 +75,11 @@ func (web *webAPI) handleVersionJSON(w http.ResponseWriter, r *http.Request) {
// requestVersionInfo sets the VersionInfo field of resp if it can reach the
// update server.
-func (web *webAPI) requestVersionInfo(resp *versionResponse, recheck bool) (err error) {
+func (web *webAPI) requestVersionInfo(
+ ctx context.Context,
+ resp *versionResponse,
+ recheck bool,
+) (err error) {
updater := web.conf.updater
for range 3 {
resp.VersionInfo, err = updater.VersionInfo(recheck)
@@ -89,7 +95,9 @@ func (web *webAPI) requestVersionInfo(resp *versionResponse, recheck bool) (err
// See https://github.com/AdguardTeam/AdGuardHome/issues/934.
const sleepTime = 2 * time.Second
- log.Info("update: temp net error: %v; sleeping for %s and retrying", err, sleepTime)
+ err = fmt.Errorf("temp net error: %w; sleeping for %s and retrying", err, sleepTime)
+ web.logger.InfoContext(ctx, "updating version info", slogutil.KeyError, err)
+
time.Sleep(sleepTime)
continue
@@ -140,7 +148,7 @@ func (web *webAPI) handleUpdate(w http.ResponseWriter, r *http.Request) {
// The background context is used because the underlying functions wrap it
// with timeout and shut down the server, which handles current request. It
// also should be done in a separate goroutine for the same reason.
- go finishUpdate(context.Background(), execPath, web.conf.runningAsService)
+ go finishUpdate(context.Background(), web.logger, execPath, web.conf.runningAsService)
}
// versionResponse is the response for /control/version.json endpoint.
@@ -180,15 +188,17 @@ func tlsConfUsesPrivilegedPorts(c *tlsConfigSettings) (ok bool) {
return c.Enabled && (c.PortHTTPS < 1024 || c.PortDNSOverTLS < 1024 || c.PortDNSOverQUIC < 1024)
}
-// finishUpdate completes an update procedure.
-func finishUpdate(ctx context.Context, execPath string, runningAsService bool) {
- var err error
+// finishUpdate completes an update procedure. It is intended to be used as a
+// goroutine.
+func finishUpdate(ctx context.Context, l *slog.Logger, execPath string, runningAsService bool) {
+ defer slogutil.RecoverAndExit(ctx, l, osutil.ExitCodeFailure)
- log.Info("stopping all tasks")
+ l.InfoContext(ctx, "stopping all tasks")
cleanup(ctx)
cleanupAlways()
+ var err error
if runtime.GOOS == "windows" {
if runningAsService {
// NOTE: We can't restart the service via "kardianos/service"
@@ -199,28 +209,28 @@ func finishUpdate(ctx context.Context, execPath string, runningAsService bool) {
cmd := exec.Command("cmd", "/c", "net stop AdGuardHome & net start AdGuardHome")
err = cmd.Start()
if err != nil {
- log.Fatalf("restarting: stopping: %s", err)
+ panic(fmt.Errorf("restarting service: %w", err))
}
- os.Exit(0)
+ os.Exit(osutil.ExitCodeSuccess)
}
cmd := exec.Command(execPath, os.Args[1:]...)
- log.Info("restarting: %q %q", execPath, os.Args[1:])
+ l.InfoContext(ctx, "restarting", "exec_path", execPath, "args", os.Args[1:])
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
err = cmd.Start()
if err != nil {
- log.Fatalf("restarting:: %s", err)
+ panic(fmt.Errorf("restarting: %w", err))
}
- os.Exit(0)
+ os.Exit(osutil.ExitCodeSuccess)
}
- log.Info("restarting: %q %q", execPath, os.Args[1:])
+ l.InfoContext(ctx, "restarting", "exec_path", execPath, "args", os.Args[1:])
err = syscall.Exec(execPath, os.Args, os.Environ())
if err != nil {
- log.Fatalf("restarting: %s", err)
+ panic(fmt.Errorf("restarting: %w", err))
}
}
diff --git a/internal/home/dns.go b/internal/home/dns.go
index 5b07e795..af174b45 100644
--- a/internal/home/dns.go
+++ b/internal/home/dns.go
@@ -47,14 +47,14 @@ func onConfigModified() {
// initDNS updates all the fields of the [Context] needed to initialize the DNS
// server and initializes it at last. It also must not be called unless
-// [config] and [Context] are initialized. l must not be nil.
+// [config] and [Context] are initialized. baseLogger must not be nil.
func initDNS(baseLogger *slog.Logger, statsDir, querylogDir string) (err error) {
anonymizer := config.anonymizer()
statsConf := stats.Config{
Logger: baseLogger.With(slogutil.KeyPrefix, "stats"),
Filename: filepath.Join(statsDir, "stats.db"),
- Limit: config.Stats.Interval.Duration,
+ Limit: time.Duration(config.Stats.Interval),
ConfigModified: onConfigModified,
HTTPRegister: httpRegister,
Enabled: config.Stats.Enabled,
@@ -80,7 +80,7 @@ func initDNS(baseLogger *slog.Logger, statsDir, querylogDir string) (err error)
FindClient: Context.clients.findMultiple,
BaseDir: querylogDir,
AnonymizeClientIP: config.DNS.AnonymizeClientIP,
- RotationIvl: config.QueryLog.Interval.Duration,
+ RotationIvl: time.Duration(config.QueryLog.Interval),
MemSize: config.QueryLog.MemSize,
Enabled: config.QueryLog.Enabled,
FileEnabled: config.QueryLog.FileEnabled,
@@ -243,7 +243,7 @@ func newServerConfig(
Config: fwdConf,
TLSConfig: newDNSTLSConfig(tlsConf, hosts),
TLSAllowUnencryptedDoH: tlsConf.AllowUnencryptedDoH,
- UpstreamTimeout: dnsConf.UpstreamTimeout.Duration,
+ UpstreamTimeout: time.Duration(dnsConf.UpstreamTimeout),
TLSv12Roots: Context.tlsRoots,
ConfigModified: onConfigModified,
HTTPRegister: httpReg,
diff --git a/internal/home/home.go b/internal/home/home.go
index 8ac6ae22..07f91ac4 100644
--- a/internal/home/home.go
+++ b/internal/home/home.go
@@ -167,13 +167,13 @@ func setupContext(opts options) (err error) {
if err != nil {
log.Error("parsing configuration file: %s", err)
- os.Exit(1)
+ os.Exit(osutil.ExitCodeFailure)
}
if opts.checkConfig {
log.Info("configuration file is ok")
- os.Exit(0)
+ os.Exit(osutil.ExitCodeSuccess)
}
return nil
@@ -522,18 +522,20 @@ func isUpdateEnabled(ctx context.Context, l *slog.Logger, opts *options, customU
}
}
-// initWeb initializes the web module.
+// initWeb initializes the web module. upd and baseLogger must not be nil.
func initWeb(
ctx context.Context,
opts options,
clientBuildFS fs.FS,
upd *updater.Updater,
- l *slog.Logger,
+ baseLogger *slog.Logger,
customURL bool,
) (web *webAPI, err error) {
+ logger := baseLogger.With(slogutil.KeyPrefix, "webapi")
+
var clientFS fs.FS
if opts.localFrontend {
- log.Info("warning: using local frontend files")
+ logger.WarnContext(ctx, "using local frontend files")
clientFS = os.DirFS("build/static")
} else {
@@ -543,10 +545,12 @@ func initWeb(
}
}
- disableUpdate := !isUpdateEnabled(ctx, l, &opts, customURL)
+ disableUpdate := !isUpdateEnabled(ctx, baseLogger, &opts, customURL)
webConf := &webConfig{
- updater: upd,
+ updater: upd,
+ logger: logger,
+ baseLogger: baseLogger,
clientFS: clientFS,
@@ -562,7 +566,7 @@ func initWeb(
serveHTTP3: config.DNS.ServeHTTP3,
}
- web = newWebAPI(webConf, l)
+ web = newWebAPI(ctx, webConf)
if web == nil {
return nil, errors.Error("can not initialize web")
}
@@ -640,7 +644,7 @@ func run(opts options, clientBuildFS fs.FS, done chan struct{}) {
fatalOnError(err)
if config.HTTPConfig.Pprof.Enabled {
- startPprof(config.HTTPConfig.Pprof.Port)
+ startPprof(slogLogger, config.HTTPConfig.Pprof.Port)
}
}
@@ -692,7 +696,7 @@ func run(opts options, clientBuildFS fs.FS, done chan struct{}) {
checkPermissions(ctx, slogLogger, Context.workDir, confPath, dataDir, statsDir, querylogDir)
}
- Context.web.start()
+ Context.web.start(ctx)
// Wait for other goroutines to complete their job.
<-done
@@ -783,7 +787,7 @@ func initUsers() (auth *Auth, err error) {
trustedProxies := netutil.SliceSubnetSet(netutil.UnembedPrefixes(config.DNS.TrustedProxies))
- sessionTTL := config.HTTPConfig.SessionTTL.Seconds()
+ sessionTTL := time.Duration(config.HTTPConfig.SessionTTL).Seconds()
auth = InitAuth(sessFilename, config.Users, uint32(sessionTTL), rateLimiter, trustedProxies)
if auth == nil {
return nil, errors.Error("initializing auth module failed")
@@ -803,15 +807,15 @@ func (c *configuration) anonymizer() (ipmut *aghnet.IPMut) {
return aghnet.NewIPMut(anonFunc)
}
-// startMods initializes and starts the DNS server after installation. l must
-// not be nil.
-func startMods(l *slog.Logger) (err error) {
+// startMods initializes and starts the DNS server after installation.
+// baseLogger must not be nil.
+func startMods(baseLogger *slog.Logger) (err error) {
statsDir, querylogDir, err := checkStatsAndQuerylogDirs(&Context, config)
if err != nil {
return err
}
- err = initDNS(l, statsDir, querylogDir)
+ err = initDNS(baseLogger, statsDir, querylogDir)
if err != nil {
return err
}
@@ -984,7 +988,7 @@ func loadCmdLineOpts() (opts options) {
exitWithError()
}
- os.Exit(0)
+ os.Exit(osutil.ExitCodeSuccess)
}
return opts
diff --git a/internal/home/options.go b/internal/home/options.go
index dd7e53e4..e0750e3e 100644
--- a/internal/home/options.go
+++ b/internal/home/options.go
@@ -10,6 +10,7 @@ import (
"github.com/AdguardTeam/AdGuardHome/internal/configmigrate"
"github.com/AdguardTeam/AdGuardHome/internal/version"
"github.com/AdguardTeam/golibs/log"
+ "github.com/AdguardTeam/golibs/osutil"
"github.com/AdguardTeam/golibs/stringutil"
)
@@ -329,7 +330,7 @@ var cmdLineOpts = []cmdLineOpt{{
fmt.Println(version.Full())
}
- os.Exit(0)
+ os.Exit(osutil.ExitCodeSuccess)
return nil
}, nil
diff --git a/internal/home/web.go b/internal/home/web.go
index 1909720b..0ea0272b 100644
--- a/internal/home/web.go
+++ b/internal/home/web.go
@@ -3,6 +3,7 @@ package home
import (
"context"
"crypto/tls"
+ "fmt"
"io/fs"
"log/slog"
"net/http"
@@ -15,9 +16,11 @@ import (
"github.com/AdguardTeam/AdGuardHome/internal/updater"
"github.com/AdguardTeam/golibs/errors"
"github.com/AdguardTeam/golibs/log"
+ "github.com/AdguardTeam/golibs/logutil/slogutil"
"github.com/AdguardTeam/golibs/netutil"
"github.com/AdguardTeam/golibs/netutil/httputil"
"github.com/AdguardTeam/golibs/netutil/urlutil"
+ "github.com/AdguardTeam/golibs/osutil"
"github.com/NYTimes/gziphandler"
"github.com/quic-go/quic-go/http3"
"golang.org/x/net/http2"
@@ -39,6 +42,13 @@ const (
type webConfig struct {
updater *updater.Updater
+ // logger is a slog logger used in webAPI. It must not be nil.
+ logger *slog.Logger
+
+ // baseLogger is used to create loggers for other entities. It must not be
+ // nil.
+ baseLogger *slog.Logger
+
clientFS fs.FS
// BindAddr is the binding address with port for plain HTTP web interface.
@@ -94,21 +104,26 @@ type webAPI struct {
// logger is a slog logger used in webAPI. It must not be nil.
logger *slog.Logger
+ // baseLogger is used to create loggers for other entities. It must not be
+ // nil.
+ baseLogger *slog.Logger
+
// httpsServer is the server that handles HTTPS traffic. If it is not nil,
// [Web.http3Server] must also not be nil.
httpsServer httpsServer
}
-// newWebAPI creates a new instance of the web UI and API server. l must not be
-// nil.
+// newWebAPI creates a new instance of the web UI and API server. conf must be
+// valid.
//
// TODO(a.garipov): Return a proper error.
-func newWebAPI(conf *webConfig, l *slog.Logger) (w *webAPI) {
- log.Info("web: initializing")
+func newWebAPI(ctx context.Context, conf *webConfig) (w *webAPI) {
+ conf.logger.InfoContext(ctx, "initializing")
w = &webAPI{
- conf: conf,
- logger: l,
+ conf: conf,
+ logger: conf.logger,
+ baseLogger: conf.baseLogger,
}
clientFS := http.FileServer(http.FS(conf.clientFS))
@@ -118,7 +133,11 @@ func newWebAPI(conf *webConfig, l *slog.Logger) (w *webAPI) {
// add handlers for /install paths, we only need them when we're not configured yet
if conf.firstRun {
- log.Info("This is the first launch of AdGuard Home, redirecting everything to /install.html ")
+ conf.logger.InfoContext(
+ ctx,
+ "This is the first launch of AdGuard Home, redirecting everything to /install.html",
+ )
+
Context.mux.Handle("/install.html", preInstallHandler(clientFS))
w.registerInstallHandlers()
} else {
@@ -154,7 +173,9 @@ func webCheckPortAvailable(port uint16) (ok bool) {
// tlsConfigChanged updates the TLS configuration and restarts the HTTPS server
// if necessary.
func (web *webAPI) tlsConfigChanged(ctx context.Context, tlsConf tlsConfigSettings) {
- log.Debug("web: applying new tls configuration")
+ defer slogutil.RecoverAndExit(ctx, web.logger, osutil.ExitCodeFailure)
+
+ web.logger.DebugContext(ctx, "applying new tls configuration")
enabled := tlsConf.Enabled &&
tlsConf.PortHTTPS != 0 &&
@@ -165,7 +186,7 @@ func (web *webAPI) tlsConfigChanged(ctx context.Context, tlsConf tlsConfigSettin
if enabled {
cert, err = tls.X509KeyPair(tlsConf.CertificateChainData, tlsConf.PrivateKeyData)
if err != nil {
- log.Fatal(err)
+ panic(err)
}
}
@@ -173,8 +194,8 @@ func (web *webAPI) tlsConfigChanged(ctx context.Context, tlsConf tlsConfigSettin
if web.httpsServer.server != nil {
var cancel context.CancelFunc
ctx, cancel = context.WithTimeout(ctx, shutdownTimeout)
- shutdownSrv(ctx, web.httpsServer.server)
- shutdownSrv3(web.httpsServer.server3)
+ shutdownSrv(ctx, web.logger, web.httpsServer.server)
+ shutdownSrv3(ctx, web.logger, web.httpsServer.server3)
cancel()
}
@@ -185,12 +206,17 @@ func (web *webAPI) tlsConfigChanged(ctx context.Context, tlsConf tlsConfigSettin
web.httpsServer.cond.L.Unlock()
}
+// loggerKeyServer is the key used by [webAPI] to identify servers.
+const loggerKeyServer = "server"
+
// start - start serving HTTP requests
-func (web *webAPI) start() {
- log.Println("AdGuard Home is available at the following addresses:")
+func (web *webAPI) start(ctx context.Context) {
+ defer slogutil.RecoverAndExit(ctx, web.logger, osutil.ExitCodeFailure)
+
+ web.logger.InfoContext(ctx, "AdGuard Home is available at the following addresses:")
// for https, we have a separate goroutine loop
- go web.tlsServerLoop()
+ go web.tlsServerLoop(ctx)
// this loop is used as an ability to change listening host and/or port
for !web.httpsServer.inShutdown {
@@ -200,17 +226,19 @@ func (web *webAPI) start() {
// Use an h2c handler to support unencrypted HTTP/2, e.g. for proxies.
hdlr := h2c.NewHandler(withMiddlewares(Context.mux, limitRequestBody), &http2.Server{})
+ logger := web.baseLogger.With(loggerKeyServer, "plain")
+
// Create a new instance, because the Web is not usable after Shutdown.
web.httpServer = &http.Server{
- ErrorLog: log.StdLog("web: plain", log.DEBUG),
Addr: web.conf.BindAddr.String(),
Handler: hdlr,
ReadTimeout: web.conf.ReadTimeout,
ReadHeaderTimeout: web.conf.ReadHeaderTimeout,
WriteTimeout: web.conf.WriteTimeout,
+ ErrorLog: slog.NewLogLogger(logger.Handler(), slog.LevelError),
}
go func() {
- defer log.OnPanic("web: plain")
+ defer slogutil.RecoverAndLog(ctx, web.logger)
errs <- web.httpServer.ListenAndServe()
}()
@@ -218,7 +246,7 @@ func (web *webAPI) start() {
err := <-errs
if !errors.Is(err, http.ErrServerClosed) {
cleanupAlways()
- log.Fatal(err)
+ panic(err)
}
// We use ErrServerClosed as a sign that we need to rebind on a new
@@ -228,7 +256,7 @@ func (web *webAPI) start() {
// close gracefully shuts down the HTTP servers.
func (web *webAPI) close(ctx context.Context) {
- log.Info("stopping http server...")
+ web.logger.InfoContext(ctx, "stopping http server")
web.httpsServer.cond.L.Lock()
web.httpsServer.inShutdown = true
@@ -238,14 +266,16 @@ func (web *webAPI) close(ctx context.Context) {
ctx, cancel = context.WithTimeout(ctx, shutdownTimeout)
defer cancel()
- shutdownSrv(ctx, web.httpsServer.server)
- shutdownSrv3(web.httpsServer.server3)
- shutdownSrv(ctx, web.httpServer)
+ shutdownSrv(ctx, web.logger, web.httpsServer.server)
+ shutdownSrv3(ctx, web.logger, web.httpsServer.server3)
+ shutdownSrv(ctx, web.logger, web.httpServer)
- log.Info("stopped http server")
+ web.logger.InfoContext(ctx, "stopped http server")
}
-func (web *webAPI) tlsServerLoop() {
+func (web *webAPI) tlsServerLoop(ctx context.Context) {
+ defer slogutil.RecoverAndExit(ctx, web.logger, osutil.ExitCodeFailure)
+
for {
web.httpsServer.cond.L.Lock()
if web.httpsServer.inShutdown {
@@ -273,38 +303,40 @@ func (web *webAPI) tlsServerLoop() {
}()
addr := netip.AddrPortFrom(web.conf.BindAddr.Addr(), portHTTPS).String()
+ logger := web.baseLogger.With(loggerKeyServer, "https")
+
web.httpsServer.server = &http.Server{
- ErrorLog: log.StdLog("web: https", log.DEBUG),
- Addr: addr,
+ Addr: addr,
+ Handler: withMiddlewares(Context.mux, limitRequestBody),
TLSConfig: &tls.Config{
Certificates: []tls.Certificate{web.httpsServer.cert},
RootCAs: Context.tlsRoots,
CipherSuites: Context.tlsCipherIDs,
MinVersion: tls.VersionTLS12,
},
- Handler: withMiddlewares(Context.mux, limitRequestBody),
ReadTimeout: web.conf.ReadTimeout,
ReadHeaderTimeout: web.conf.ReadHeaderTimeout,
WriteTimeout: web.conf.WriteTimeout,
+ ErrorLog: slog.NewLogLogger(logger.Handler(), slog.LevelError),
}
printHTTPAddresses(urlutil.SchemeHTTPS)
if web.conf.serveHTTP3 {
- go web.mustStartHTTP3(addr)
+ go web.mustStartHTTP3(ctx, addr)
}
- log.Debug("web: starting https server")
+ web.logger.DebugContext(ctx, "starting https server")
err := web.httpsServer.server.ListenAndServeTLS("", "")
if !errors.Is(err, http.ErrServerClosed) {
cleanupAlways()
- log.Fatalf("web: https: %s", err)
+ panic(fmt.Errorf("https: %w", err))
}
}
}
-func (web *webAPI) mustStartHTTP3(address string) {
- defer log.OnPanic("web: http3")
+func (web *webAPI) mustStartHTTP3(ctx context.Context, address string) {
+ defer slogutil.RecoverAndExit(ctx, web.logger, osutil.ExitCodeFailure)
web.httpsServer.server3 = &http3.Server{
// TODO(a.garipov): See if there is a way to use the error log as
@@ -319,16 +351,16 @@ func (web *webAPI) mustStartHTTP3(address string) {
Handler: withMiddlewares(Context.mux, limitRequestBody),
}
- log.Debug("web: starting http/3 server")
+ web.logger.DebugContext(ctx, "starting http/3 server")
err := web.httpsServer.server3.ListenAndServe()
if !errors.Is(err, http.ErrServerClosed) {
cleanupAlways()
- log.Fatalf("web: http3: %s", err)
+ panic(fmt.Errorf("http3: %w", err))
}
}
// startPprof launches the debug and profiling server on the provided port.
-func startPprof(port uint16) {
+func startPprof(baseLogger *slog.Logger, port uint16) {
addr := netip.AddrPortFrom(netutil.IPv4Localhost(), port)
runtime.SetBlockProfileRate(1)
@@ -337,13 +369,16 @@ func startPprof(port uint16) {
mux := http.NewServeMux()
httputil.RoutePprof(mux)
- go func() {
- defer log.OnPanic("pprof server")
+ ctx := context.Background()
+ logger := baseLogger.With(slogutil.KeyPrefix, "pprof")
- log.Info("pprof: listening on %q", addr)
+ go func() {
+ defer slogutil.RecoverAndLog(ctx, logger)
+
+ logger.InfoContext(ctx, "listening", "addr", addr)
err := http.ListenAndServe(addr.String(), mux)
if !errors.Is(err, http.ErrServerClosed) {
- log.Error("pprof: shutting down: %s", err)
+ logger.ErrorContext(ctx, "shutting down", slogutil.KeyError, err)
}
}()
}
diff --git a/internal/next/agh/agh.go b/internal/next/agh/agh.go
index 2248bc81..baf825af 100644
--- a/internal/next/agh/agh.go
+++ b/internal/next/agh/agh.go
@@ -13,6 +13,7 @@ import (
type ServiceWithConfig[ConfigType any] interface {
service.Interface
+ // Config returns a deep clone of the configuration of the service.
Config() (c ConfigType)
}
diff --git a/internal/next/changelog.md b/internal/next/changelog.md
index 224184bc..e9c3c10d 100644
--- a/internal/next/changelog.md
+++ b/internal/next/changelog.md
@@ -1,15 +1,17 @@
# AdGuard Home v0.108.0 Changelog DRAFT
-This changelog should be merged into the main one once the next API matures
-enough.
+This changelog should be merged into the main one once the next API matures enough.
## [v0.108.0] - TODO
### Added
- The ability to change the port of the pprof debug API.
+
- The ability to log to stderr using `--logFile=stderr`.
+
- The new `--web-addr` flag to set the Web UI address in a `host:port` form.
+
- `SIGHUP` now reloads all configuration from the configuration file ([#5676]).
### Changed
@@ -20,20 +22,21 @@ enough.
#### Other changes
-- `-h` is now an alias for `--help` instead of the removed `--host`, see below.
- Use `--web-addr=host:port` to set an address on which to serve the Web UI.
+- `-h` is now an alias for `--help` instead of the removed `--host`, see below. Use `--web-addr=host:port` to set an address on which to serve the Web UI.
### Fixed
- `--check-config` breaking the configuration file ([#4067]).
+
- Inconsistent application of `--work-dir/-w` ([#2598], [#2902]).
+
- The order of `-v/--verbose` and `--version` being significant ([#2893]).
### Removed
- The deprecated `--no-mem-optimization` and `--no-etc-hosts` flags.
-- `--host` and `-p/--port` flags. Use `--web-addr=host:port` to set an address
- on which to serve the Web UI. `-h` is now an alias for `--help`, see above.
+
+- `--host` and `-p/--port` flags. Use `--web-addr=host:port` to set an address on which to serve the Web UI. `-h` is now an alias for `--help`, see above.
[#2598]: https://github.com/AdguardTeam/AdGuardHome/issues/2598
[#2893]: https://github.com/AdguardTeam/AdGuardHome/issues/2893
diff --git a/internal/next/configmgr/config.go b/internal/next/configmgr/config.go
index 7b47b147..0a828f13 100644
--- a/internal/next/configmgr/config.go
+++ b/internal/next/configmgr/config.go
@@ -1,12 +1,12 @@
package configmgr
import (
- "fmt"
"net/netip"
"github.com/AdguardTeam/golibs/container"
"github.com/AdguardTeam/golibs/errors"
"github.com/AdguardTeam/golibs/timeutil"
+ "github.com/AdguardTeam/golibs/validate"
)
// config is the top-level on-disk configuration structure.
@@ -19,10 +19,10 @@ type config struct {
}
// type check
-var _ validator = (*config)(nil)
+var _ validate.Interface = (*config)(nil)
-// validate implements the [validator] interface for *config.
-func (c *config) validate() (err error) {
+// Validate implements the [validate.Interface] interface for *config.
+func (c *config) Validate() (err error) {
if c == nil {
return errors.ErrNoValue
}
@@ -30,7 +30,7 @@ func (c *config) validate() (err error) {
// TODO(a.garipov): Add more validations.
// Keep this in the same order as the fields in the config.
- validators := container.KeyValues[string, validator]{{
+ validators := container.KeyValues[string, validate.Interface]{{
Key: "dns",
Value: c.DNS,
}, {
@@ -41,14 +41,12 @@ func (c *config) validate() (err error) {
Value: c.Log,
}}
+ var errs []error
for _, kv := range validators {
- err = kv.Value.validate()
- if err != nil {
- return fmt.Errorf("%s: %w", kv.Key, err)
- }
+ errs = validate.Append(errs, kv.Key, kv.Value)
}
- return nil
+ return errors.Join(errs...)
}
// dnsConfig is the on-disk DNS configuration.
@@ -63,21 +61,19 @@ type dnsConfig struct {
}
// type check
-var _ validator = (*dnsConfig)(nil)
+var _ validate.Interface = (*dnsConfig)(nil)
-// validate implements the [validator] interface for *dnsConfig.
+// Validate implements the [validate.Interface] interface for *dnsConfig.
//
// TODO(a.garipov): Add more validations.
-func (c *dnsConfig) validate() (err error) {
- // TODO(a.garipov): Add more validations.
- switch {
- case c == nil:
+func (c *dnsConfig) Validate() (err error) {
+ if c == nil {
return errors.ErrNoValue
- case c.UpstreamTimeout.Duration <= 0:
- return newErrNotPositive("upstream_timeout", c.UpstreamTimeout)
- default:
- return nil
}
+
+ // TODO(a.garipov): Add more validations.
+
+ return validate.Positive("upstream_timeout", c.UpstreamTimeout)
}
// httpConfig is the on-disk web API configuration.
@@ -92,20 +88,23 @@ type httpConfig struct {
}
// type check
-var _ validator = (*httpConfig)(nil)
+var _ validate.Interface = (*httpConfig)(nil)
-// validate implements the [validator] interface for *httpConfig.
+// Validate implements the [validate.Interface] interface for *httpConfig.
//
// TODO(a.garipov): Add more validations.
-func (c *httpConfig) validate() (err error) {
- switch {
- case c == nil:
+func (c *httpConfig) Validate() (err error) {
+ if c == nil {
return errors.ErrNoValue
- case c.Timeout.Duration <= 0:
- return newErrNotPositive("timeout", c.Timeout)
- default:
- return c.Pprof.validate()
}
+
+ errs := []error{
+ validate.Positive("timeout", c.Timeout),
+ }
+
+ errs = validate.Append(errs, "pprof", c.Pprof)
+
+ return errors.Join(errs...)
}
// httpPprofConfig is the on-disk pprof configuration.
@@ -115,10 +114,10 @@ type httpPprofConfig struct {
}
// type check
-var _ validator = (*httpPprofConfig)(nil)
+var _ validate.Interface = (*httpPprofConfig)(nil)
-// validate implements the [validator] interface for *httpPprofConfig.
-func (c *httpPprofConfig) validate() (err error) {
+// Validate implements the [validate.Interface] interface for *httpPprofConfig.
+func (c *httpPprofConfig) Validate() (err error) {
if c == nil {
return errors.ErrNoValue
}
@@ -128,17 +127,17 @@ func (c *httpPprofConfig) validate() (err error) {
// logConfig is the on-disk web API configuration.
type logConfig struct {
- // TODO(a.garipov): Use.
+ // TODO(a.garipov): Use.
Verbose bool `yaml:"verbose"`
}
// type check
-var _ validator = (*logConfig)(nil)
+var _ validate.Interface = (*logConfig)(nil)
-// validate implements the [validator] interface for *logConfig.
+// Validate implements the [validate.Interface] interface for *logConfig.
//
// TODO(a.garipov): Add more validations.
-func (c *logConfig) validate() (err error) {
+func (c *logConfig) Validate() (err error) {
if c == nil {
return errors.ErrNoValue
}
diff --git a/internal/next/configmgr/configmgr.go b/internal/next/configmgr/configmgr.go
index 100680c8..0e271355 100644
--- a/internal/next/configmgr/configmgr.go
+++ b/internal/next/configmgr/configmgr.go
@@ -63,7 +63,7 @@ func Validate(fileName string) (err error) {
return err
}
- err = conf.validate()
+ err = conf.Validate()
if err != nil {
return fmt.Errorf("validating config: %w", err)
}
@@ -105,7 +105,7 @@ func New(ctx context.Context, c *Config) (m *Manager, err error) {
return nil, err
}
- err = conf.validate()
+ err = conf.Validate()
if err != nil {
return nil, fmt.Errorf("validating config: %w", err)
}
@@ -162,7 +162,7 @@ func (m *Manager) assemble(
BootstrapServers: conf.DNS.BootstrapDNS,
UpstreamServers: conf.DNS.UpstreamDNS,
DNS64Prefixes: conf.DNS.DNS64Prefixes,
- UpstreamTimeout: conf.DNS.UpstreamTimeout.Duration,
+ UpstreamTimeout: time.Duration(conf.DNS.UpstreamTimeout),
BootstrapPreferIPv6: conf.DNS.BootstrapPreferIPv6,
UseDNS64: conf.DNS.UseDNS64,
}
@@ -185,7 +185,7 @@ func (m *Manager) assemble(
Addresses: conf.HTTP.Addresses,
SecureAddresses: conf.HTTP.SecureAddresses,
OverrideAddress: webAddr,
- Timeout: conf.HTTP.Timeout.Duration,
+ Timeout: time.Duration(conf.HTTP.Timeout),
ForceHTTPS: conf.HTTP.ForceHTTPS,
}
@@ -266,7 +266,7 @@ func (m *Manager) updateCurrentDNS(c *dnssvc.Config) {
m.current.DNS.BootstrapDNS = slices.Clone(c.BootstrapServers)
m.current.DNS.UpstreamDNS = slices.Clone(c.UpstreamServers)
m.current.DNS.DNS64Prefixes = slices.Clone(c.DNS64Prefixes)
- m.current.DNS.UpstreamTimeout = timeutil.Duration{Duration: c.UpstreamTimeout}
+ m.current.DNS.UpstreamTimeout = timeutil.Duration(c.UpstreamTimeout)
m.current.DNS.BootstrapPreferIPv6 = c.BootstrapPreferIPv6
m.current.DNS.UseDNS64 = c.UseDNS64
}
@@ -318,6 +318,6 @@ func (m *Manager) updateCurrentWeb(c *websvc.Config) {
m.current.HTTP.Addresses = slices.Clone(c.Addresses)
m.current.HTTP.SecureAddresses = slices.Clone(c.SecureAddresses)
- m.current.HTTP.Timeout = timeutil.Duration{Duration: c.Timeout}
+ m.current.HTTP.Timeout = timeutil.Duration(c.Timeout)
m.current.HTTP.ForceHTTPS = c.ForceHTTPS
}
diff --git a/internal/next/configmgr/error.go b/internal/next/configmgr/error.go
deleted file mode 100644
index 4b737197..00000000
--- a/internal/next/configmgr/error.go
+++ /dev/null
@@ -1,31 +0,0 @@
-package configmgr
-
-import (
- "fmt"
-
- "github.com/AdguardTeam/golibs/errors"
- "github.com/AdguardTeam/golibs/timeutil"
- "golang.org/x/exp/constraints"
-)
-
-// validator is the interface for configuration entities that can validate
-// themselves.
-type validator interface {
- // validate returns an error if the entity isn't valid.
- validate() (err error)
-}
-
-// numberOrDuration is the constraint for integer types along with
-// timeutil.Duration.
-type numberOrDuration interface {
- constraints.Integer | timeutil.Duration
-}
-
-// newErrNotPositive returns an error about the value that must be positive but
-// isn't. prop is the name of the property to mention in the error message.
-//
-// TODO(a.garipov): Consider moving such helpers to golibs and use in AdGuardDNS
-// as well.
-func newErrNotPositive[T numberOrDuration](prop string, v T) (err error) {
- return fmt.Errorf("%s: %w, got %v", prop, errors.ErrNotPositive, v)
-}
diff --git a/internal/next/jsonpatch/jsonpatch.go b/internal/next/jsonpatch/jsonpatch.go
new file mode 100644
index 00000000..b5e10044
--- /dev/null
+++ b/internal/next/jsonpatch/jsonpatch.go
@@ -0,0 +1,43 @@
+// Package jsonpatch contains utilities for JSON Merge Patch APIs.
+//
+// See https://www.rfc-editor.org/rfc/rfc7396.
+package jsonpatch
+
+import (
+ "bytes"
+ "encoding/json"
+
+ "github.com/AdguardTeam/golibs/errors"
+)
+
+// NonRemovable is a type that prevents JSON null from being used to try and
+// remove a value.
+type NonRemovable[T any] struct {
+ Value T
+ IsSet bool
+}
+
+// type check
+var _ json.Unmarshaler = (*NonRemovable[struct{}])(nil)
+
+// UnmarshalJSON implements the [json.Unmarshaler] interface for *NonRemovable.
+func (v *NonRemovable[T]) UnmarshalJSON(b []byte) (err error) {
+ if v == nil {
+ return errors.Error("jsonpatch.NonRemovable is nil")
+ }
+
+ if bytes.Equal(b, []byte("null")) {
+ return errors.Error("property cannot be removed")
+ }
+
+ v.IsSet = true
+
+ return json.Unmarshal(b, &v.Value)
+}
+
+// Set sets ptr if the value has been provided.
+func (v NonRemovable[T]) Set(ptr *T) {
+ if v.IsSet {
+ *ptr = v.Value
+ }
+}
diff --git a/internal/next/jsonpatch/jsonpatch_test.go b/internal/next/jsonpatch/jsonpatch_test.go
new file mode 100644
index 00000000..3f9537de
--- /dev/null
+++ b/internal/next/jsonpatch/jsonpatch_test.go
@@ -0,0 +1,29 @@
+package jsonpatch_test
+
+import (
+ "encoding/json"
+ "testing"
+
+ "github.com/AdguardTeam/AdGuardHome/internal/next/jsonpatch"
+ "github.com/AdguardTeam/golibs/testutil"
+ "github.com/stretchr/testify/assert"
+)
+
+func TestNonRemovable(t *testing.T) {
+ type T struct {
+ Value jsonpatch.NonRemovable[int] `json:"value"`
+ }
+
+ var v T
+
+ err := json.Unmarshal([]byte(`{"value":null}`), &v)
+ testutil.AssertErrorMsg(t, "property cannot be removed", err)
+
+ err = json.Unmarshal([]byte(`{"value":42}`), &v)
+ assert.NoError(t, err)
+
+ var got int
+ v.Value.Set(&got)
+
+ assert.Equal(t, 42, got)
+}
diff --git a/internal/next/websvc/dns.go b/internal/next/websvc/dns.go
index 9c2a222f..cf185e2c 100644
--- a/internal/next/websvc/dns.go
+++ b/internal/next/websvc/dns.go
@@ -5,10 +5,9 @@ import (
"fmt"
"net/http"
"net/netip"
- "time"
"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
- "github.com/AdguardTeam/AdGuardHome/internal/next/dnssvc"
+ "github.com/AdguardTeam/AdGuardHome/internal/next/jsonpatch"
)
// ReqPatchSettingsDNS describes the request to the PATCH /api/v1/settings/dns
@@ -16,13 +15,15 @@ import (
type ReqPatchSettingsDNS struct {
// TODO(a.garipov): Add more as we go.
- Addresses []netip.AddrPort `json:"addresses"`
- BootstrapServers []string `json:"bootstrap_servers"`
- UpstreamServers []string `json:"upstream_servers"`
- DNS64Prefixes []netip.Prefix `json:"dns64_prefixes"`
- UpstreamTimeout aghhttp.JSONDuration `json:"upstream_timeout"`
- BootstrapPreferIPv6 bool `json:"bootstrap_prefer_ipv6"`
- UseDNS64 bool `json:"use_dns64"`
+ Addresses jsonpatch.NonRemovable[[]netip.AddrPort] `json:"addresses"`
+ BootstrapServers jsonpatch.NonRemovable[[]string] `json:"bootstrap_servers"`
+ UpstreamServers jsonpatch.NonRemovable[[]string] `json:"upstream_servers"`
+ DNS64Prefixes jsonpatch.NonRemovable[[]netip.Prefix] `json:"dns64_prefixes"`
+
+ UpstreamTimeout jsonpatch.NonRemovable[aghhttp.JSONDuration] `json:"upstream_timeout"`
+
+ BootstrapPreferIPv6 jsonpatch.NonRemovable[bool] `json:"bootstrap_prefer_ipv6"`
+ UseDNS64 jsonpatch.NonRemovable[bool] `json:"use_dns64"`
}
// HTTPAPIDNSSettings are the DNS settings as used by the HTTP API. See the
@@ -42,13 +43,7 @@ type HTTPAPIDNSSettings struct {
// handlePatchSettingsDNS is the handler for the PATCH /api/v1/settings/dns HTTP
// API.
func (svc *Service) handlePatchSettingsDNS(w http.ResponseWriter, r *http.Request) {
- req := &ReqPatchSettingsDNS{
- Addresses: []netip.AddrPort{},
- BootstrapServers: []string{},
- UpstreamServers: []string{},
- }
-
- // TODO(a.garipov): Validate nulls and proper JSON patch.
+ req := &ReqPatchSettingsDNS{}
err := json.NewDecoder(r.Body).Decode(&req)
if err != nil {
@@ -57,16 +52,20 @@ func (svc *Service) handlePatchSettingsDNS(w http.ResponseWriter, r *http.Reques
return
}
- newConf := &dnssvc.Config{
- Logger: svc.logger,
- Addresses: req.Addresses,
- BootstrapServers: req.BootstrapServers,
- UpstreamServers: req.UpstreamServers,
- DNS64Prefixes: req.DNS64Prefixes,
- UpstreamTimeout: time.Duration(req.UpstreamTimeout),
- BootstrapPreferIPv6: req.BootstrapPreferIPv6,
- UseDNS64: req.UseDNS64,
- }
+ dnsSvc := svc.confMgr.DNS()
+ newConf := dnsSvc.Config()
+
+ // TODO(a.garipov): Add more as we go.
+
+ req.Addresses.Set(&newConf.Addresses)
+ req.BootstrapServers.Set(&newConf.BootstrapServers)
+ req.UpstreamServers.Set(&newConf.UpstreamServers)
+ req.DNS64Prefixes.Set(&newConf.DNS64Prefixes)
+
+ req.UpstreamTimeout.Set((*aghhttp.JSONDuration)(&newConf.UpstreamTimeout))
+
+ req.BootstrapPreferIPv6.Set(&newConf.BootstrapPreferIPv6)
+ req.UseDNS64.Set(&newConf.UseDNS64)
ctx := r.Context()
err = svc.confMgr.UpdateDNS(ctx, newConf)
diff --git a/internal/next/websvc/dns_test.go b/internal/next/websvc/dns_test.go
index bb546778..1965b3e6 100644
--- a/internal/next/websvc/dns_test.go
+++ b/internal/next/websvc/dns_test.go
@@ -41,7 +41,7 @@ func TestService_HandlePatchSettingsDNS(t *testing.T) {
return nil
},
OnShutdown: func(_ context.Context) (err error) { panic("not implemented") },
- OnConfig: func() (c *dnssvc.Config) { panic("not implemented") },
+ OnConfig: func() (c *dnssvc.Config) { return &dnssvc.Config{} },
}
}
confMgr.onUpdateDNS = func(ctx context.Context, c *dnssvc.Config) (err error) {
diff --git a/internal/next/websvc/http.go b/internal/next/websvc/http.go
index 3fe8bce7..3c123831 100644
--- a/internal/next/websvc/http.go
+++ b/internal/next/websvc/http.go
@@ -10,6 +10,7 @@ import (
"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
+ "github.com/AdguardTeam/AdGuardHome/internal/next/jsonpatch"
"github.com/AdguardTeam/golibs/logutil/slogutil"
)
@@ -20,9 +21,12 @@ type ReqPatchSettingsHTTP struct {
//
// TODO(a.garipov): Add wait time.
- Addresses []netip.AddrPort `json:"addresses"`
- SecureAddresses []netip.AddrPort `json:"secure_addresses"`
- Timeout aghhttp.JSONDuration `json:"timeout"`
+ Addresses jsonpatch.NonRemovable[[]netip.AddrPort] `json:"addresses"`
+ SecureAddresses jsonpatch.NonRemovable[[]netip.AddrPort] `json:"secure_addresses"`
+
+ Timeout jsonpatch.NonRemovable[aghhttp.JSONDuration] `json:"timeout"`
+
+ ForceHTTPS jsonpatch.NonRemovable[bool] `json:"force_https"`
}
// HTTPAPIHTTPSettings are the HTTP settings as used by the HTTP API. See the
@@ -41,8 +45,6 @@ type HTTPAPIHTTPSettings struct {
func (svc *Service) handlePatchSettingsHTTP(w http.ResponseWriter, r *http.Request) {
req := &ReqPatchSettingsHTTP{}
- // TODO(a.garipov): Validate nulls and proper JSON patch.
-
err := json.NewDecoder(r.Body).Decode(&req)
if err != nil {
aghhttp.WriteJSONResponseError(w, r, fmt.Errorf("decoding: %w", err))
@@ -50,20 +52,14 @@ func (svc *Service) handlePatchSettingsHTTP(w http.ResponseWriter, r *http.Reque
return
}
- newConf := &Config{
- Logger: svc.logger,
- Pprof: &PprofConfig{
- Port: svc.pprofPort,
- Enabled: svc.pprof != nil,
- },
- ConfigManager: svc.confMgr,
- Frontend: svc.frontend,
- TLS: svc.tls,
- Addresses: req.Addresses,
- SecureAddresses: req.SecureAddresses,
- Timeout: time.Duration(req.Timeout),
- ForceHTTPS: svc.forceHTTPS,
- }
+ newConf := svc.Config()
+
+ // TODO(a.garipov): Add more as we go.
+
+ req.Addresses.Set(&newConf.Addresses)
+ req.SecureAddresses.Set(&newConf.SecureAddresses)
+ req.Timeout.Set((*aghhttp.JSONDuration)(&newConf.Timeout))
+ req.ForceHTTPS.Set(&newConf.ForceHTTPS)
aghhttp.WriteJSONResponseOK(w, r, &HTTPAPIHTTPSettings{
Addresses: newConf.Addresses,
diff --git a/internal/schedule/schedule.go b/internal/schedule/schedule.go
index 8335a79e..2b3b597c 100644
--- a/internal/schedule/schedule.go
+++ b/internal/schedule/schedule.go
@@ -163,8 +163,8 @@ func (w *Weekly) UnmarshalYAML(value *yaml.Node) (err error) {
}
for i, d := range days {
r := dayRange{
- start: d.Start.Duration,
- end: d.End.Duration,
+ start: time.Duration(d.Start),
+ end: time.Duration(d.End),
}
err = w.validate(r)
@@ -255,32 +255,32 @@ func (w *Weekly) MarshalYAML() (v any, err error) {
return weeklyConfigYAML{
TimeZone: w.location.String(),
Sunday: dayConfigYAML{
- Start: timeutil.Duration{Duration: w.days[time.Sunday].start},
- End: timeutil.Duration{Duration: w.days[time.Sunday].end},
+ Start: timeutil.Duration(w.days[time.Sunday].start),
+ End: timeutil.Duration(w.days[time.Sunday].end),
},
Monday: dayConfigYAML{
- Start: timeutil.Duration{Duration: w.days[time.Monday].start},
- End: timeutil.Duration{Duration: w.days[time.Monday].end},
+ Start: timeutil.Duration(w.days[time.Monday].start),
+ End: timeutil.Duration(w.days[time.Monday].end),
},
Tuesday: dayConfigYAML{
- Start: timeutil.Duration{Duration: w.days[time.Tuesday].start},
- End: timeutil.Duration{Duration: w.days[time.Tuesday].end},
+ Start: timeutil.Duration(w.days[time.Tuesday].start),
+ End: timeutil.Duration(w.days[time.Tuesday].end),
},
Wednesday: dayConfigYAML{
- Start: timeutil.Duration{Duration: w.days[time.Wednesday].start},
- End: timeutil.Duration{Duration: w.days[time.Wednesday].end},
+ Start: timeutil.Duration(w.days[time.Wednesday].start),
+ End: timeutil.Duration(w.days[time.Wednesday].end),
},
Thursday: dayConfigYAML{
- Start: timeutil.Duration{Duration: w.days[time.Thursday].start},
- End: timeutil.Duration{Duration: w.days[time.Thursday].end},
+ Start: timeutil.Duration(w.days[time.Thursday].start),
+ End: timeutil.Duration(w.days[time.Thursday].end),
},
Friday: dayConfigYAML{
- Start: timeutil.Duration{Duration: w.days[time.Friday].start},
- End: timeutil.Duration{Duration: w.days[time.Friday].end},
+ Start: timeutil.Duration(w.days[time.Friday].start),
+ End: timeutil.Duration(w.days[time.Friday].end),
},
Saturday: dayConfigYAML{
- Start: timeutil.Duration{Duration: w.days[time.Saturday].start},
- End: timeutil.Duration{Duration: w.days[time.Saturday].end},
+ Start: timeutil.Duration(w.days[time.Saturday].start),
+ End: timeutil.Duration(w.days[time.Saturday].end),
},
}, nil
}
diff --git a/internal/stats/http.go b/internal/stats/http.go
index 7415e0db..c2ea01d0 100644
--- a/internal/stats/http.go
+++ b/internal/stats/http.go
@@ -63,11 +63,7 @@ func (s *StatsCtx) handleStats(w http.ResponseWriter, r *http.Request) {
resp, ok = s.getData(uint32(s.limit.Hours()))
}()
- s.logger.DebugContext(
- ctx,
- "prepared data",
- "elapsed", timeutil.Duration{Duration: time.Since(start)},
- )
+ s.logger.DebugContext(ctx, "prepared data", "elapsed", time.Since(start))
if !ok {
// Don't bring the message to the lower case since it's a part of UI
diff --git a/internal/tools/go.mod b/internal/tools/go.mod
index d98b2e5e..218ac65c 100644
--- a/internal/tools/go.mod
+++ b/internal/tools/go.mod
@@ -1,6 +1,6 @@
module github.com/AdguardTeam/AdGuardHome/internal/tools
-go 1.23.4
+go 1.23.5
require (
github.com/fzipp/gocyclo v0.6.0
@@ -9,8 +9,8 @@ require (
github.com/jstemmer/go-junit-report/v2 v2.1.0
github.com/kisielk/errcheck v1.8.0
github.com/securego/gosec/v2 v2.21.4
- github.com/uudashr/gocognit v1.1.3
- golang.org/x/tools v0.27.0
+ github.com/uudashr/gocognit v1.2.0
+ golang.org/x/tools v0.28.0
golang.org/x/vuln v1.1.3
honnef.co/go/tools v0.5.1
mvdan.cc/gofumpt v0.7.0
@@ -21,7 +21,7 @@ require (
require (
cloud.google.com/go v0.116.0 // indirect
cloud.google.com/go/ai v0.9.0 // indirect
- cloud.google.com/go/auth v0.11.0 // indirect
+ cloud.google.com/go/auth v0.12.1 // indirect
cloud.google.com/go/auth/oauth2adapt v0.2.6 // indirect
cloud.google.com/go/compute/metadata v0.5.2 // indirect
cloud.google.com/go/longrunning v0.6.3 // indirect
@@ -30,8 +30,7 @@ require (
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/go-logr/logr v1.4.2 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
- github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
- github.com/google/generative-ai-go v0.18.0 // indirect
+ github.com/google/generative-ai-go v0.19.0 // indirect
github.com/google/go-cmp v0.6.0 // indirect
github.com/google/renameio/v2 v2.0.0 // indirect
github.com/google/s2a-go v0.1.8 // indirect
@@ -41,28 +40,27 @@ require (
github.com/gookit/color v1.5.4 // indirect
github.com/rogpeppe/go-internal v1.13.1 // indirect
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
- go.opencensus.io v0.24.0 // indirect
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.57.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0 // indirect
go.opentelemetry.io/otel v1.32.0 // indirect
go.opentelemetry.io/otel/metric v1.32.0 // indirect
go.opentelemetry.io/otel/trace v1.32.0 // indirect
- golang.org/x/crypto v0.29.0 // indirect
- golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f // indirect
- golang.org/x/exp/typeparams v0.0.0-20241108190413-2d47ceb2692f // indirect
+ golang.org/x/crypto v0.31.0 // indirect
+ golang.org/x/exp v0.0.0-20241210194714-1829a127f884 // indirect
+ golang.org/x/exp/typeparams v0.0.0-20241210194714-1829a127f884 // indirect
golang.org/x/mod v0.22.0 // indirect
- golang.org/x/net v0.31.0 // indirect
+ golang.org/x/net v0.32.0 // indirect
golang.org/x/oauth2 v0.24.0 // indirect
- golang.org/x/sync v0.9.0 // indirect
- golang.org/x/sys v0.27.0 // indirect
- golang.org/x/telemetry v0.0.0-20241108154256-525ce2e96f55 // indirect
- golang.org/x/term v0.26.0 // indirect
- golang.org/x/text v0.20.0 // indirect
+ golang.org/x/sync v0.10.0 // indirect
+ golang.org/x/sys v0.28.0 // indirect
+ golang.org/x/telemetry v0.0.0-20241204182053-c0ac0e154df3 // indirect
+ golang.org/x/term v0.27.0 // indirect
+ golang.org/x/text v0.21.0 // indirect
golang.org/x/time v0.8.0 // indirect
- google.golang.org/api v0.209.0 // indirect
- google.golang.org/genproto/googleapis/api v0.0.0-20241202173237-19429a94021a // indirect
- google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a // indirect
- google.golang.org/grpc v1.68.0 // indirect
+ google.golang.org/api v0.211.0 // indirect
+ google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576 // indirect
+ google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect
+ google.golang.org/grpc v1.68.1 // indirect
google.golang.org/protobuf v1.35.2 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
mvdan.cc/editorconfig v0.3.0 // indirect
diff --git a/internal/tools/go.sum b/internal/tools/go.sum
index 32603bd7..1b4a2e44 100644
--- a/internal/tools/go.sum
+++ b/internal/tools/go.sum
@@ -1,31 +1,21 @@
-cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.116.0 h1:B3fRrSDkLRt5qSHWe40ERJvhvnQwdZiHu0bJOpldweE=
cloud.google.com/go v0.116.0/go.mod h1:cEPSRWPzZEswwdr9BxE6ChEn01dWlTaF05LiC2Xs70U=
cloud.google.com/go/ai v0.9.0 h1:r1Ig8O8+Qr3Ia3WfoO+gokD0fxB2Rk4quppuKjmGMsY=
cloud.google.com/go/ai v0.9.0/go.mod h1:28bKM/oxmRgxmRgI1GLumFv+NSkt+DscAg/gF+54zzY=
-cloud.google.com/go/auth v0.11.0 h1:Ic5SZz2lsvbYcWT5dfjNWgw6tTlGi2Wc8hyQSC9BstA=
-cloud.google.com/go/auth v0.11.0/go.mod h1:xxA5AqpDrvS+Gkmo9RqrGGRh6WSNKKOXhY3zNOr38tI=
+cloud.google.com/go/auth v0.12.1 h1:n2Bj25BUMM0nvE9D2XLTiImanwZhO3DkfWSYS/SAJP4=
+cloud.google.com/go/auth v0.12.1/go.mod h1:BFMu+TNpF3DmvfBO9ClqTR/SiqVIm7LukKF9mbendF4=
cloud.google.com/go/auth/oauth2adapt v0.2.6 h1:V6a6XDu2lTwPZWOawrAa9HUK+DB2zfJyTuciBG5hFkU=
cloud.google.com/go/auth/oauth2adapt v0.2.6/go.mod h1:AlmsELtlEBnaNTL7jCj8VQFLy6mbZv0s4Q7NGBeQ5E8=
cloud.google.com/go/compute/metadata v0.5.2 h1:UxK4uu/Tn+I3p2dYWTfiX4wva7aYlKixAHn3fyqngqo=
cloud.google.com/go/compute/metadata v0.5.2/go.mod h1:C66sj2AluDcIqakBq/M8lw8/ybHgOZqin2obFxa/E5k=
cloud.google.com/go/longrunning v0.6.3 h1:A2q2vuyXysRcwzqDpMMLSI6mb6o39miS52UEG/Rd2ng=
cloud.google.com/go/longrunning v0.6.3/go.mod h1:k/vIs83RN4bE3YCswdXC5PFfWVILjm3hpEUlSko4PiI=
-github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c h1:pxW6RcqyfI9/kWtOwnv/G+AzdKuy2ZrqINhenH4HyNs=
github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
github.com/ccojocar/zxcvbn-go v1.0.2 h1:na/czXU8RrhXO4EZme6eQJLR4PzcGsahsBOAwU6I3Vg=
github.com/ccojocar/zxcvbn-go v1.0.2/go.mod h1:g1qkXtUSvHP8lhHp5GrSmTz6uWALGRMQdw6Qnz/hi60=
-github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
-github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
-github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
-github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
-github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
-github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/fzipp/gocyclo v0.6.0 h1:lsblElZG7d3ALtGMx9fmxeTKZaLLpU8mET09yN4BBLo=
@@ -39,34 +29,14 @@ github.com/go-quicktest/qt v1.101.0 h1:O1K29Txy5P2OK0dGo59b7b0LR6wKfIhttaAhHUyn7
github.com/go-quicktest/qt v1.101.0/go.mod h1:14Bz/f7NwaXPtdYEgzsx46kqSxVwTbzVZsDC26tQJow=
github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
-github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
-github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ=
-github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw=
-github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
-github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
-github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
-github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
-github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
-github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
-github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
-github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
github.com/golangci/misspell v0.6.0 h1:JCle2HUTNWirNlDIAUO44hUsKhOFqGPoC4LZxlaSXDs=
github.com/golangci/misspell v0.6.0/go.mod h1:keMNyY6R9isGaSAu+4Q8NMBwMPkh15Gtc8UCVoDtAWo=
-github.com/google/generative-ai-go v0.18.0 h1:6ybg9vOCLcI/UpBBYXOTVgvKmcUKFRNj+2Cj3GnebSo=
-github.com/google/generative-ai-go v0.18.0/go.mod h1:JYolL13VG7j79kM5BtHz4qwONHkeJQzOCkKXnpqtS/E=
+github.com/google/generative-ai-go v0.19.0 h1:R71szggh8wHMCUlEMsW2A/3T+5LdEIkiaHSYgSpUgdg=
+github.com/google/generative-ai-go v0.19.0/go.mod h1:JYolL13VG7j79kM5BtHz4qwONHkeJQzOCkKXnpqtS/E=
github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786 h1:rcv+Ippz6RAtvaGgKxc+8FQIpxHgsF+HBzPyYL2cyVU=
github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786/go.mod h1:apVn/GCasLZUVpAJ6oWAuyP7Ne7CEsQbTnc0plM3m+o=
-github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
-github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
@@ -78,7 +48,6 @@ github.com/google/renameio/v2 v2.0.0 h1:UifI23ZTGY8Tt29JbYFiuyIU3eX+RNFtUwefq9qA
github.com/google/renameio/v2 v2.0.0/go.mod h1:BtmJXm5YlszgC+TD4HOEEUFgkJP3nLxehU6hfe7jRt4=
github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM=
github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA=
-github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/googleapis/enterprise-certificate-proxy v0.3.4 h1:XYIDZApgAnrN1c855gTgghdIA6Stxb52D5RnLI1SLyw=
@@ -103,28 +72,19 @@ github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8=
github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
github.com/securego/gosec/v2 v2.21.4 h1:Le8MSj0PDmOnHJgUATjD96PaXRvCpKC+DGJvwyy0Mlk=
github.com/securego/gosec/v2 v2.21.4/go.mod h1:Jtb/MwRQfRxCXyCm1rfM1BEiiiTfUOdyzzAhlr6lUTA=
-github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
-github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
-github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/uudashr/gocognit v1.1.3 h1:l+a111VcDbKfynh+airAy/DJQKaXh2m9vkoysMPSZyM=
-github.com/uudashr/gocognit v1.1.3/go.mod h1:aKH8/e8xbTRBwjbCkwZ8qt4l2EpKXl31KMHgSS+lZ2U=
+github.com/uudashr/gocognit v1.2.0 h1:3BU9aMr1xbhPlvJLSydKwdLN3tEUUrzPSSM8S4hDYRA=
+github.com/uudashr/gocognit v1.2.0/go.mod h1:k/DdKPI6XBZO1q7HgoV2juESI2/Ofj9AcHPZhBBdrTU=
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM=
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
-go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
-go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.57.0 h1:qtFISDHKolvIxzSs0gIaiPUPR0Cucb0F2coHC7ZLdps=
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.57.0/go.mod h1:Y+Pop1Q6hCOnETWTW4NROK/q1hv50hM7yDaUTjG8lp8=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0 h1:DheMAlT6POBP+gh8RUH19EOTnQIor5QE0uSRPtzCpSw=
@@ -137,110 +97,68 @@ go.opentelemetry.io/otel/trace v1.32.0 h1:WIC9mYrXf8TmY/EXuULKc8hR17vE+Hjv2cssQD
go.opentelemetry.io/otel/trace v1.32.0/go.mod h1:+i4rkvCraA+tG6AzwloGaCtkx53Fa+L+V8e9a7YvhT8=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
-golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
-golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f h1:XdNn9LlyWAhLVp6P/i8QYBW+hlyhrhei9uErw2B5GJo=
-golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:D5SMRVC3C2/4+F/DB1wZsLRnSNimn2Sp/NPsCrsv8ak=
-golang.org/x/exp/typeparams v0.0.0-20241108190413-2d47ceb2692f h1:WTyX8eCCyfdqiPYkRGm0MqElSfYFH3yR1+rl/mct9sA=
-golang.org/x/exp/typeparams v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
-golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
-golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
+golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
+golang.org/x/exp v0.0.0-20241210194714-1829a127f884 h1:Y/Mj/94zIQQGHVSv1tTtQBDaQaJe62U9bkDZKKyhPCU=
+golang.org/x/exp v0.0.0-20241210194714-1829a127f884/go.mod h1:qj5a5QZpwLU2NLQudwIN5koi3beDhSAlJwa67PuM98c=
+golang.org/x/exp/typeparams v0.0.0-20241210194714-1829a127f884 h1:1xaZTydL5Gsg78QharTwKfA9FY9CZ1VQj6D/AZEvHR0=
+golang.org/x/exp/typeparams v0.0.0-20241210194714-1829a127f884/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
-golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
-golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/net v0.32.0 h1:ZqPmj8Kzc+Y6e0+skZsuACbx+wzMgo5MQsJh9Qd6aYI=
+golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs=
golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE=
golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
-golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
-golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
+golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
-golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/telemetry v0.0.0-20241108154256-525ce2e96f55 h1:ZZOVC4W26kVZSAW314SD81pWtiRgWNMbZsgLqKXx9lE=
-golang.org/x/telemetry v0.0.0-20241108154256-525ce2e96f55/go.mod h1:7Vh679jcBo81KQrd4wo0gKov7BE6IHwu1tEhHxHNM30=
+golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
+golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/telemetry v0.0.0-20241204182053-c0ac0e154df3 h1:rCLsPBq7l0E9Z451UgkWFkaWYhgt7dGmAlpD6hLjK5I=
+golang.org/x/telemetry v0.0.0-20241204182053-c0ac0e154df3/go.mod h1:8h4Hgq+jcTvCDv2+i7NrfWwpYHcESleo2nGHxLbFLJ4=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.26.0 h1:WEQa6V3Gja/BhNxg540hBip/kkaYtRg3cxg4oXSw4AU=
-golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E=
+golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
+golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
+golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
+golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg=
golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
-golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.27.0 h1:qEKojBykQkQ4EynWy4S8Weg69NumxKdn40Fce3uc/8o=
-golang.org/x/tools v0.27.0/go.mod h1:sUi0ZgbwW9ZPAq26Ekut+weQPR5eIM6GQLQ1Yjm1H0Q=
+golang.org/x/tools v0.28.0 h1:WuB6qZ4RPCQo5aP3WdKZS7i595EdWqWR8vqJTlwTVK8=
+golang.org/x/tools v0.28.0/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw=
golang.org/x/vuln v1.1.3 h1:NPGnvPOTgnjBc9HTaUx+nj+EaUYxl5SJOWqaDYGaFYw=
golang.org/x/vuln v1.1.3/go.mod h1:7Le6Fadm5FOqE9C926BCD0g12NWyhg7cxV4BwcPFuNY=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/api v0.209.0 h1:Ja2OXNlyRlWCWu8o+GgI4yUn/wz9h/5ZfFbKz+dQX+w=
-google.golang.org/api v0.209.0/go.mod h1:I53S168Yr/PNDNMi5yPnDc0/LGRZO6o7PoEbl/HY3CM=
-google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
-google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
-google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
-google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
-google.golang.org/genproto/googleapis/api v0.0.0-20241202173237-19429a94021a h1:OAiGFfOiA0v9MRYsSidp3ubZaBnteRUyn3xB2ZQ5G/E=
-google.golang.org/genproto/googleapis/api v0.0.0-20241202173237-19429a94021a/go.mod h1:jehYqy3+AhJU9ve55aNOaSml7wUXjF9x6z2LcCfpAhY=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a h1:hgh8P4EuoxpsuKMXX/To36nOFD7vixReXgn8lPGnt+o=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU=
-google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
-google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
-google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
-google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
-google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
-google.golang.org/grpc v1.68.0 h1:aHQeeJbo8zAkAa3pRzrVjZlbz6uSfeOXlJNQM0RAbz0=
-google.golang.org/grpc v1.68.0/go.mod h1:fmSPC5AsjSBCK54MyHRx48kpOti1/jRfOlwEWywNjWA=
-google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
-google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
-google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
-google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
-google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
-google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
+google.golang.org/api v0.211.0 h1:IUpLjq09jxBSV1lACO33CGY3jsRcbctfGzhj+ZSE/Bg=
+google.golang.org/api v0.211.0/go.mod h1:XOloB4MXFH4UTlQSGuNUxw0UT74qdENK8d6JNsXKLi0=
+google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576 h1:CkkIfIt50+lT6NHAVoRYEyAvQGFM7xEwXUUywFvEb3Q=
+google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576/go.mod h1:1R3kvZ1dtP3+4p4d3G8uJ8rFk/fWlScl38vanWACI08=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 h1:8ZmaLZE4XWrtU3MyClkYqqtl6Oegr3235h7jxsDyqCY=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU=
+google.golang.org/grpc v1.68.1 h1:oI5oTa11+ng8r8XMMN7jAOmWfPZWbYpCFaMUTACxkM0=
+google.golang.org/grpc v1.68.1/go.mod h1:+q1XYFJjShcqn0QZHvCyeR4CXPA+llXIeUIfIe00waw=
google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io=
google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.5.1 h1:4bH5o3b5ZULQ4UrBmP+63W9r7qIkqJClEA9ko5YKx+I=
honnef.co/go/tools v0.5.1/go.mod h1:e9irvo83WDG9/irijV44wr3tbhcFeRnfpVlRqVwpzMs=
mvdan.cc/editorconfig v0.3.0 h1:D1D2wLYEYGpawWT5SpM5pRivgEgXjtEXwC9MWhEY0gQ=
diff --git a/openapi/CHANGELOG.md b/openapi/CHANGELOG.md
index e9894c37..f2bd9baf 100644
--- a/openapi/CHANGELOG.md
+++ b/openapi/CHANGELOG.md
@@ -4,105 +4,104 @@
## v0.108.0: API changes
-## v0.107.55: API changes
+## v0.107.56: API changes
+
+### Documentation fix of `NetInterface`
+
+- The `NetInterface` object schema has been updated to reflect the actual structure of the response. It has included and required the `ipv4_addresses` and `ipv6_addresses` fields, required the `gateway_ip` field, and excluded the `mtu` field.
+
+### Deprecated client APIs
+
+- The `GET /control/clients/find` HTTP API; use the new `POST /control/clients/search` API instead.
+
+### New client APIs
+
+- The new `POST /control/clients/search` HTTP API allows config updates. It accepts a JSON object with the following format:
+
+ ```json
+ {
+ "clients": [
+ {
+ "id": "192.0.2.1"
+ },
+ {
+ "id": "test"
+ }
+ ]
+ }
+ ```
+
+## v0.107.53: API changes
### The new field `"ecosia"` in `SafeSearchConfig`
-* The new field `"ecosia"` in `PUT /control/safesearch/settings` and
- `GET /control/safesearch/status` is true if safe search is enforced for Ecosia
- search engine.
+- The new field `"ecosia"` in `PUT /control/safesearch/settings` and `GET /control/safesearch/status` is true if safe search is enforced for Ecosia search engine.
## v0.107.44: API changes
### The field `"upstream_mode"` in `DNSConfig`
-* The field `"upstream_mode"` in `POST /control/dns_config` and
- `GET /control/dns_info` now accepts `load_balance` value. Note that, the usage
- of an empty string or field absence is considered to as deprecated and is not
- recommended. Use `load_balance` instead.
+- The field `"upstream_mode"` in `POST /control/dns_config` and `GET /control/dns_info` now accepts `load_balance` value. Note that, the usage of an empty string or field absence is considered to as deprecated and is not recommended. Use `load_balance` instead.
### Type correction in `Client`
-* Field `upstreams_cache_size` of object `Client` now correctly has type
- `integer` instead of the previous incorrect type `boolean`.
+- Field `upstreams_cache_size` of object `Client` now correctly has type `integer` instead of the previous incorrect type `boolean`.
## v0.107.42: API changes
### The new field `"serve_plain_dns"` in `TlsConfig`
-* The new field `"serve_plain_dns"` in `POST /control/tls/configure`,
- `POST /control/tls/validate` and `GET /control/tls/status` is true if plain
- DNS is allowed for incoming requests.
+- The new field `"serve_plain_dns"` in `POST /control/tls/configure`, `POST /control/tls/validate` and `GET /control/tls/status` is true if plain DNS is allowed for incoming requests.
### The new fields `"upstreams_cache_enabled"` and `"upstreams_cache_size"` in `Client` object
-* The new field `"upstreams_cache_enabled"` in `GET /control/clients`,
- `GET /control/clients/find`, `POST /control/clients/add`, and
- `POST /control/clients/update` methods shows if client's DNS cache is enabled
- for the client. If not set AdGuard Home will use default value (false).
+- The new field `"upstreams_cache_enabled"` in `GET /control/clients`, `GET /control/clients/find`, `POST /control/clients/add`, and `POST /control/clients/update` methods shows if client’s DNS cache is enabled for the client. If not set AdGuard Home will use default value (false).
-* The new field `"upstreams_cache_size"` in `GET /control/clients`,
- `GET /control/clients/find`, `POST /control/clients/add`, and
- `POST /control/clients/update` methods is the size of client's DNS cache in
- bytes.
+- The new field `"upstreams_cache_size"` in `GET /control/clients`, `GET /control/clients/find`, `POST /control/clients/add`, and `POST /control/clients/update` methods is the size of client’s DNS cache in bytes.
### The new field `"ratelimit_subnet_len_ipv4"` in `DNSConfig` object
-* The new field `"ratelimit_subnet_len_ipv4"` in `GET /control/dns_info` and
- `POST /control/dns_config` is the length of the subnet mask for IPv4
- addresses.
+- The new field `"ratelimit_subnet_len_ipv4"` in `GET /control/dns_info` and `POST /control/dns_config` is the length of the subnet mask for IPv4 addresses.
### The new field `"ratelimit_subnet_len_ipv6"` in `DNSConfig` object
-* The new field `"ratelimit_subnet_len_ipv6"` in `GET /control/dns_info` and
- `POST /control/dns_config` is the length of the subnet mask for IPv6
- addresses.
+- The new field `"ratelimit_subnet_len_ipv6"` in `GET /control/dns_info` and `POST /control/dns_config` is the length of the subnet mask for IPv6 addresses.
### The new field `"ratelimit_whitelist"` in `DNSConfig` object
-* The new field `"blocked_response_ttl"` in `GET /control/dns_info` and `POST
- /control/dns_config` is the list of IP addresses excluded from rate limiting.
+- The new field `"blocked_response_ttl"` in `GET /control/dns_info` and `POST /control/dns_config` is the list of IP addresses excluded from rate limiting.
## v0.107.39: API changes
### New HTTP API 'POST /control/dhcp/update_static_lease'
-* The new `POST /control/dhcp/update_static_lease` HTTP API allows modifying IP
- address, hostname of the static DHCP lease. IP version must be the same as
- previous.
+- The new `POST /control/dhcp/update_static_lease` HTTP API allows modifying IP address, hostname of the static DHCP lease. IP version must be the same as previous.
### The new field `"blocked_response_ttl"` in `DNSConfig` object
-* The new field `"blocked_response_ttl"` in `GET /control/dns_info` and `POST
- /control/dns_config` is the TTL for blocked responses.
+- The new field `"blocked_response_ttl"` in `GET /control/dns_info` and `POST /control/dns_config` is the TTL for blocked responses.
## v0.107.37: API changes
### The new field `"fallback_dns"` in `UpstreamsConfig` object
-* The new field `"fallback_dns"` in `POST /control/test_upstream_dns` is the
- list of fallback DNS servers to test.
+- The new field `"fallback_dns"` in `POST /control/test_upstream_dns` is the list of fallback DNS servers to test.
### The new field `"fallback_dns"` in `DNSConfig` object
-* The new field `"fallback_dns"` in `GET /control/dns_info` and `POST
- /control/dns_config` is the list of fallback DNS servers used when upstream
- DNS servers are not responding.
+- The new field `"fallback_dns"` in `GET /control/dns_info` and `POST /control/dns_config` is the list of fallback DNS servers used when upstream DNS servers are not responding.
### Deprecated blocked services APIs
-* The `GET /control/blocked_services/list` HTTP API; use the new `GET
- /control/blocked_services/get` API instead.
+- The `GET /control/blocked_services/list` HTTP API; use the new `GET /control/blocked_services/get` API instead.
-* The `POST /control/blocked_services/set` HTTP API; use the new `PUT
- /control/blocked_services/update` API instead.
+- The `POST /control/blocked_services/set` HTTP API; use the new `PUT /control/blocked_services/update` API instead.
### New blocked services APIs
-* The new `GET /control/blocked_services/get` HTTP API.
+- The new `GET /control/blocked_services/get` HTTP API.
-* The new `PUT /control/blocked_services/update` HTTP API allows config
- updates.
+- The new `PUT /control/blocked_services/update` HTTP API allows config updates.
These APIs accept and return a JSON object with the following format:
@@ -125,13 +124,12 @@ These APIs accept and return a JSON object with the following format:
The following HTTP APIs have been changed:
-* `GET /control/clients`;
-* `GET /control/clients/find?ip0=...&ip1=...&ip2=...`;
-* `POST /control/clients/add`;
-* `POST /control/clients/update`;
+- `GET /control/clients`;
+- `GET /control/clients/find?ip0=...&ip1=...&ip2=...`;
+- `POST /control/clients/add`;
+- `POST /control/clients/update`;
-The new field `blocked_services_schedule` has been added to JSON objects. It
-has the following format:
+The new field `blocked_services_schedule` has been added to JSON objects. It has the following format:
```json
{
@@ -171,87 +169,66 @@ has the following format:
### The new fields `"top_upstreams_responses"` and `"top_upstreams_avg_time"` in `Stats` object
-* The new field `"top_upstreams_responses"` in `GET /control/stats` method
- shows the total number of responses from each upstream.
+- The new field `"top_upstreams_responses"` in `GET /control/stats` method shows the total number of responses from each upstream.
-* The new field `"top_upstreams_avg_time"` in `GET /control/stats` method shows
- the average processing time in seconds of requests from each upstream.
+- The new field `"top_upstreams_avg_time"` in `GET /control/stats` method shows the average processing time in seconds of requests from each upstream.
## v0.107.30: API changes
### `POST /control/version.json` and `GET /control/dhcp/interfaces` content type
-* The value of the `Content-Type` header in the `POST /control/version.json` and
- `GET /control/dhcp/interfaces` HTTP APIs is now correctly set to
- `application/json` as opposed to `text/plain`.
+- The value of the `Content-Type` header in the `POST /control/version.json` and `GET /control/dhcp/interfaces` HTTP APIs is now correctly set to `application/json` as opposed to `text/plain`.
### New HTTP API 'PUT /control/rewrite/update'
-* The new `PUT /control/rewrite/update` HTTP API allows rewrite rule updates.
- It accepts a JSON object with the following format:
-
-```json
-{
- "target": {
- "domain": "example.com",
- "answer": "answer-to-update"
- },
- "update": {
- "domain": "example.com",
- "answer": "new-answer"
- }
-}
-```
-
+- The new `PUT /control/rewrite/update` HTTP API allows rewrite rule updates. It accepts a JSON object with the following format:
+ ```json
+ {
+ "target": {
+ "domain": "example.com",
+ "answer": "answer-to-update"
+ },
+ "update": {
+ "domain": "example.com",
+ "answer": "new-answer"
+ }
+ }
+ ```
## v0.107.29: API changes
### `GET /control/clients` And `GET /control/clients/find`
-* The new optional fields `"ignore_querylog"` and `"ignore_statistics"` are set
- if AdGuard Home excludes client activity from query log or statistics.
+
+- The new optional fields `"ignore_querylog"` and `"ignore_statistics"` are set if AdGuard Home excludes client activity from query log or statistics.
### `POST /control/clients/add` And `POST /control/clients/update`
-* The new optional fields `"ignore_querylog"` and `"ignore_statistics"` make
- AdGuard Home exclude client activity from query log or statistics. If not
- set AdGuard Home will use default value (false). It can be changed in the
- future versions.
-
+- The new optional fields `"ignore_querylog"` and `"ignore_statistics"` make AdGuard Home exclude client activity from query log or statistics. If not set AdGuard Home will use default value (false). It can be changed in the future versions.
## v0.107.27: API changes
### The new optional fields `"edns_cs_use_custom"` and `"edns_cs_custom_ip"` in `DNSConfig`
-* The new optional fields `"edns_cs_use_custom"` and `"edns_cs_custom_ip"` in
- `POST /control/dns_config` method makes AdGuard Home use or not use the
- custom IP for EDNS Client Subnet.
+- The new optional fields `"edns_cs_use_custom"` and `"edns_cs_custom_ip"` in `POST /control/dns_config` method makes AdGuard Home use or not use the custom IP for EDNS Client Subnet.
-* The new optional fields `"edns_cs_use_custom"` and `"edns_cs_custom_ip"` in
- `GET /control/dns_info` method are set if AdGuard Home uses custom IP for
- EDNS Client Subnet.
+- The new optional fields `"edns_cs_use_custom"` and `"edns_cs_custom_ip"` in `GET /control/dns_info` method are set if AdGuard Home uses custom IP for EDNS Client Subnet.
### Deprecated statistics APIs
-* The `GET /control/stats_info` HTTP API; use the new `GET
- /control/stats/config` API instead.
+- The `GET /control/stats_info` HTTP API; use the new `GET /control/stats/config` API instead.
- **NOTE:** If `interval` was configured by editing configuration file or new
- HTTP API call `PUT /control/stats/config/update` and it's not equal to
- previous allowed enum values then it will be equal to `90` days for
- compatibility reasons.
+ **NOTE:** If `interval` was configured by editing configuration file or new HTTP API call `PUT /control/stats/config/update` and it’s not equal to previous allowed enum values then it will be equal to `90` days for compatibility reasons.
-* The `POST /control/stats_config` HTTP API; use the new `PUT
- /control/stats/config/update` API instead.
+- The `POST /control/stats_config` HTTP API; use the new `PUT /control/stats/config/update` API instead.
### New statistics APIs
-* The new `GET /control/stats/config` HTTP API.
+- The new `GET /control/stats/config` HTTP API.
-* The new `PUT /control/stats/config/update` HTTP API allows config updates.
+- The new `PUT /control/stats/config/update` HTTP API allows config updates.
-These `control/stats/config/update` and `control/stats/config` APIs accept and
-return a JSON object with the following format:
+These `control/stats/config/update` and `control/stats/config` APIs accept and return a JSON object with the following format:
```json
{
@@ -265,25 +242,19 @@ return a JSON object with the following format:
### Deprecated query log APIs
-* The `GET /control/querylog_info` HTTP API; use the new `GET
- /control/querylog/config` API instead.
+- The `GET /control/querylog_info` HTTP API; use the new `GET /control/querylog/config` API instead.
- **NOTE:** If `interval` was configured by editing configuration file or new
- HTTP API call `PUT /control/querylog/config/update` and it's not equal to
- previous allowed enum values then it will be equal to `90` days for
- compatibility reasons.
+ **NOTE:** If `interval` was configured by editing configuration file or new HTTP API call `PUT /control/querylog/config/update` and it’s not equal to previous allowed enum values then it will be equal to `90` days for compatibility reasons.
-* The `POST /control/querylog_config` HTTP API; use the new `PUT
- /control/querylog/config/update` API instead.
+- The `POST /control/querylog_config` HTTP API; use the new `PUT /control/querylog/config/update` API instead.
### New query log APIs
-* The new `GET /control/querylog/config` HTTP API.
+- The new `GET /control/querylog/config` HTTP API.
-* The new `PUT /control/querylog/config/update` HTTP API allows config updates.
+- The new `PUT /control/querylog/config/update` HTTP API allows config updates.
-These `control/querylog/config/update` and `control/querylog/config` APIs
-accept and return a JSON object with the following format:
+These `control/querylog/config/update` and `control/querylog/config` APIs accept and return a JSON object with the following format:
```json
{
@@ -298,18 +269,15 @@ accept and return a JSON object with the following format:
### New `"protection_disabled_until"` field in `GET /control/dns_info` response
-* The new field `"protection_disabled_until"` in `GET /control/dns_info` is the
- timestamp until when the protection is disabled.
+- The new field `"protection_disabled_until"` in `GET /control/dns_info` is the timestamp until when the protection is disabled.
### New `"protection_disabled_duration"` field in `GET /control/status` response
-* The new field `"protection_disabled_duration"` is the duration of protection
- pause in milliseconds.
+- The new field `"protection_disabled_duration"` is the duration of protection pause in milliseconds.
### `POST /control/protection`
-* The new `POST /control/protection` HTTP API allows to pause protection for
- specified duration in milliseconds.
+- The new `POST /control/protection` HTTP API allows to pause protection for specified duration in milliseconds.
This API accepts a JSON object with the following format:
@@ -324,57 +292,52 @@ This API accepts a JSON object with the following format:
The following HTTP APIs are deprecated:
-* `POST /control/safesearch/enable` is deprecated. Use the new
- `PUT /control/safesearch/settings`.
+- `POST /control/safesearch/enable` is deprecated. Use the new `PUT /control/safesearch/settings`.
-* `POST /control/safesearch/disable` is deprecated. Use the new
- `PUT /control/safesearch/settings`.
+- `POST /control/safesearch/disable` is deprecated. Use the new `PUT /control/safesearch/settings`.
### New HTTP API `PUT /control/safesearch/settings`
-* The new `PUT /control/safesearch/settings` HTTP API allows safesearch
- settings updates. It accepts a JSON object with the following format:
+- The new `PUT /control/safesearch/settings` HTTP API allows safesearch settings updates. It accepts a JSON object with the following format:
-```json
-{
- "enabled": true,
- "bing": false,
- "duckduckgo": true,
- "google": false,
- "pixabay": false,
- "yandex": true,
- "youtube": false
-}
-```
+ ```json
+ {
+ "enabled": true,
+ "bing": false,
+ "duckduckgo": true,
+ "google": false,
+ "pixabay": false,
+ "yandex": true,
+ "youtube": false
+ }
+ ```
### `GET /control/safesearch/status`
-* The `control/safesearch/status` HTTP API has been changed. It now returns a
- JSON object with the following format:
+- The `control/safesearch/status` HTTP API has been changed. It now returns a JSON object with the following format:
-```json
-{
- "enabled": true,
- "bing": false,
- "duckduckgo": true,
- "google": false,
- "pixabay": false,
- "yandex": true,
- "youtube": false
-}
-```
+ ```json
+ {
+ "enabled": true,
+ "bing": false,
+ "duckduckgo": true,
+ "google": false,
+ "pixabay": false,
+ "yandex": true,
+ "youtube": false
+ }
+ ```
### `/control/clients` HTTP APIs
The following HTTP APIs have been changed:
-* `GET /control/clients`;
-* `GET /control/clients/find?ip0=...&ip1=...&ip2=...`;
-* `POST /control/clients/add`;
-* `POST /control/clients/update`;
+- `GET /control/clients`;
+- `GET /control/clients/find?ip0=...&ip1=...&ip2=...`;
+- `POST /control/clients/add`;
+- `POST /control/clients/update`;
-The `safesearch_enabled` field is deprecated. The new field `safe_search` has
-been added to JSON objects. It has the following format:
+The `safesearch_enabled` field is deprecated. The new field `safe_search` has been added to JSON objects. It has the following format:
```json
{
@@ -388,22 +351,17 @@ been added to JSON objects. It has the following format:
}
```
-
-
## v0.107.23: API changes
### Experimental “beta” APIs removed
The following experimental beta APIs have been removed:
- * `GET /control/install/get_addresses_beta`;
- * `POST /control/install/check_config_beta`;
- * `POST /control/install/configure_beta`.
-
-They never quite worked properly, and the future new version of AdGuard Home API
-will probably be different.
-
+- `GET /control/install/get_addresses_beta`;
+- `POST /control/install/check_config_beta`;
+- `POST /control/install/configure_beta`.
+They never quite worked properly, and the future new version of AdGuard Home API will probably be different.
## v0.107.22: API changes
@@ -415,12 +373,11 @@ Use `PUT /control/profile/update`.
Use `GET /control/profile`.
-* The `/control/profile` HTTP API has been changed.
+- The `/control/profile` HTTP API has been changed.
-* The new `PUT /control/profile/update` HTTP API allows user info updates.
+- The new `PUT /control/profile/update` HTTP API allows user info updates.
-These `control/profile/update` and `control/profile` APIs accept and return a
-JSON object with the following format:
+These `control/profile/update` and `control/profile` APIs accept and return a JSON object with the following format:
```json
{
@@ -430,15 +387,11 @@ JSON object with the following format:
}
```
-
-
## v0.107.20: API Changes
### `POST /control/cache_clear`
-* The new `POST /control/cache_clear` HTTP API allows clearing the DNS cache.
-
-
+- The new `POST /control/cache_clear` HTTP API allows clearing the DNS cache.
## v0.107.17: API Changes
@@ -448,55 +401,41 @@ Use `GET /control/blocked_services/all`.
### `GET /control/blocked_services/all`
-* The new `GET /control/blocked_services/all` HTTP API allows inspecting all
- available services and their data, such as SVG icons and human-readable names.
-
-
+- The new `GET /control/blocked_services/all` HTTP API allows inspecting all available services and their data, such as SVG icons and human-readable names.
## v0.107.15: `POST` Requests Without Bodies
-As an additional CSRF protection measure, AdGuard Home now ensures that requests
-that change its state but have no body do not have a `Content-Type` header set
-on them.
+As an additional CSRF protection measure, AdGuard Home now ensures that requests that change its state but have no body do not have a `Content-Type` header set on them.
This concerns the following APIs:
-* `POST /control/dhcp/reset_leases`;
-* `POST /control/dhcp/reset`;
-* `POST /control/parental/disable`;
-* `POST /control/parental/enable`;
-* `POST /control/querylog_clear`;
-* `POST /control/safebrowsing/disable`;
-* `POST /control/safebrowsing/enable`;
-* `POST /control/safesearch/disable`;
-* `POST /control/safesearch/enable`;
-* `POST /control/stats_reset`;
-* `POST /control/update`.
-
-
+- `POST /control/dhcp/reset_leases`;
+- `POST /control/dhcp/reset`;
+- `POST /control/parental/disable`;
+- `POST /control/parental/enable`;
+- `POST /control/querylog_clear`;
+- `POST /control/safebrowsing/disable`;
+- `POST /control/safebrowsing/enable`;
+- `POST /control/safesearch/disable`;
+- `POST /control/safesearch/enable`;
+- `POST /control/stats_reset`;
+- `POST /control/update`.
## v0.107.14: BREAKING API CHANGES
-A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. We have
-implemented several measures to prevent such vulnerabilities in the future, but
-some of these measures break backwards compatibility for the sake of better
-protection.
+A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. We have implemented several measures to prevent such vulnerabilities in the future, but some of these measures break backwards compatibility for the sake of better protection.
-All JSON APIs that expect a body now check if the request actually has
-`Content-Type` set to `application/json`.
+All JSON APIs that expect a body now check if the request actually has `Content-Type` set to `application/json`.
-All new formats for the request and response bodies are documented in
-`openapi.yaml`.
+All new formats for the request and response bodies are documented in `openapi.yaml`.
### `POST /control/filtering/set_rules` And Other Plain-Text APIs
-The following APIs, which previously accepted or returned `text/plain` data,
-now accept or return data as JSON.
+The following APIs, which previously accepted or returned `text/plain` data, now accept or return data as JSON.
#### `POST /control/filtering/set_rules`
-Previously, the API accepted a raw list of filters as a plain-text file. Now,
-the filters must be presented in a JSON object with the following format:
+Previously, the API accepted a raw list of filters as a plain-text file. Now, the filters must be presented in a JSON object with the following format:
```json
{
@@ -510,8 +449,7 @@ the filters must be presented in a JSON object with the following format:
#### `GET /control/i18n/current_language` And `POST /control/i18n/change_language`
-Previously, these APIs accepted and returned the language code in plain text.
-Now, they accept and return them in a JSON object with the following format:
+Previously, these APIs accepted and returned the language code in plain text. Now, they accept and return them in a JSON object with the following format:
```json
{
@@ -521,9 +459,7 @@ Now, they accept and return them in a JSON object with the following format:
#### `POST /control/dhcp/find_active_dhcp`
-Previously, the API accepted the name of the network interface as a plain-text
-string. Now, it must be contained within a JSON object with the following
-format:
+Previously, the API accepted the name of the network interface as a plain-text string. Now, it must be contained within a JSON object with the following format:
```json
{
@@ -531,252 +467,198 @@ format:
}
```
-
-
## v0.107.12: API changes
### `GET /control/blocked_services/services`
-* The new `GET /control/blocked_services/services` HTTP API allows inspecting
- all available services.
-
-
+- The new `GET /control/blocked_services/services` HTTP API allows inspecting all available services.
## v0.107.7: API changes
### The new optional field `"ecs"` in `QueryLogItem`
-* The new optional field `"ecs"` in `GET /control/querylog` contains the IP
- network from an EDNS Client-Subnet option from the request message if any.
-
-### The new possible status code in `/install/configure` response.
-
-* The new status code `422 Unprocessable Entity` in the response for
- `POST /install/configure` which means that the specified password does not
- meet the strength requirements.
+- The new optional field `"ecs"` in `GET /control/querylog` contains the IP network from an EDNS Client-Subnet option from the request message if any.
+### The new possible status code in `/install/configure` response
+- The new status code `422 Unprocessable Entity` in the response for `POST /install/configure` which means that the specified password does not meet the strength requirements.
## v0.107.3: API changes
### The new field `"version"` in `AddressesInfo`
-* The new field `"version"` in `GET /install/get_addresses` is the version of
- the AdGuard Home instance.
-
-
+- The new field `"version"` in `GET /install/get_addresses` is the version of the AdGuard Home instance.
## v0.107.0: API changes
### The new field `"cached"` in `QueryLogItem`
-* The new field `"cached"` in `GET /control/querylog` is true if the response is
- served from cache instead of being resolved by an upstream server.
+- The new field `"cached"` in `GET /control/querylog` is true if the response is served from cache instead of being resolved by an upstream server.
### New constant values for `filter_list_id` field in `ResultRule`
-* Value of `0` is now used for custom filtering rules list.
+- Value of `0` is now used for custom filtering rules list.
-* Value of `-1` is now used for rules generated from the operating system hosts
- files.
+- Value of `-1` is now used for rules generated from the operating system hosts files.
-* Value of `-2` is now used for blocked services' rules.
+- Value of `-2` is now used for blocked services’ rules.
-* Value of `-3` is now used for rules generated by parental control web service.
+- Value of `-3` is now used for rules generated by parental control web service.
-* Value of `-4` is now used for rules generated by safe browsing web service.
+- Value of `-4` is now used for rules generated by safe browsing web service.
-* Value of `-5` is now used for rules generated by safe search web service.
+- Value of `-5` is now used for rules generated by safe search web service.
### New possible value of `"name"` field in `QueryLogItemClient`
-* The value of `"name"` field in `GET /control/querylog` method is never empty:
- either persistent client's name or runtime client's hostname.
+- The value of `"name"` field in `GET /control/querylog` method is never empty, either persistent client’s name or runtime client’s hostname.
### Lists in `AccessList`
-* Fields `"allowed_clients"`, `"disallowed_clients"` and `"blocked_hosts"` in
- `POST /access/set` now should contain only unique elements.
+- Fields `"allowed_clients"`, `"disallowed_clients"` and `"blocked_hosts"` in `POST /access/set` now should contain only unique elements.
-* Fields `"allowed_clients"` and `"disallowed_clients"` cannot contain the same
- elements.
+- Fields `"allowed_clients"` and `"disallowed_clients"` cannot contain the same elements.
### The new field `"private_key_saved"` in `TlsConfig`
-* The new field `"private_key_saved"` in `POST /control/tls/configure`,
- `POST /control/tls/validate` and `GET /control/tls/status` is true if the
- private key was previously saved as a string and now the private key omitted
- from communication between server and client due to security issues.
+- The new field `"private_key_saved"` in `POST /control/tls/configure`, `POST /control/tls/validate` and `GET /control/tls/status` is true if the private key was previously saved as a string and now the private key omitted from communication between server and client due to security issues.
### The new field `"cache_optimistic"` in DNS configuration
-* The new optional field `"cache_optimistic"` in `POST /control/dns_config`
- method makes AdGuard Home use or not use the optimistic cache mechanism.
+- The new optional field `"cache_optimistic"` in `POST /control/dns_config` method makes AdGuard Home use or not use the optimistic cache mechanism.
-* The new field `"cache_optimistic"` in `GET /control/dns_info` method is true
- if AdGuard Home uses the optimistic cache mechanism.
+- The new field `"cache_optimistic"` in `GET /control/dns_info` method is true if AdGuard Home uses the optimistic cache mechanism.
### New possible value of `"interval"` field in `QueryLogConfig`
-* The value of `"interval"` field in `POST /control/querylog_config` and `GET
- /control/querylog_info` methods could now take the value of `0.25`. It's
- equal to 6 hours.
+- The value of `"interval"` field in `POST /control/querylog_config` and `GET /control/querylog_info` methods could now take the value of `0.25`. It’s equal to 6 hours.
-* All the possible values of `"interval"` field are enumerated.
+- All the possible values of `"interval"` field are enumerated.
-* The type of `"interval"` field is now `number` instead of `integer`.
+- The type of `"interval"` field is now `number` instead of `integer`.
### ClientIDs in Access Settings
-* The `POST /control/access/set` HTTP API now accepts ClientIDs in
- `"allowed_clients"` and `"disallowed_clients"` fields.
+- The `POST /control/access/set` HTTP API now accepts ClientIDs in `"allowed_clients"` and `"disallowed_clients"` fields.
### The new field `"unicode_name"` in `DNSQuestion`
-* The new optional field `"unicode_name"` is the Unicode representation of
- question's domain name. It is only presented if the original question's
- domain name is an IDN.
+- The new optional field `"unicode_name"` is the Unicode representation of question’s domain name. It is only presented if the original question’s domain name is an IDN.
### Documentation fix of `DNSQuestion`
-* Previously incorrectly named field `"host"` in `DNSQuestion` is now named
- `"name"`.
+- Previously incorrectly named field `"host"` in `DNSQuestion` is now named `"name"`.
-### Disabling Statistics
+### Disabling Statistics
-* The `POST /control/stats_config` HTTP API allows disabling statistics by
- setting `"interval"` to `0`.
+- The `POST /control/stats_config` HTTP API allows disabling statistics by setting `"interval"` to `0`.
### `POST /control/dhcp/reset_leases`
-* The new `POST /control/dhcp/reset_leases` HTTP API allows removing all leases
- from the DHCP server's database without erasing its configuration.
+- The new `POST /control/dhcp/reset_leases` HTTP API allows removing all leases from the DHCP server’s database without erasing its configuration.
-### The parameter `"host"` in `GET /apple/*.mobileconfig` is now required.
+### The parameter `"host"` in `GET /apple/*.mobileconfig` is now required
-* The parameter `"host"` in `GET` requests for `/apple/doh.mobileconfig` and
- `/apple/doh.mobileconfig` is now required to prevent unexpected server name's
- value.
+- The parameter `"host"` in `GET` requests for `/apple/doh.mobileconfig` and `/apple/doh.mobileconfig` is now required to prevent unexpected server name’s value.
### The new field `"default_local_ptr_upstreams"` in `GET /control/dns_info`
-* The new optional field `"default_local_ptr_upstreams"` is the list of IP
- addresses AdGuard Home would use by default to resolve PTR request for
- addresses from locally-served networks.
+- The new optional field `"default_local_ptr_upstreams"` is the list of IP addresses AdGuard Home would use by default to resolve PTR request for addresses from locally-served networks.
### The field `"use_private_ptr_resolvers"` in DNS configuration
-* The new optional field `"use_private_ptr_resolvers"` of `"DNSConfig"`
- specifies if the DNS server should use `"local_ptr_upstreams"` at all.
+- The new optional field `"use_private_ptr_resolvers"` of `"DNSConfig"` specifies if the DNS server should use `"local_ptr_upstreams"` at all.
## v0.106: API changes
### The field `"supported_tags"` in `GET /control/clients`
-* Previously undocumented field `"supported_tags"` in the response is now
- documented.
+- Previously undocumented field `"supported_tags"` in the response is now documented.
### The field `"whois_info"` in `GET /control/clients`
-* Objects in the `"auto_clients"` array now have the `"whois_info"` field.
+- Objects in the `"auto_clients"` array now have the `"whois_info"` field.
### New response code in `POST /control/login`
-* `429` is returned when user is out of login attempts. It adds the
- `Retry-After` header with the number of seconds of block left in it.
+- `429` is returned when user is out of login attempts. It adds the `Retry-After` header with the number of seconds of block left in it.
### New `"private_upstream"` field in `POST /test_upstream_dns`
-* The new optional field `"private_upstream"` of `UpstreamConfig` contains the
- upstream servers for resolving locally-served ip addresses to be checked.
+- The new optional field `"private_upstream"` of `UpstreamConfig` contains the upstream servers for resolving locally-served ip addresses to be checked.
### New fields `"resolve_clients"` and `"local_ptr_upstreams"` in DNS configuration
-* The new optional field `"resolve_clients"` of `DNSConfig` is used to turn
- resolving clients' addresses on and off.
+- The new optional field `"resolve_clients"` of `DNSConfig` is used to turn resolving clients’ addresses on and off.
-* The new optional field `"local_ptr_upstreams"` of `"DNSConfig"` contains the
- upstream servers for resolving addresses from locally-served networks. The
- empty `"local_ptr_resolvers"` states that AGH should use resolvers provided by
- the operating system.
+- The new optional field `"local_ptr_upstreams"` of `"DNSConfig"` contains the upstream servers for resolving addresses from locally-served networks. The empty `"local_ptr_resolvers"` states that AGH should use resolvers provided by the operating system.
### New `"client_info"` field in `GET /querylog` response
-* The new optional field `"client_info"` of `QueryLogItem` objects contains
- a more full information about the client.
+- The new optional field `"client_info"` of `QueryLogItem` objects contains a more full information about the client.
## v0.105: API changes
### New `"client_id"` field in `GET /querylog` response
-* The new field `"client_id"` of `QueryLogItem` objects is the ID sent by the
- client for encrypted requests, if there was any. See the
- "[Identifying clients]" section of our wiki.
+- The new field `"client_id"` of `QueryLogItem` objects is the ID sent by the client for encrypted requests, if there was any. See the "[Identifying clients]" section of our wiki.
### New `"dnscrypt"` `"client_proto"` value in `GET /querylog` response
-* The field `"client_proto"` can now have the value `"dnscrypt"` when the
- request was sent over a DNSCrypt connection.
+- The field `"client_proto"` can now have the value `"dnscrypt"` when the request was sent over a DNSCrypt connection.
### New `"reason"` in `GET /filtering/check_host` and `GET /querylog`
-* The new `RewriteRule` reason is added to `GET /filtering/check_host` and
- `GET /querylog`.
+- The new `RewriteRule` reason is added to `GET /filtering/check_host` and `GET /querylog`.
-* Also, the reason which was incorrectly documented as `"ReasonRewrite"` is now
- correctly documented as `"Rewrite"`, and the previously undocumented
- `"RewriteEtcHosts"` is now documented as well.
+- Also, the reason which was incorrectly documented as `"ReasonRewrite"` is now correctly documented as `"Rewrite"`, and the previously undocumented `"RewriteEtcHosts"` is now documented as well.
### Multiple matched rules in `GET /filtering/check_host` and `GET /querylog`
-* The properties `rule` and `filter_id` are now deprecated. API users should
- inspect the newly-added `rules` object array instead. For most rules, it's
- either empty or contains one object, which contains the same things as the old
- two properties did, but under more correct names:
+- The properties `rule` and `filter_id` are now deprecated. API users should inspect the newly-added `rules` object array instead. For most rules, it’s either empty or contains one object, which contains the same things as the old two properties did, but under more correct names:
- ```js
- {
- // …
+ ```js
+ {
+ // …
- // Deprecated.
- "rule": "||example.com^",
- // Deprecated.
- "filter_id": 42,
- // Newly-added.
- "rules": [{
- "text": "||example.com^",
- "filter_list_id": 42
- }]
- }
- ```
+ // Deprecated.
+ "rule": "||example.com^",
+ // Deprecated.
+ "filter_id": 42,
+ // Newly-added.
+ "rules": [{
+ "text": "||example.com^",
+ "filter_list_id": 42
+ }]
+ }
+ ```
- For `$dnsrewrite` rules, they contain all rules that contributed to the
- result. For example, if you have the following filtering rules:
+ For `$dnsrewrite` rules, they contain all rules that contributed to the result. For example, if you have the following filtering rules:
- ```
- ||example.com^$dnsrewrite=127.0.0.1
- ||example.com^$dnsrewrite=127.0.0.2
- ```
+ ```adblock
+ ||example.com^$dnsrewrite=127.0.0.1
+ ||example.com^$dnsrewrite=127.0.0.2
+ ```
The `"rules"` will be something like:
- ```js
- {
- // …
+ ```js
+ {
+ // …
- "rules": [{
- "text": "||example.com^$dnsrewrite=127.0.0.1",
- "filter_list_id": 0
- }, {
- "text": "||example.com^$dnsrewrite=127.0.0.2",
- "filter_list_id": 0
- }]
- }
- ```
+ "rules": [{
+ "text": "||example.com^$dnsrewrite=127.0.0.1",
+ "filter_list_id": 0
+ }, {
+ "text": "||example.com^$dnsrewrite=127.0.0.2",
+ "filter_list_id": 0
+ }]
+ }
+ ```
The old fields will be removed in v0.106.0.
-As well as other documentation fixes.
+ As well as other documentation fixes.
[Identifying clients]: https://github.com/AdguardTeam/AdGuardHome/wiki/Clients#idclient
@@ -784,196 +666,179 @@ As well as other documentation fixes.
### API: replace settings in GET /control/dns_info & POST /control/dns_config
-* added "upstream_mode"
+- Added `"upstream_mode"`:
- "upstream_mode": "" | "parallel" | "fastest_addr"
-
-* removed "fastest_addr", "parallel_requests"
+ ```none
+ "upstream_mode": "" | "parallel" | "fastest_addr"
+ ```
+- Removed `"fastest_addr"`, `"parallel_requests"`.
### API: Get querylog: GET /control/querylog
-* Added optional "offset" and "limit" parameters
-
-We are still using "older_than" approach in AdGuard Home UI, but we realize that it's easier to use offset/limit so here is this option now.
+- Added optional "offset" and "limit" parameters.
+ We are still using "older_than" approach in AdGuard Home UI, but we realize that it’s easier to use offset/limit so here is this option now.
## v0.102: API changes
### API: Get general status: GET /control/status
-* Removed "upstream_dns", "bootstrap_dns", "all_servers" parameters
+- Removed `"upstream_dns"`, `"bootstrap_dns"`, `"all_servers"` parameters.
### API: Get DNS general settings: GET /control/dns_info
-* Added "parallel_requests", "upstream_dns", "bootstrap_dns" parameters
+- Added `"parallel_requests"`, `"upstream_dns"`, `"bootstrap_dns"` parameters or `GET /control/dns_info` API. An example of `200 OK` response:
-Request:
-
- GET /control/dns_info
-
-Response:
-
- 200 OK
-
- {
- "upstream_dns": ["tls://...", ...],
- "bootstrap_dns": ["1.2.3.4", ...],
-
- "protection_enabled": true | false,
- "ratelimit": 1234,
- "blocking_mode": "default" | "nxdomain" | "null_ip" | "custom_ip",
- "blocking_ipv4": "1.2.3.4",
- "blocking_ipv6": "1:2:3::4",
- "edns_cs_enabled": true | false,
- "dnssec_enabled": true | false
- "disable_ipv6": true | false,
- "fastest_addr": true | false, // use Fastest Address algorithm
- "parallel_requests": true | false, // send DNS requests to all upstream servers at once
- }
+ ```json
+ {
+ "upstream_dns": ["tls://...", ...],
+ "bootstrap_dns": ["1.2.3.4", ...],
+ "protection_enabled": true | false,
+ "ratelimit": 1234,
+ "blocking_mode": "default" | "nxdomain" | "null_ip" | "custom_ip",
+ "blocking_ipv4": "1.2.3.4",
+ "blocking_ipv6": "1:2:3::4",
+ "edns_cs_enabled": true | false,
+ "dnssec_enabled": true | false
+ "disable_ipv6": true | false,
+ "fastest_addr": true | false, // use Fastest Address algorithm
+ "parallel_requests": true | false, // send DNS requests to all upstream servers at once
+ }
+ ```
### API: Set DNS general settings: POST /control/dns_config
-* Added "parallel_requests", "upstream_dns", "bootstrap_dns" parameters
-* removed /control/set_upstreams_config method
+- Added `"parallel_requests"`, `"upstream_dns"`, `"bootstrap_dns"` parameters.
+- Removed `/control/set_upstreams_config` method.
-Request:
-
- POST /control/dns_config
-
- {
- "upstream_dns": ["tls://...", ...],
- "bootstrap_dns": ["1.2.3.4", ...],
-
- "protection_enabled": true | false,
- "ratelimit": 1234,
- "blocking_mode": "default" | "nxdomain" | "null_ip" | "custom_ip",
- "blocking_ipv4": "1.2.3.4",
- "blocking_ipv6": "1:2:3::4",
- "edns_cs_enabled": true | false,
- "dnssec_enabled": true | false
- "disable_ipv6": true | false,
- "fastest_addr": true | false, // use Fastest Address algorithm
- "parallel_requests": true | false, // send DNS requests to all upstream servers at once
- }
-
-Response:
-
- 200 OK
+Example of a `POST /control/dns_config` request:
+ ```json
+ {
+ "upstream_dns": ["tls://...", ...],
+ "bootstrap_dns": ["1.2.3.4", ...],
+ "protection_enabled": true | false,
+ "ratelimit": 1234,
+ "blocking_mode": "default" | "nxdomain" | "null_ip" | "custom_ip",
+ "blocking_ipv4": "1.2.3.4",
+ "blocking_ipv6": "1:2:3::4",
+ "edns_cs_enabled": true | false,
+ "dnssec_enabled": true | false
+ "disable_ipv6": true | false,
+ "fastest_addr": true | false, // use Fastest Address algorithm
+ "parallel_requests": true | false, // send DNS requests to all upstream servers at once
+ }
+ ```
## v0.101: API changes
### API: Refresh filters: POST /control/filtering/refresh
-* Added "whitelist" boolean parameter
-* Response is in JSON format
+- Added `"whitelist"` boolean parameter.
+- Response is in JSON format.
-Request:
+Example of a `POST /control/filtering/refresh` request and `200 OK` response:
- POST /control/filtering/refresh
-
- {
- "whitelist": true
- }
-
-Response:
-
- 200 OK
-
- {
- "updated": 123 // number of filters updated
- }
+ ```json
+ {
+ "whitelist": true
+ }
+ ```
+ ```json
+ {
+ "updated": 123 // number of filters updated
+ }
+ ```
## v0.100: API changes
### API: Get list of clients: GET /control/clients
-* "ip" and "mac" fields are removed
-* "ids" and "ip_addrs" fields are added
+- `"ip"` and `"mac"` fields are removed.
+- `"ids"` and `"ip_addrs"` fields are added.
-Response:
+Example of a `200 OK` response:
- 200 OK
-
- {
- clients: [
- {
- name: "client1"
- ids: ["...", ...] // IP or MAC
- ip_addrs: ["...", ...] // all IP addresses (set by user and resolved by MAC)
- use_global_settings: true
- filtering_enabled: false
- parental_enabled: false
- safebrowsing_enabled: false
- safesearch_enabled: false
- use_global_blocked_services: true
- blocked_services: [ "name1", ... ]
- whois_info: {
- key: "value"
- ...
- }
- }
- ]
- auto_clients: [
- {
- name: "host"
- ip: "..."
- source: "etc/hosts" || "rDNS"
- whois_info: {
- key: "value"
- ...
- }
- }
- ]
- }
+ ```json
+ {
+ "clients": [
+ {
+ "name": "client1",
+ "ids": ["...", /* ... */], // IP or MAC
+ "ip_addrs": ["...", /* ... */], // all IP addresses (set by user and resolved by MAC)
+ "use_global_settings": true,
+ "filtering_enabled": false,
+ "parental_enabled": false,
+ "safebrowsing_enabled": false,
+ "safesearch_enabled": false,
+ "use_global_blocked_services": true,
+ "blocked_services": [ "name1", /* ... */ ],
+ "whois_info": {
+ "key": "value",
+ // ...
+ }
+ }
+ ]
+ "auto_clients": [
+ {
+ "name": "host",
+ "ip": "...",
+ "source": "etc/hosts" || "rDNS",
+ "whois_info": {
+ "key": "value",
+ // ...
+ }
+ }
+ ]
+ }
+ ```
### API: Add client: POST /control/clients/add
-* "ip" and "mac" fields are removed
-* "ids" field is added
+- `"ip"` and `"mac"` fields are removed.
+- `"ids"` field is added.
-Request:
+Example of a `POST /control/clients/add` request:
- POST /control/clients/add
-
- {
- name: "client1"
- ids: ["...", ...] // IP or MAC
- use_global_settings: true
- filtering_enabled: false
- parental_enabled: false
- safebrowsing_enabled: false
- safesearch_enabled: false
- use_global_blocked_services: true
- blocked_services: [ "name1", ... ]
- }
+ ```json
+ {
+ "name": "client1",
+ "ids": ["...", /* ... */], // IP or MAC
+ "use_global_settings": true,
+ "filtering_enabled": false,
+ "parental_enabled": false,
+ "safebrowsing_enabled": false,
+ "safesearch_enabled": false,
+ "use_global_blocked_services": true,
+ "blocked_services": [ "name1", /* ... */ ]
+ }
+ ```
### API: Update client: POST /control/clients/update
-* "ip" and "mac" fields are removed
-* "ids" field is added
+- `"ip"` and `"mac"` fields are removed.
+- `"ids"` field is added.
-Request:
-
- POST /control/clients/update
-
- {
- name: "client1"
- data: {
- name: "client1"
- ids: ["...", ...] // IP or MAC
- use_global_settings: true
- filtering_enabled: false
- parental_enabled: false
- safebrowsing_enabled: false
- safesearch_enabled: false
- use_global_blocked_services: true
- blocked_services: [ "name1", ... ]
- }
- }
+Example of a `POST /control/clients/update` request:
+ ```json
+ {
+ "name": "client1",
+ "data": {
+ "name": "client1",
+ "ids": ["...", /* ... */], // IP or MAC
+ "use_global_settings": true,
+ "filtering_enabled": false,
+ "parental_enabled": false,
+ "safebrowsing_enabled": false,
+ "safesearch_enabled": false,
+ "use_global_blocked_services": true,
+ "blocked_services": [ "name1", /* ... */ ]
+ }
+ }
+ ```
## v0.99.3: API changes
@@ -981,204 +846,147 @@ Request:
The response data is now a JSON object, not an array.
-Response:
-
- 200 OK
-
- {
- "oldest":"2006-01-02T15:04:05.999999999Z07:00"
- "data":[
- {
- "answer":[
- {
- "ttl":10,
- "type":"AAAA",
- "value":"::"
- }
- ...
- ],
- "client":"127.0.0.1",
- "elapsedMs":"0.098403",
- "filterId":1,
- "question":{
- "class":"IN",
- "host":"doubleclick.net",
- "type":"AAAA"
- },
- "reason":"FilteredBlackList",
- "rule":"||doubleclick.net^",
- "status":"NOERROR",
- "time":"2006-01-02T15:04:05.999999999Z07:00"
- }
- ...
- ]
- }
+Example of a `200 OK` response:
+ ```json
+ {
+ "oldest": "2006-01-02T15:04:05.999999999Z07:00",
+ "data": [
+ {
+ "answer": [
+ {
+ "ttl": 10,
+ "type": "AAAA",
+ "value": "::"
+ }
+ ],
+ "client": "127.0.0.1",
+ "elapsedMs":"0.098403",
+ "filterId":1,
+ "question": {
+ "class":"IN",
+ "host":"doubleclick.net",
+ "type":"AAAA"
+ },
+ "reason":"FilteredBlackList",
+ "rule":"||doubleclick.net^",
+ "status":"NOERROR",
+ "time":"2006-01-02T15:04:05.999999999Z07:00"
+ }
+ // ...
+ ]
+ }
+ ```
## v0.99.1: API changes
### API: Get current user info: GET /control/profile
-Request:
-
- GET /control/profile
-
-Response:
-
- 200 OK
-
- {
- "name":"..."
- }
+Example of a `200 OK` response:
+ ```json
+ {
+ "name": "..."
+ }
+ ```
### Set DNS general settings: POST /control/dns_config
-Replaces these API methods:
-
- POST /control/enable_protection
- POST /control/disable_protection
-
-Request:
-
- POST /control/dns_config
-
- {
- "protection_enabled": true | false,
- "ratelimit": 1234,
- "blocking_mode": "nxdomain" | "null_ip" | "custom_ip",
- "blocking_ipv4": "1.2.3.4",
- "blocking_ipv6": "1:2:3::4",
- }
-
-Response:
-
- 200 OK
+Replaces the `POST /control/enable_protection` and `POST /control/disable_protection` API methods. Example of a `POST /control/dns_config` request:
+ ```json
+ {
+ "protection_enabled": true | false,
+ "ratelimit": 1234,
+ "blocking_mode": "nxdomain" | "null_ip" | "custom_ip",
+ "blocking_ipv4": "1.2.3.4",
+ "blocking_ipv6": "1:2:3::4",
+ }
+ ```
## v0.99: incompatible API changes
-* A note about web user authentication
-* Set filtering parameters: POST /control/filtering/config
-* Set filter parameters: POST /control/filtering/set_url
-* Set querylog parameters: POST /control/querylog_config
-* Get statistics data: GET /control/stats
-
+- A note about web user authentication.
+- Set filtering parameters: `POST /control/filtering/config`.
+- Set filter parameters: `POST /control/filtering/set_url`.
+- Set querylog parameters: `POST /control/querylog_config`.
+- Get statistics data: `GET /control/stats`.
### A note about web user authentication
-If AdGuard Home's web user is password-protected, a web client must use authentication mechanism when sending requests to server. Basic access authentication is the most simple method - a client must pass `Authorization` HTTP header along with all requests:
+If AdGuard Home’s web user is password-protected, a web client must use authentication mechanism when sending requests to server. Basic access authentication is the most simple method - a client must pass `Authorization` HTTP header along with all requests:
- Authorization: Basic BASE64_DATA
-
-where BASE64_DATA is base64-encoded data for `username:password` string.
+ ```http
+ Authorization: Basic BASE64_DATA
+ ```
+where `BASE64_DATA` is base64-encoded data for `username:password` string.
### Set filtering parameters: POST /control/filtering/config
-Replaces these API methods:
-
- POST /control/filtering/enable
- POST /control/filtering/disable
-
-Request:
-
- POST /control/filtering_config
-
- {
- "enabled": true | false
- "interval": 0 | 1 | 12 | 1*24 | 3*24 | 7*24
- }
-
-Response:
-
- 200 OK
+Replaces the `POST /control/filtering/enable` and `POST /control/filtering/disable` API methods. Example of a `POST /control/filtering/config` request:
+ ```json
+ {
+ "enabled": true | false,
+ "interval": 0 | 1 | 12 | 1*24 | 3*24 | 7*24
+ }
+ ```
### Set filter parameters: POST /control/filtering/set_url
-Replaces these API methods:
+Replaces the `POST /control/filtering/enable_url` and `POST /control/filtering/disable_url` API methods.
- POST /control/filtering/enable_url
- POST /control/filtering/disable_url
-
-Request:
-
- POST /control/filtering/set_url
-
- {
- "url": "..."
- "enabled": true | false
- }
-
-Response:
-
- 200 OK
+Example of a `POST /control/filtering/set_url` request:
+ ```json
+ {
+ "url": "...",
+ "enabled": true | false
+ }
+ ```
### Set querylog parameters: POST /control/querylog_config
-Replaces these API methods:
+Replaces the `POST /querylog_enable` and `POST /querylog_disable` API methods.
- POST /querylog_enable
- POST /querylog_disable
-
-Request:
-
- POST /control/querylog_config
-
- {
- "enabled": true | false
- "interval": 1 | 7 | 30 | 90
- }
-
-Response:
-
- 200 OK
+Example of a `POST /control/querylog_config` request:
+ ```json
+ {
+ "enabled": true | false,
+ "interval": 0 | 1 | 12 | 1*24 | 3*24 | 7*24
+ }
+ ```
### Get statistics data: GET /control/stats
-Replaces these API methods:
+Replaces the `GET /control/stats_top` and `GET /control/stats_history` API methods. Example of a `200 OK` response:
- GET /control/stats_top
- GET /control/stats_history
-
-Request:
-
- GET /control/stats
-
-Response:
-
- 200 OK
-
- {
- time_units: hours | days
-
- // total counters:
- num_dns_queries: 123
- num_blocked_filtering: 123
- num_replaced_safebrowsing: 123
- num_replaced_safesearch: 123
- num_replaced_parental: 123
- avg_processing_time: 123.123
-
- // per time unit counters
- dns_queries: [123, ...]
- blocked_filtering: [123, ...]
- replaced_parental: [123, ...]
- replaced_safebrowsing: [123, ...]
-
- top_queried_domains: [
- {host: 123},
- ...
- ]
- top_blocked_domains: [
- {host: 123},
- ...
- ]
- top_clients: [
- {IP: 123},
- ...
- ]
- }
+ ```json
+ {
+ "time_units": "hours" | "days",
+ "num_dns_queries": 123,
+ "num_blocked_filtering": 123,
+ "num_replaced_safebrowsing": 123,
+ "num_replaced_safesearch": 123,
+ "num_replaced_parental": 123,
+ "avg_processing_time": 123.123,
+ "dns_queries": [123, ...],
+ "blocked_filtering": [123, ...],
+ "replaced_parental": [123, ...],
+ "replaced_safebrowsing": [123, ...],
+ "top_queried_domains": [
+ {"host": 123},
+ ...
+ ],
+ "top_blocked_domains": [
+ {"host": 123},
+ ...
+ ],
+ "top_clients": [
+ {"IP": 123},
+ ...
+ ]
+ }
+ ```
diff --git a/openapi/README.md b/openapi/README.md
index 387bfb0e..c6e05700 100644
--- a/openapi/README.md
+++ b/openapi/README.md
@@ -1,35 +1,27 @@
# AdGuard Home OpenAPI
-We are using
-[OpenAPI specification](https://swagger.io/docs/specification/about/)
-to generate AdGuard Home API specification.
+We are using [OpenAPI specification](https://swagger.io/docs/specification/about/) to generate AdGuard Home API specification.
-## How To Edit The API Spec
+## How to edit the API spec
-The easiest way would be to use
-[Swagger Editor](http://editor.swagger.io/)
-and just copy/paste the YAML file there.
+The easiest way would be to use [Swagger Editor](http://editor.swagger.io/) and just copy/paste the YAML file there.
-## How To Read The API Doc
+## How to read the API doc
1. `yarn install`
2. `yarn start`
-3. Open `http://localhost:4000/`
+3. open `http://localhost:4000/`
## Changelog
-[Here](CHANGELOG.md) we keep track of all non-compatible changes that are being
-made.
+[Here](CHANGELOG.md) we keep track of all non-compatible changes that are being made.
## Authentication
-If AdGuard Home's web user is password-protected, a web client must use
-authentication mechanism when sending requests to server. Basic access
-authentication is the most simple method - a client must pass `Authorization`
-HTTP header along with all requests:
+If AdGuard Home’s web user is password-protected, a web client must use authentication mechanism when sending requests to server. Basic access authentication is the most simple method: a client must pass `Authorization` HTTP header along with all requests:
```http
Authorization: Basic BASE64_DATA
```
-Where BASE64_DATA is base64-encoded data for `username:password` string.
+Where `BASE64_DATA` is base64-encoded data for `username:password` string.
diff --git a/openapi/openapi.yaml b/openapi/openapi.yaml
index 32c691d1..cbc07a68 100644
--- a/openapi/openapi.yaml
+++ b/openapi/openapi.yaml
@@ -934,6 +934,9 @@
'description': 'OK.'
'/clients/find':
'get':
+ 'deprecated': true
+ 'description': >
+ Deprecated: Use `POST /clients/search` instead.
'tags':
- 'clients'
'operationId': 'clientsFind'
@@ -957,6 +960,26 @@
'application/json':
'schema':
'$ref': '#/components/schemas/ClientsFindResponse'
+ '/clients/search':
+ 'post':
+ 'tags':
+ - 'clients'
+ 'operationId': 'clientsSearch'
+ 'summary': >
+ Get information about clients by their IP addresses, CIDRs, MAC addresses, or ClientIDs.
+ 'requestBody':
+ 'content':
+ 'application/json':
+ 'schema':
+ '$ref': '#/components/schemas/ClientsSearchRequest'
+ 'required': true
+ 'responses':
+ '200':
+ 'description': 'OK.'
+ 'content':
+ 'application/json':
+ 'schema':
+ '$ref': '#/components/schemas/ClientsFindResponse'
'/access/list':
'get':
'operationId': 'accessList'
@@ -2478,9 +2501,11 @@
'description': 'Network interface info'
'required':
- 'flags'
+ - 'gateway_ip'
- 'hardware_address'
+ - 'ipv4_addresses'
+ - 'ipv6_addresses'
- 'name'
- - 'mtu'
'properties':
'flags':
'type': 'string'
@@ -2489,18 +2514,28 @@
the "|" character: "up", "broadcast", "loopback", "pointtopoint" and
"multicast".
'example': 'up|broadcast|multicast'
+ 'gateway_ip':
+ 'type': 'string'
+ 'description': 'The IP address of the gateway.'
+ 'example': '192.0.2.0'
'hardware_address':
'type': 'string'
'example': '52:54:00:11:09:ba'
+ 'ipv4_addresses':
+ 'type': 'array'
+ 'description': >
+ The addresses of the interface of v4 family.
+ 'items':
+ 'type': 'string'
+ 'ipv6_addresses':
+ 'type': 'array'
+ 'description': >
+ The addresses of the interface of v6 family.
+ 'items':
+ 'type': 'string'
'name':
'type': 'string'
'example': 'eth0'
- 'ip_addresses':
- 'type': 'array'
- 'items':
- 'type': 'string'
- 'mtu':
- 'type': 'integer'
'AddressInfo':
'type': 'object'
'description': 'Port information'
@@ -2749,6 +2784,20 @@
'properties':
'name':
'type': 'string'
+ 'ClientsSearchRequest':
+ 'type': 'object'
+ 'description': 'Client search request'
+ 'properties':
+ 'clients':
+ 'type': 'array'
+ 'items':
+ '$ref': '#/components/schemas/ClientsSearchRequestItem'
+ 'ClientsSearchRequestItem':
+ 'type': 'object'
+ 'properties':
+ 'id':
+ 'type': 'string'
+ 'description': 'Client IP address, CIDR, MAC address, or ClientID'
'ClientsFindResponse':
'type': 'array'
'description': 'Client search results.'
diff --git a/scripts/README.md b/scripts/README.md
index 4835fcb2..6b835b7b 100644
--- a/scripts/README.md
+++ b/scripts/README.md
@@ -1,96 +1,72 @@
- # AdGuard Home Scripts
+# AdGuard Home scripts
-## `hooks/`: Git Hooks
+## `hooks/`: Git hooks
- ### Usage
+### Usage
Run `make init` from the project root.
+## `querylog/`: Query Log Helpers
+### Usage
-## `querylog/`: Query Log Helpers
+- `npm install`: install dependencies. Run this first.
- ### Usage
+- `npm run anonymize `: read the query log from the `` and write anonymized version to ``.
- * `npm install`: install dependencies. Run this first.
- * `npm run anonymize `: read the query log from the ``
- and write anonymized version to ``.
+## `make/`: Makefile scripts
+The release channels are: `development` (the default), `edge`, `beta`, and `release`. If verbosity levels aren’t documented here, there are only two: `0`, don’t print anything, and `1`, be verbose.
-
-## `make/`: Makefile scripts
-
-The release channels are: `development` (the default), `edge`, `beta`, and
-`release`. If verbosity levels aren't documented here, there are only two: `0`,
-don't print anything, and `1`, be verbose.
-
-
-
- ### `build-docker.sh`: Build a multi-architecture Docker image
+### `build-docker.sh`: Build a multi-architecture Docker image
Required environment:
- * `CHANNEL`: release channel, see above.
+- `CHANNEL`: release channel, see above.
- * `DIST_DIR`: the directory where a release has previously been built.
+- `DIST_DIR`: the directory where a release has previously been built.
- * `REVISION`: current Git revision.
+- `REVISION`: current Git revision.
- * `VERSION`: release version.
+- `VERSION`: release version.
Optional environment:
- * `DOCKER_IMAGE_NAME`: the name of the resulting Docker container. By default
- it's `adguardhome-dev`.
+- `DOCKER_IMAGE_NAME`: the name of the resulting Docker container. By default it’s `adguardhome-dev`.
- * `DOCKER_OUTPUT`: the `--output` parameters. By default they are
- `type=image,name=${DOCKER_IMAGE_NAME},push=false`.
+- `DOCKER_OUTPUT`: the `--output` parameters. By default they are `type=image,name=${DOCKER_IMAGE_NAME},push=false`.
- * `SUDO`: allow users to use `sudo` or `doas` with `docker`. By default none
- is used.
+- `SUDO`: allow users to use `sudo` or `doas` with `docker`. By default none is used.
-
-
- ### `build-release.sh`: Build a release for all platforms
+### `build-release.sh`: Build a release for all platforms
Required environment:
- * `CHANNEL`: release channel, see above.
+- `CHANNEL`: release channel, see above.
- * `GPG_KEY` and `GPG_KEY_PASSPHRASE`: data for `gpg`. Only required if `SIGN`
- is `1`.
+- `GPG_KEY` and `GPG_KEY_PASSPHRASE`: data for `gpg`. Only required if `SIGN` is `1`.
Optional environment:
- * `ARCH` and `OS`: space-separated list of architectures and operating systems
- for which to build a release. For example, to build only for 64-bit ARM and
- AMD on Linux and Darwin:
+- `ARCH` and `OS`: space-separated list of architectures and operating systems for which to build a release. For example, to build only for 64-bit ARM and AMD on Linux and Darwin:
```sh
make ARCH='amd64 arm64' OS='darwin linux' … build-release
```
+
The default value is `''`, which means build everything.
- * `DIST_DIR`: the directory to build a release into. The default value is
- `dist`.
+- `DIST_DIR`: the directory to build a release into. The default value is `dist`.
- * `GO`: set an alternative name for the Go compiler.
+- `GO`: set an alternative name for the Go compiler.
- * `SIGN`: `0` to not sign the resulting packages, `1` to sign. The default
- value is `1`.
+- `SIGN`: `0` to not sign the resulting packages, `1` to sign. The default value is `1`.
- * `VERBOSE`: `1` to be verbose, `2` to also print environment. This script
- calls `go-build.sh` with the verbosity level one level lower, so to get
- verbosity level `2` in `go-build.sh`, set this to `3` when calling
- `build-release.sh`.
+- `VERBOSE`: `1` to be verbose, `2` to also print environment. This script calls `go-build.sh` with the verbosity level one level lower, so to get verbosity level `2` in `go-build.sh`, set this to `3` when calling `build-release.sh`.
- * `VERSION`: release version. Will be set by `version.sh` if it is unset or
- if it has the default `Makefile` value of `v0.0.0`.
+- `VERSION`: release version. Will be set by `version.sh` if it is unset or if it has the default `Makefile` value of `v0.0.0`.
-We're using Go's [forward compatibility mechanism][go-toolchain] for updating
-the Go version. This means that if your `go` version is 1.21+ but is different
-from the one required by AdGuard Home, the `go` tool will automatically download
-the required version.
+We’re using Go’s [forward compatibility mechanism][go-toolchain] for updating the Go version. This means that if your `go` version is 1.21+ but is different from the one required by AdGuard Home, the `go` tool will automatically download the required version.
If you want to use the version installed on your builder, run:
@@ -103,220 +79,164 @@ and call `make` with `GOTOOLCHAIN=local`.
[go-toolchain]: https://go.dev/blog/toolchain
-
-
- ### `go-bench.sh`: Run backend benchmarks
+### `go-bench.sh`: Run backend benchmarks
Optional environment:
- * `GO`: set an alternative name for the Go compiler.
+- `GO`: set an alternative name for the Go compiler.
- * `TIMEOUT_FLAGS`: set timeout flags for tests. The default value is
- `--timeout=30s`.
+- `TIMEOUT_FLAGS`: set timeout flags for tests. The default value is `--timeout=30s`.
- * `VERBOSE`: verbosity level. `1` shows every command that is run and every
- Go package that is processed. `2` also shows subcommands and environment.
- The default value is `0`, don't be verbose.
+- `VERBOSE`: verbosity level. `1` shows every command that is run and every Go package that is processed. `2` also shows subcommands and environment. The default value is `0`, don’t be verbose.
-
-
- ### `go-build.sh`: Build the backend
+### `go-build.sh`: Build the backend
Optional environment:
- * `GOAMD64`: architectural level for [AMD64][amd64]. The default value is
- `v1`.
+- `GOAMD64`: architectural level for [AMD64][amd64]. The default value is `v1`.
- * `GOARM`: ARM processor options for the Go compiler.
+- `GOARM`: ARM processor options for the Go compiler.
- * `GOMIPS`: ARM processor options for the Go compiler.
+- `GOMIPS`: ARM processor options for the Go compiler.
- * `GO`: set an alternative name for the Go compiler.
+- `GO`: set an alternative name for the Go compiler.
- * `OUT`: output binary name.
+- `OUT`: output binary name.
- * `PARALLELISM`: set the maximum number of concurrently run build commands
- (that is, compiler, linker, etc.).
+- `PARALLELISM`: set the maximum number of concurrently run build commands (that is, compiler, linker, etc.).
- * `SOURCE_DATE_EPOCH`: the [standardized][repr] environment variable for the
- Unix epoch time of the latest commit in the repository. If set, overrides
- the default obtained from Git. Useful for reproducible builds.
+- `SOURCE_DATE_EPOCH`: the [standardized][repr] environment variable for the Unix epoch time of the latest commit in the repository. If set, overrides the default obtained from Git. Useful for reproducible builds.
- * `VERBOSE`: verbosity level. `1` shows every command that is run and every
- Go package that is processed. `2` also shows subcommands and environment.
- The default value is `0`, don't be verbose.
+- `VERBOSE`: verbosity level. `1` shows every command that is run and every Go package that is processed. `2` also shows subcommands and environment. The default value is `0`, don’t be verbose.
- * `VERSION`: release version. Will be set by `version.sh` if it is unset or
- if it has the default `Makefile` value of `v0.0.0`.
+- `VERSION`: release version. Will be set by `version.sh` if it is unset or if it has the default `Makefile` value of `v0.0.0`.
Required environment:
- * `CHANNEL`: release channel, see above.
+- `CHANNEL`: release channel, see above.
[amd64]: https://github.com/golang/go/wiki/MinimumRequirements#amd64
[repr]: https://reproducible-builds.org/docs/source-date-epoch/
-
-
- ### `go-deps.sh`: Install backend dependencies
+### `go-deps.sh`: Install backend dependencies
Optional environment:
- * `GO`: set an alternative name for the Go compiler.
+- `GO`: set an alternative name for the Go compiler.
- * `VERBOSE`: verbosity level. `1` shows every command that is run and every
- Go package that is processed. `2` also shows subcommands and environment.
- The default value is `0`, don't be verbose.
+- `VERBOSE`: verbosity level. `1` shows every command that is run and every Go package that is processed. `2` also shows subcommands and environment. The default value is `0`, don’t be verbose.
-
-
- ### `go-fuzz.sh`: Run backend fuzz tests
+### `go-fuzz.sh`: Run backend fuzz tests
Optional environment:
- * `GO`: set an alternative name for the Go compiler.
+- `GO`: set an alternative name for the Go compiler.
- * `FUZZTIME_FLAGS`: set fuss flags for tests. The default value is
- `--fuzztime=20s`.
+- `FUZZTIME_FLAGS`: set fuss flags for tests. The default value is `--fuzztime=20s`.
- * `TIMEOUT_FLAGS`: set timeout flags for tests. The default value is
- `--timeout=30s`.
+- `TIMEOUT_FLAGS`: set timeout flags for tests. The default value is `--timeout=30s`.
- * `VERBOSE`: verbosity level. `1` shows every command that is run and every
- Go package that is processed. `2` also shows subcommands and environment.
- The default value is `0`, don't be verbose.
+- `VERBOSE`: verbosity level. `1` shows every command that is run and every Go package that is processed. `2` also shows subcommands and environment. The default value is `0`, don’t be verbose.
+### `go-lint.sh`: Run backend static analyzers
-
- ### `go-lint.sh`: Run backend static analyzers
-
-Don't forget to run `make go-tools` once first!
+Don’t forget to run `make go-tools` once first!
Optional environment:
- * `EXIT_ON_ERROR`: if set to `0`, don't exit the script after the first
- encountered error. The default value is `1`.
+- `EXIT_ON_ERROR`: if set to `0`, don’t exit the script after the first encountered error. The default value is `1`.
- * `GO`: set an alternative name for the Go compiler.
+- `GO`: set an alternative name for the Go compiler.
- * `VERBOSE`: verbosity level. `1` shows every command that is run. `2` also
- shows subcommands. The default value is `0`, don't be verbose.
+- `VERBOSE`: verbosity level. `1` shows every command that is run. `2` also shows subcommands. The default value is `0`, don’t be verbose.
-
-
- ### `go-test.sh`: Run backend tests
+### `go-test.sh`: Run backend tests
Optional environment:
- * `GO`: set an alternative name for the Go compiler.
+- `GO`: set an alternative name for the Go compiler.
- * `RACE`: set to `0` to not use the Go race detector. The default value is
- `1`, use the race detector.
+- `RACE`: set to `0` to not use the Go race detector. The default value is `1`, use the race detector.
- * `TIMEOUT_FLAGS`: set timeout flags for tests. The default value is
- `--timeout=30s`.
+- `TIMEOUT_FLAGS`: set timeout flags for tests. The default value is `--timeout=30s`.
- * `VERBOSE`: verbosity level. `1` shows every command that is run and every
- Go package that is processed. `2` also shows subcommands. The default
- value is `0`, don't be verbose.
+- `VERBOSE`: verbosity level. `1` shows every command that is run and every Go package that is processed. `2` also shows subcommands. The default value is `0`, don’t be verbose.
+### `go-tools.sh`: Install backend tooling
-
- ### `go-tools.sh`: Install backend tooling
-
-Installs the Go static analysis and other tools into `${PWD}/bin`. Either add
-`${PWD}/bin` to your `$PATH` before all other entries, or use the commands
-directly, or use the commands through `make` (for example, `make go-lint`).
+Installs the Go static analysis and other tools into `${PWD}/bin`. Either add `${PWD}/bin` to your `$PATH` before all other entries, or use the commands directly, or use the commands through `make` (for example, `make go-lint`).
Optional environment:
- * `GO`: set an alternative name for the Go compiler.
+- `GO`: set an alternative name for the Go compiler.
-
-
- ### `version.sh`: Generate And Print The Current Version
+### `version.sh`: Generate And Print The Current Version
Required environment:
- * `CHANNEL`: release channel, see above.
+- `CHANNEL`: release channel, see above.
+## `snap/`: Snapcraft scripts
-
-## `snap/`: Snapcraft scripts
-
- ### `build.sh`
+### `build.sh`
Builds the Snapcraft packages from the binaries created by `download.sh`.
- ### `download.sh`
+### `download.sh`
Downloads the binaries to pack them into Snapcraft packages.
Required environment:
- * `CHANNEL`: release channel, see above.
+- `CHANNEL`: release channel, see above.
- ### `upload.sh`
+### `upload.sh`
Uploads the Snapcraft packages created by `build.sh`.
Required environment:
- * `SNAPCRAFT_CHANNEL`: Snapcraft release channel: `edge`, `beta`, or
- `candidate`.
+- `SNAPCRAFT_CHANNEL`: Snapcraft release channel: `edge`, `beta`, or `candidate`.
- * `SNAPCRAFT_STORE_CREDENTIALS`: Credentials for Snapcraft store.
+- `SNAPCRAFT_STORE_CREDENTIALS`: Credentials for Snapcraft store.
Optional environment:
- * `SNAPCRAFT_CMD`: Overrides the Snapcraft command. Default: `snapcraft`.
+- `SNAPCRAFT_CMD`: Overrides the Snapcraft command. Default: `snapcraft`.
+## `translations/`: Twosky Integration Script
+### Usage
-## `translations/`: Twosky Integration Script
+- `go run ./scripts/translations help`: print usage.
- ### Usage
+- `go run ./scripts/translations download [-n ]`: download and save all translations. `n` is optional flag where count is a number of concurrent downloads.
- * `go run ./scripts/translations help`: print usage.
+- `go run ./scripts/translations upload`: upload the base `en` locale.
- * `go run ./scripts/translations download [-n ]`: download and save
- all translations. `n` is optional flag where count is a number of
- concurrent downloads.
+- `go run ./scripts/translations summary`: show the current locales summary.
- * `go run ./scripts/translations upload`: upload the base `en` locale.
+- `go run ./scripts/translations unused`: show the list of unused strings.
- * `go run ./scripts/translations summary`: show the current locales summary.
+- `go run ./scripts/translations auto-add`: add locales with additions to the git and restore locales with deletions.
- * `go run ./scripts/translations unused`: show the list of unused strings.
-
- * `go run ./scripts/translations auto-add`: add locales with additions to the
- git and restore locales with deletions.
-
-After the download you'll find the output locales in the `client/src/__locales/`
-directory.
+After the download you’ll find the output locales in the `client/src/__locales/` directory.
Optional environment:
- * `DOWNLOAD_LANGUAGES`: set a list of specific languages to `download`. For
- example `ar be bg`. If it set to `blocker` then script will download only
- those languages, which need to be fully translated (`de en es fr it ja ko
- pt-br pt-pt ru zh-cn zh-tw`).
+- `DOWNLOAD_LANGUAGES`: set a list of specific languages to `download`. For example `ar be bg`. If it set to `blocker` then script will download only those languages, which need to be fully translated (`de en es fr it ja ko pt-br pt-pt ru zh-cn zh-tw`).
- * `UPLOAD_LANGUAGE`: set an alternative language for `upload`.
+- `UPLOAD_LANGUAGE`: set an alternative language for `upload`.
- * `TWOSKY_URI`: set an alternative URL for `download` or `upload`.
+- `TWOSKY_URI`: set an alternative URL for `download` or `upload`.
- * `TWOSKY_PROJECT_ID`: set an alternative project ID for `download` or
- `upload`.
+- `TWOSKY_PROJECT_ID`: set an alternative project ID for `download` or `upload`.
+## `companiesdb/`: Whotracks.me database converter
+A simple script that downloads and updates the companies DB in the `client` code from [the repo][companiesrepo].
-## `companiesdb/`: Whotracks.me Database Converter
-
-A simple script that downloads and updates the companies DB in the `client`
-code from [the repo][companiesrepo].
-
- ### Usage
+### Usage
```sh
sh ./scripts/companiesdb/download.sh
@@ -324,19 +244,15 @@ sh ./scripts/companiesdb/download.sh
[companiesrepo]: https://github.com/AdguardTeam/companiesdb
+## `blocked-services/`: Blocked-services updater
-
-## `blocked-services/`: Blocked Services Updater
-
-A simple script that downloads and updates the blocked services index from
-AdGuard's [Hostlists Registry][reg].
+A simple script that downloads and updates the blocked services index from AdGuard’s [Hostlists Registry][reg].
Optional environment:
- * `URL`: the URL of the index file. By default it's
- `https://adguardteam.github.io/HostlistsRegistry/assets/services.json`.
+- `URL`: the URL of the index file. By default it’s `https://adguardteam.github.io/HostlistsRegistry/assets/services.json`.
- ### Usage
+### Usage
```sh
go run ./scripts/blocked-services/main.go
@@ -344,19 +260,15 @@ go run ./scripts/blocked-services/main.go
[reg]: https://github.com/AdguardTeam/HostlistsRegistry
+## `vetted-filters/`: Vetted-filters updater
-
-## `vetted-filters/`: Vetted Filters Updater
-
-Similar to the one above, a script that downloads and updates the vetted
-filtering list data from AdGuard's [Hostlists Registry][reg].
+Similar to the one above, a script that downloads and updates the vetted filtering list data from AdGuard’s [Hostlists Registry][reg].
Optional environment:
- * `URL`: the URL of the index file. By default it's
- `https://adguardteam.github.io/HostlistsRegistry/assets/filters.json`.
+- `URL`: the URL of the index file. By default it’s `https://adguardteam.github.io/HostlistsRegistry/assets/filters.json`.
- ### Usage
+### Usage
```sh
go run ./scripts/vetted-filters/main.go
diff --git a/scripts/make/go-build.sh b/scripts/make/go-build.sh
index 9a7459b4..f10cbfac 100644
--- a/scripts/make/go-build.sh
+++ b/scripts/make/go-build.sh
@@ -133,7 +133,14 @@ if [ "$verbose" -gt '0' ]; then
"$go" env
fi
+if [ "${COVER:-0}" -eq '1' ]; then
+ cover_flags='--cover=1'
+else
+ cover_flags='--cover=0'
+fi
+
"$go" build \
+ "$cover_flags" \
--ldflags="$ldflags" \
"$race_flags" \
"$tags_flags" \
diff --git a/scripts/make/go-lint.sh b/scripts/make/go-lint.sh
index 2eb60a2d..56569da3 100644
--- a/scripts/make/go-lint.sh
+++ b/scripts/make/go-lint.sh
@@ -223,6 +223,12 @@ run_linter ineffassign ./...
run_linter unparam ./...
find . \
+ '(' \
+ -name 'node_modules' \
+ -type 'd' \
+ -prune \
+ ')' \
+ -o \
-type 'f' \
'(' \
-name 'Makefile' \
diff --git a/scripts/make/md-lint.sh b/scripts/make/md-lint.sh
index e28623f0..a59e9c16 100644
--- a/scripts/make/md-lint.sh
+++ b/scripts/make/md-lint.sh
@@ -8,13 +8,21 @@
verbose="${VERBOSE:-0}"
readonly verbose
-set -e -f -u
+# Don't use -f, because we use globs in this script.
+set -e -u
if [ "$verbose" -gt '0' ]; then
set -x
fi
-# TODO(e.burkov): Lint markdown documents within this project.
-# markdownlint \
-# ./README.md \
-# ;
+# TODO(e.burkov): Add README.md and possibly AGHTechDoc.md.
+markdownlint \
+ ./CHANGELOG.md \
+ ./CONTRIBUTING.md \
+ ./HACKING.md \
+ ./SECURITY.md \
+ ./internal/next/changelog.md \
+ ./internal/dhcpd/*.md \
+ ./openapi/*.md \
+ ./scripts/*.md \
+ ;
diff --git a/scripts/translations/main.go b/scripts/translations/main.go
index c1f6a3cc..e8dc0473 100644
--- a/scripts/translations/main.go
+++ b/scripts/translations/main.go
@@ -22,6 +22,7 @@ import (
"github.com/AdguardTeam/AdGuardHome/internal/aghos"
"github.com/AdguardTeam/golibs/errors"
"github.com/AdguardTeam/golibs/logutil/slogutil"
+ "github.com/AdguardTeam/golibs/osutil"
)
const (
@@ -124,12 +125,12 @@ Commands:
if addStr != "" {
fmt.Printf("%s\n%s\n", addStr, usageStr)
- os.Exit(1)
+ os.Exit(osutil.ExitCodeFailure)
}
fmt.Println(usageStr)
- os.Exit(0)
+ os.Exit(osutil.ExitCodeSuccess)
}
// twoskyConfig is the configuration structure for localization.