all: imp chlog

Squashed commit of the following:

commit 284190f748345c7556e60b67f051ec5f6f080948
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Wed Dec 6 19:36:00 2023 +0300

    all: sync with master; upd chlog

.github/workflows/build.yml

@@ -1,7 +1,7 @@
 'name': 'build'
 
 'env':
-  'GO_VERSION': '1.23.5'
+  'GO_VERSION': '1.23.4'
   'NODE_VERSION': '16'
 
 'on':

.github/workflows/lint.yml

@@ -1,7 +1,7 @@
 'name': 'lint'
 
 'env':
-  'GO_VERSION': '1.23.5'
+  'GO_VERSION': '1.23.4'
 
 'on':
   'push':

.markdownlint.json

@@ -1,25 +0,0 @@
-{
-  "ul-indent": {
-    "indent": 4
-  },
-  "ul-style": {
-    "style": "dash"
-  },
-  "emphasis-style": {
-    "style": "asterisk"
-  },
-  "no-duplicate-heading": {
-    "siblings_only": true
-  },
-  "no-inline-html": {
-    "allowed_elements": [
-      "a"
-    ]
-  },
-  "no-trailing-spaces": {
-    "br_spaces": 0
-  },
-  "line-length": false,
-  "no-bare-urls": false,
-  "link-fragments": false
-}

Makefile

@@ -27,7 +27,7 @@ DIST_DIR = dist
 GOAMD64 = v1
 GOPROXY = https://proxy.golang.org|direct
 GOTELEMETRY = off
-GOTOOLCHAIN = go1.23.5
+GOTOOLCHAIN = go1.23.4
 GPG_KEY = devteam@adguard.com
 GPG_KEY_PASSPHRASE = not-a-real-password
 NPM = npm

bamboo-specs/release.yaml

@@ -8,7 +8,7 @@
 'variables':
     'channel': 'edge'
     'dockerFrontend': 'adguard/home-js-builder:2.0'
-    'dockerGo': 'adguard/go-builder:1.23.5--1'
+    'dockerGo': 'adguard/go-builder:1.23.4--1'
 
 'stages':
   - 'Build frontend':
@@ -278,7 +278,7 @@
         'variables':
             'channel': 'beta'
             'dockerFrontend': 'adguard/home-js-builder:2.0'
-            'dockerGo': 'adguard/go-builder:1.23.5--1'
+            'dockerGo': 'adguard/go-builder:1.23.4--1'
     # release-vX.Y.Z branches are the branches from which the actual final
     # release is built.
   - '^release-v[0-9]+\.[0-9]+\.[0-9]+':
@@ -294,4 +294,4 @@
         'variables':
             'channel': 'release'
             'dockerFrontend': 'adguard/home-js-builder:2.0'
-            'dockerGo': 'adguard/go-builder:1.23.5--1'
+            'dockerGo': 'adguard/go-builder:1.23.4--1'

bamboo-specs/test.yaml

@@ -6,7 +6,7 @@
     'name': 'AdGuard Home - Build and run tests'
 'variables':
     'dockerFrontend': 'adguard/home-js-builder:2.0'
-    'dockerGo': 'adguard/go-builder:1.23.5--1'
+    'dockerGo': 'adguard/go-builder:1.23.4--1'
     'channel': 'development'
 
 'stages':
@@ -196,5 +196,5 @@
         # may need to build a few of these.
         'variables':
             'dockerFrontend': 'adguard/home-js-builder:2.0'
-            'dockerGo': 'adguard/go-builder:1.23.5--1'
+            'dockerGo': 'adguard/go-builder:1.23.4--1'
             'channel': 'candidate'

client/src/__locales/nl.json

@@ -166,7 +166,7 @@
     "encryption_settings": "Encryptie instellingen",
     "dhcp_settings": "DHCP instellingen",
     "upstream_dns": "Upstream DNS-servers",
-    "upstream_dns_help": "Een server-adres per regel invoeren. <a>Meer informatie</a> over het configureren van upstream DNS-servers.",
+    "upstream_dns_help": "Een server-adres per regel invoeren. <a>Meer weten</a> over het configureren van upstream DNS-servers.",
     "upstream_dns_configured_in_file": "Geconfigureerd in {{path}}",
     "test_upstream_btn": "Test upstream",
     "upstreams": "Upstreams",

client/src/__locales/uk.json

@@ -20,7 +20,7 @@
     "resolve_clients_title": "Увімкнути зворотне вирішення IP-адрес клієнтів",
     "resolve_clients_desc": "Визначати доменні імена клієнтів за допомогою PTR-запитів до відповідних серверів — приватних DNS-серверів для локальних клієнтів та upstream-серверів для клієнтів з публічними IP-адресами.",
     "use_private_ptr_resolvers_title": "Використовувати приватні зворотні DNS-резолвери",
-    "use_private_ptr_resolvers_desc": "Розвʼязувати запити PTR, SOA та NS для доменів ARPA, що містять приватні IP-адреси, через приватні вихідні сервери, DHCP, /etc/hosts тощо. Якщо вимкнено, AdGuard Home відповідатиме на всі такі запити з NXDOMAIN.",
+    "use_private_ptr_resolvers_desc": "Надсилати зворотні DNS-запити до вказаних серверів для клієнтів, що обслуговуються локально. Якщо вимкнено, AdGuard Home буде відповідати NXDOMAIN на всі такі PTR-запити, окрім запитів про клієнтів, що уже відомі завдяки DHCP, /etc/hosts тощо.",
     "check_dhcp_servers": "Перевірити DHCP-сервери",
     "save_config": "Зберегти конфігурацію",
     "enabled_dhcp": "DHCP-сервер увімкнено",
@@ -343,10 +343,10 @@
     "known_tracker": "Відомі трекери",
     "install_welcome_title": "Вітаємо в AdGuard Home!",
     "install_welcome_desc": "AdGuard Home — це мережевий DNS-сервер, що блокує рекламу та відстеження. Його мета — надати вам контроль над усією мережею та всіма пристроями в ній без потреби використання програми на стороні клієнта.",
-    "install_settings_title": "Вебінтерфейс адміністратора",
+    "install_settings_title": "Веб-інтерфейс адміністратора",
     "install_settings_listen": "Мережевий інтерфейс",
     "install_settings_port": "Порт",
-    "install_settings_interface_link": "Вебінтерфейс адміністратора AdGuard Home буде доступний за такими адресами:",
+    "install_settings_interface_link": "Веб-інтерфейс адміністратора AdGuard Home буде доступний за такими адресами:",
     "form_error_port": "Уведіть правильне значення порту",
     "install_settings_dns": "DNS-сервер",
     "install_settings_dns_desc": "Вам потрібно буде налаштувати свої пристрої або маршрутизатор для використання DNS-сервера за такими адресами:",

client/src/__locales/zh-tw.json

@@ -20,7 +20,7 @@
     "resolve_clients_title": "啟用用戶端的 IP 位址之反向的解析",
     "resolve_clients_desc": "透過傳送指標（PTR）查詢到對應的解析器（私人 DNS 伺服器供區域的用戶端，上游的伺服器供有公共 IP 位址的用戶端），反向地解析用戶端的 IP 位址變為它們的主機名稱。",
     "use_private_ptr_resolvers_title": "使用私人反向的 DNS 解析器",
-    "use_private_ptr_resolvers_desc": "通過私人上游伺服器、DHCP、/etc/hosts 等等，對包含私人 IP 位址的 ARPA 網域解析 PTR、SOA 和 NS 請求。如果被禁用，AdGuard Home 將對所有此類的請求以 NXDOMAIN 回覆。",
+    "use_private_ptr_resolvers_desc": "使用私人上游伺服器、DHCP、/etc/hosts 等方式解析包含私人 IP 位址的 ARPA 網域的 PTR、SOA 和 NS 請求。如果禁用，AdGuard Home 將對所有此類請求以 NXDOMAIN 回應。",
     "check_dhcp_servers": "檢查動態主機設定協定（DHCP）伺服器",
     "save_config": "儲存配置",
     "enabled_dhcp": "動態主機設定協定（DHCP）伺服器被啟用",

client/src/actions/stats.ts

@@ -46,7 +46,7 @@ export const getStats = () => async (dispatch: any) => {
         const normalizedTopClients = normalizeTopStats(stats.top_clients);
 
         const clientsParams = getParamsForClientsSearch(normalizedTopClients, 'name');
-        const clients = await apiClient.searchClients(clientsParams);
+        const clients = await apiClient.findClients(clientsParams);
         const topClientsWithInfo = addClientInfo(normalizedTopClients, clients, 'name');
 
         const normalizedStats = {

client/src/api/Api.ts

@@ -415,7 +415,7 @@ class Api {
     // Per-client settings
     GET_CLIENTS = { path: 'clients', method: 'GET' };
 
-    SEARCH_CLIENTS = { path: 'clients/search', method: 'POST' };
+    FIND_CLIENTS = { path: 'clients/find', method: 'GET' };
 
     ADD_CLIENT = { path: 'clients/add', method: 'POST' };
 
@@ -453,12 +453,11 @@ class Api {
         return this.makeRequest(path, method, parameters);
     }
 
-    searchClients(config: any) {
-        const { path, method } = this.SEARCH_CLIENTS;
-        const parameters = {
-            data: config,
-        };
-        return this.makeRequest(path, method, parameters);
+    findClients(params: any) {
+        const { path, method } = this.FIND_CLIENTS;
+        const url = getPathWithQueryString(path, params);
+
+        return this.makeRequest(url, method);
     }
 
     // DNS access settings

client/src/components/Dashboard/Counters.tsx

@@ -23,7 +23,7 @@ interface RowProps {
 
 const Row = ({ label, count, response_status, tooltipTitle, translationComponents }: RowProps) => {
     const content = response_status ? (
-        <LogsSearchLink response_status={response_status}>{count}</LogsSearchLink>
+        <LogsSearchLink response_status={response_status}>{formatNumber(count)}</LogsSearchLink>
     ) : (
         count
     );
@@ -77,16 +77,16 @@ const Counters = ({ refreshButton, subtitle }: CountersProps) => {
             ? t('number_of_dns_query_hours', { count: msToHours(interval) })
             : t('number_of_dns_query_days', { count: msToDays(interval) });
 
-    const rows: RowProps[] = [
+    const rows = [
         {
             label: 'dns_query',
-            count: formatNumber(numDnsQueries),
+            count: numDnsQueries.toString(),
             tooltipTitle: dnsQueryTooltip,
             response_status: RESPONSE_FILTER.ALL.QUERY,
         },
         {
             label: 'blocked_by',
-            count: formatNumber(numBlockedFiltering),
+            count: numBlockedFiltering.toString(),
             tooltipTitle: 'number_of_dns_query_blocked_24_hours',
             response_status: RESPONSE_FILTER.BLOCKED.QUERY,
 
@@ -98,19 +98,19 @@ const Counters = ({ refreshButton, subtitle }: CountersProps) => {
         },
         {
             label: 'stats_malware_phishing',
-            count: formatNumber(numReplacedSafebrowsing),
+            count: numReplacedSafebrowsing.toString(),
             tooltipTitle: 'number_of_dns_query_blocked_24_hours_by_sec',
             response_status: RESPONSE_FILTER.BLOCKED_THREATS.QUERY,
         },
         {
             label: 'stats_adult',
-            count: formatNumber(numReplacedParental),
+            count: numReplacedParental.toString(),
             tooltipTitle: 'number_of_dns_query_blocked_24_hours_adult',
             response_status: RESPONSE_FILTER.BLOCKED_ADULT_WEBSITES.QUERY,
         },
         {
             label: 'enforced_save_search',
-            count: formatNumber(numReplacedSafesearch),
+            count: numReplacedSafesearch.toString(),
             tooltipTitle: 'number_of_dns_query_to_safe_search',
             response_status: RESPONSE_FILTER.SAFE_SEARCH.QUERY,
         },

client/src/components/Dashboard/UpstreamAvgTime.tsx

@@ -10,7 +10,6 @@ import Card from '../ui/Card';
 
 import DomainCell from './DomainCell';
 import { DASHBOARD_TABLES_DEFAULT_PAGE_SIZE, TABLES_MIN_ROWS } from '../../helpers/constants';
-import { formatNumber } from '../../helpers/helpers';
 
 interface TimeCellProps {
     value?: string | number;
@@ -21,7 +20,7 @@ const TimeCell = ({ value }: TimeCellProps) => {
         return '–';
     }
 
-    const valueInMilliseconds = formatNumber(round(Number(value) * 1000));
+    const valueInMilliseconds = round(Number(value) * 1000);
 
     return (
         <div className="logs__row o-hidden">

client/src/components/Dashboard/index.tsx

@@ -154,7 +154,7 @@ const Dashboard = ({
                         }}
                         disabled={processingProtection}>
                         {protectionDisabledDuration
-                            ? `${t('enable_protection_timer', { time: getRemaningTimeText(protectionDisabledDuration) })}`
+                            ? `${t('enable_protection_timer')} ${getRemaningTimeText(protectionDisabledDuration)}`
                             : getProtectionBtnText(protectionEnabled)}
                     </button>
 

client/src/components/Settings/Clients/ClientsTable/ClientsTable.tsx

@@ -306,7 +306,7 @@ const ClientsTable = ({
                     return content;
                 }
 
-                return <LogsSearchLink search={row.original.name}>{content}</LogsSearchLink>;
+                return <LogsSearchLink search={row.original.ids[0]}>{content}</LogsSearchLink>;
             },
         },
         {

client/src/helpers/helpers.tsx

@@ -451,10 +451,13 @@ export const getParamsForClientsSearch = (data: any, param: any, additionalParam
             clients.add(e[additionalParam]);
         }
     });
+    const params = {};
+    const ids = Array.from(clients.values());
+    ids.forEach((id, i) => {
+        params[`ip${i}`] = id;
+    });
 
-    return {
-        clients: Array.from(clients).map((id) => ({ id })),
-    };
+    return params;
 };
 
 /**
@@ -521,7 +524,7 @@ export const getObjDiff = (initialValues: any, values: any) =>
  * @param num {number} to format
  * @returns {string} Returns a string with a language-sensitive representation of this number
  */
-export const formatNumber = (num: number): string => {
+export const formatNumber = (num: any) => {
     const currentLanguage = i18n.languages[0] || DEFAULT_LANGUAGE;
     return num.toLocaleString(currentLanguage);
 };
@@ -670,16 +673,9 @@ export const countClientsStatistics = (ids: any, autoClients: any) => {
  * @param {function} t translate
  * @returns {string}
  */
-export const formatElapsedMs = (elapsedMs: string, t: (key: string) => string) => {
-    const parsedElapsedMs = parseInt(elapsedMs, 10);
-
-    if (Number.isNaN(parsedElapsedMs)) {
-        return elapsedMs;
-    }
-
-    const formattedMs = formatNumber(parsedElapsedMs);
-
-    return `${formattedMs} ${t('milliseconds_abbreviation')}`;
+export const formatElapsedMs = (elapsedMs: any, t: any) => {
+    const formattedElapsedMs = parseInt(elapsedMs, 10) || parseFloat(elapsedMs).toFixed(2);
+    return `${formattedElapsedMs} ${t('milliseconds_abbreviation')}`;
 };
 
 /**
@@ -761,9 +757,12 @@ type NestedObject = {
     order: number;
 };
 
-export const getObjectKeysSorted = <T extends Record<string, NestedObject>, K extends keyof NestedObject>(
+export const getObjectKeysSorted = <
+    T extends Record<string, NestedObject>,
+    K extends keyof NestedObject
+>(
     object: T,
-    sortKey: K,
+    sortKey: K
 ): string[] => {
     return Object.entries(object)
         .sort(([, a], [, b]) => (a[sortKey] as number) - (b[sortKey] as number))

client/src/helpers/trackers/trackers.json

@@ -1,5 +1,5 @@
 {
-	"timeUpdated": "2025-01-13T10:04:54.031Z",
+	"timeUpdated": "2024-12-03T12:12:08.316Z",
 	"categories": {
 		"0": "audio_video_player",
 		"1": "comments",
@@ -9772,13 +9772,6 @@
 			"url": "http://www.jetinteractive.com.au/",
 			"companyId": "jet_interactive"
 		},
-		"jetbrains": {
-			"name": "JetBrains",
-			"categoryId": 8,
-			"url": "https://www.jetbrains.com/",
-			"companyId": "jetbrains",
-			"source": "AdGuard"
-		},
 		"jetlore": {
 			"name": "Jetlore",
 			"categoryId": 6,
@@ -22417,7 +22410,6 @@
 		"adservice.google.pl": "google_marketing",
 		"adservice.google.ru": "google_marketing",
 		"adservice.google.vg": "google_marketing",
-		"adtrafficquality.google": "google_marketing",
 		"dai.google.com": "google_marketing",
 		"doubleclickbygoogle.com": "google_marketing",
 		"googlesyndication-cn.com": "google_marketing",
@@ -22771,22 +22763,6 @@
 		"jeeng.com": "jeeng",
 		"api.jeeng.com": "jeeng_widgets",
 		"phone-analytics.com": "jet_interactive",
-		"grazie.ai": "jetbrains",
-		"intellij.net": "jetbrains",
-		"jb.gg": "jetbrains",
-		"jetbrains.ai": "jetbrains",
-		"jetbrains.com": "jetbrains",
-		"jetbrains.com.cn": "jetbrains",
-		"jetbrains.dev": "jetbrains",
-		"jetbrains.net": "jetbrains",
-		"jetbrains.org": "jetbrains",
-		"jetbrains.ru": "jetbrains",
-		"jetbrains.space": "jetbrains",
-		"kotl.in": "jetbrains",
-		"kotlinconf.com": "jetbrains",
-		"kotlinlang.org": "jetbrains",
-		"myjetbrains.com": "jetbrains",
-		"talkingkotlin.com": "jetbrains",
 		"jetlore.com": "jetlore",
 		"pixel.wp.com": "jetpack",
 		"stats.wp.com": "jetpack",

go.mod

@@ -1,10 +1,10 @@
 module github.com/AdguardTeam/AdGuardHome
 
-go 1.23.5
+go 1.23.4
 
 require (
-	github.com/AdguardTeam/dnsproxy v0.73.5
-	github.com/AdguardTeam/golibs v0.31.0
+	github.com/AdguardTeam/dnsproxy v0.73.4
+	github.com/AdguardTeam/golibs v0.30.5
 	github.com/AdguardTeam/urlfilter v0.20.0
 	github.com/NYTimes/gziphandler v1.1.1
 	github.com/ameshkov/dnscrypt/v2 v2.3.0
@@ -19,7 +19,7 @@ require (
 	github.com/google/gopacket v1.1.19
 	github.com/google/renameio/v2 v2.0.0
 	github.com/google/uuid v1.6.0
-	github.com/insomniacslk/dhcp v0.0.0-20241203100832-a481575ed0ef
+	github.com/insomniacslk/dhcp v0.0.0-20240829085014-a3a4c1f04475
 	github.com/josharian/native v1.1.1-0.20230202152459-5c7d0dd6ab86
 	github.com/kardianos/service v1.2.2
 	github.com/mdlayher/ethernet v0.0.0-20220221185849-529eae5b6118
@@ -33,9 +33,9 @@ require (
 	github.com/stretchr/testify v1.10.0
 	github.com/ti-mo/netfilter v0.5.2
 	go.etcd.io/bbolt v1.3.11
-	golang.org/x/crypto v0.31.0
-	golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67
-	golang.org/x/net v0.33.0
+	golang.org/x/crypto v0.29.0
+	golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f
+	golang.org/x/net v0.31.0
 	golang.org/x/sys v0.28.0
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1
 	gopkg.in/yaml.v3 v3.0.1
@@ -49,9 +49,9 @@ require (
 	github.com/beefsack/go-rate v0.0.0-20220214233405-116f4ca011a0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
-	github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad // indirect
+	github.com/google/pprof v0.0.0-20241101162523-b92577c0c142 // indirect
 	github.com/mdlayher/socket v0.5.1 // indirect
-	github.com/onsi/ginkgo/v2 v2.22.1 // indirect
+	github.com/onsi/ginkgo/v2 v2.21.0 // indirect
 	github.com/patrickmn/go-cache v2.1.0+incompatible // indirect
 	github.com/pierrec/lz4/v4 v4.1.21 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
@@ -60,8 +60,8 @@ require (
 	github.com/u-root/uio v0.0.0-20240224005618-d2acac8f3701 // indirect
 	go.uber.org/mock v0.5.0 // indirect
 	golang.org/x/mod v0.22.0 // indirect
-	golang.org/x/sync v0.10.0 // indirect
-	golang.org/x/text v0.21.0 // indirect
-	golang.org/x/tools v0.28.0 // indirect
+	golang.org/x/sync v0.9.0 // indirect
+	golang.org/x/text v0.20.0 // indirect
+	golang.org/x/tools v0.27.0 // indirect
 	gonum.org/v1/gonum v0.15.1 // indirect
 )

go.sum

@@ -1,7 +1,7 @@
-github.com/AdguardTeam/dnsproxy v0.73.5 h1:3EiVaTfmuW6PcJGbqloR6ZdHACsrYkm9z0eH8ZQTZnQ=
-github.com/AdguardTeam/dnsproxy v0.73.5/go.mod h1:Oqw+k7LyjDObfYzXYCkpgtirbzbUrmotr92jrb3N09I=
-github.com/AdguardTeam/golibs v0.31.0 h1:Z0oPfLTLw6iZmpE58dePy2Bel0MaX+lnDwtFEE5EmIo=
-github.com/AdguardTeam/golibs v0.31.0/go.mod h1:wIkZ9o2UnppeW6/YD7yJB71dYbMhiuC1Fh/I2ElW7GQ=
+github.com/AdguardTeam/dnsproxy v0.73.4 h1:FTIXX34wQqePjtWUD1I4QfWTq2B2N1gfOW/TzZDdR4o=
+github.com/AdguardTeam/dnsproxy v0.73.4/go.mod h1:18ssqhDgOCiVIwYmmVuXVM05wSwrzkO2yjKhVRWJX/g=
+github.com/AdguardTeam/golibs v0.30.5 h1:xqat/N9o/V/AnakaWpqq+fGU/qJhKtL4A2pj66kC+TE=
+github.com/AdguardTeam/golibs v0.30.5/go.mod h1:2wOvoAsubo/REnBiuu/YWYmkkzyFR52/QljMdQ2R58M=
 github.com/AdguardTeam/urlfilter v0.20.0 h1:X32qiuVCVd8WDYCEsbdZKfXMzwdVqrdulamtUi4rmzs=
 github.com/AdguardTeam/urlfilter v0.20.0/go.mod h1:gjrywLTxfJh6JOkwi9SU+frhP7kVVEZ5exFGkR99qpk=
 github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cqUQ3I=
@@ -42,8 +42,8 @@ github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF8=
 github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo=
-github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad h1:a6HEuzUHeKH6hwfN/ZoQgRgVIWFJljSWa/zetS2WTvg=
-github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
+github.com/google/pprof v0.0.0-20241101162523-b92577c0c142 h1:sAGdeJj0bnMgUNVeUpp6AYlVdCt3/GdI3pGRqsNSQLs=
+github.com/google/pprof v0.0.0-20241101162523-b92577c0c142/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
 github.com/google/renameio/v2 v2.0.0 h1:UifI23ZTGY8Tt29JbYFiuyIU3eX+RNFtUwefq9qAhxg=
 github.com/google/renameio/v2 v2.0.0/go.mod h1:BtmJXm5YlszgC+TD4HOEEUFgkJP3nLxehU6hfe7jRt4=
 github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@@ -51,8 +51,8 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/hugelgupf/socketpair v0.0.0-20190730060125-05d35a94e714 h1:/jC7qQFrv8CrSJVmaolDVOxTfS9kc36uB6H40kdbQq8=
 github.com/hugelgupf/socketpair v0.0.0-20190730060125-05d35a94e714/go.mod h1:2Goc3h8EklBH5mspfHFxBnEoURQCGzQQH1ga9Myjvis=
-github.com/insomniacslk/dhcp v0.0.0-20241203100832-a481575ed0ef h1:NzQKDfd5ZOPnuZYf9MnRee8x2qecsVqzsnaLjEZiBko=
-github.com/insomniacslk/dhcp v0.0.0-20241203100832-a481575ed0ef/go.mod h1:KclMyHxX06VrVr0DJmeFSUb1ankt7xTfoOA35pCkoic=
+github.com/insomniacslk/dhcp v0.0.0-20240829085014-a3a4c1f04475 h1:hxST5pwMBEOWmxpkX20w9oZG+hXdhKmAIPQ3NGGAxas=
+github.com/insomniacslk/dhcp v0.0.0-20240829085014-a3a4c1f04475/go.mod h1:KclMyHxX06VrVr0DJmeFSUb1ankt7xTfoOA35pCkoic=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/josharian/native v1.0.0/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w=
 github.com/josharian/native v1.1.1-0.20230202152459-5c7d0dd6ab86 h1:elKwZS1OcdQ0WwEDBeqxKwb7WB62QX8bvZ/FJnVXIfk=
@@ -80,10 +80,10 @@ github.com/miekg/dns v1.1.62 h1:cN8OuEF1/x5Rq6Np+h1epln8OiyPWV+lROx9LxcGgIQ=
 github.com/miekg/dns v1.1.62/go.mod h1:mvDlcItzm+br7MToIKqkglaGhlFMHJ9DTNNWONWXbNQ=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
-github.com/onsi/ginkgo/v2 v2.22.1 h1:QW7tbJAUDyVDVOM5dFa7qaybo+CRfR7bemlQUN6Z8aM=
-github.com/onsi/ginkgo/v2 v2.22.1/go.mod h1:S6aTpoRsSq2cZOd+pssHAlKW/Q/jZt6cPrPlnj4a1xM=
-github.com/onsi/gomega v1.36.1 h1:bJDPBO7ibjxcbHMgSCoo4Yj18UWbKDlLwX1x9sybDcw=
-github.com/onsi/gomega v1.36.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog=
+github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM=
+github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo=
+github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8=
+github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc=
 github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc=
 github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
 github.com/pierrec/lz4/v4 v4.1.21 h1:yOVMLb6qSIDP67pl/5F7RepeKYu/VmTyEXvuMI5d9mQ=
@@ -126,10 +126,10 @@ go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU=
 go.uber.org/mock v0.5.0/go.mod h1:ge71pBPLYDk7QIi1LupWxdAykm7KIEFchiOqd6z7qMM=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
-golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
-golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 h1:1UoZQm6f0P/ZO0w1Ri+f+ifG/gXhegadRdwBIXEFWDo=
-golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67/go.mod h1:qj5a5QZpwLU2NLQudwIN5koi3beDhSAlJwa67PuM98c=
+golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
+golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
+golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f h1:XdNn9LlyWAhLVp6P/i8QYBW+hlyhrhei9uErw2B5GJo=
+golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:D5SMRVC3C2/4+F/DB1wZsLRnSNimn2Sp/NPsCrsv8ak=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
@@ -140,12 +140,12 @@ golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn
 golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
-golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
-golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
+golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
+golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
-golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
+golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190322080309-f49334f85ddc/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -161,20 +161,20 @@ golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
-golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
+golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
+golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
 golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
 golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.28.0 h1:WuB6qZ4RPCQo5aP3WdKZS7i595EdWqWR8vqJTlwTVK8=
-golang.org/x/tools v0.28.0/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw=
+golang.org/x/tools v0.27.0 h1:qEKojBykQkQ4EynWy4S8Weg69NumxKdn40Fce3uc/8o=
+golang.org/x/tools v0.27.0/go.mod h1:sUi0ZgbwW9ZPAq26Ekut+weQPR5eIM6GQLQ1Yjm1H0Q=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gonum.org/v1/gonum v0.15.1 h1:FNy7N6OUZVUaWG9pTiD+jlhdQ3lMP+/LcTpJ6+a8sQ0=
 gonum.org/v1/gonum v0.15.1/go.mod h1:eZTZuRFrzu5pcyjN5wJhcIhnUdNijYxX1T2IcrOGY0o=
-google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA=
-google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
+google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

internal/configmigrate/migrations_internal_test.go

@@ -521,7 +521,7 @@ func TestUpgradeSchema11to12(t *testing.T) {
 		name    string
 	}{{
 		ivl:     1,
-		want:    timeutil.Duration(timeutil.Day),
+		want:    timeutil.Duration{Duration: timeutil.Day},
 		wantErr: "",
 		name:    "success",
 	}, {
@@ -604,7 +604,7 @@ func TestUpgradeSchema11to12(t *testing.T) {
 		ivlVal, ok = ivl.(timeutil.Duration)
 		require.True(t, ok)
 
-		assert.Equal(t, 90*24*time.Hour, time.Duration(ivlVal))
+		assert.Equal(t, 90*24*time.Hour, ivlVal.Duration)
 	})
 }
 
@@ -1055,12 +1055,12 @@ func TestUpgradeSchema19to20(t *testing.T) {
 		name    string
 	}{{
 		ivl:     1,
-		want:    timeutil.Duration(timeutil.Day),
+		want:    timeutil.Duration{Duration: timeutil.Day},
 		wantErr: "",
 		name:    "success",
 	}, {
 		ivl:     0,
-		want:    timeutil.Duration(timeutil.Day),
+		want:    timeutil.Duration{Duration: timeutil.Day},
 		wantErr: "",
 		name:    "success",
 	}, {
@@ -1143,7 +1143,7 @@ func TestUpgradeSchema19to20(t *testing.T) {
 		ivlVal, ok = ivl.(timeutil.Duration)
 		require.True(t, ok)
 
-		assert.Equal(t, 24*time.Hour, time.Duration(ivlVal))
+		assert.Equal(t, 24*time.Hour, ivlVal.Duration)
 	})
 }
 

internal/configmigrate/v12.go

@@ -37,7 +37,7 @@ func migrateTo12(diskConf yobj) (err error) {
 		qlogIvl = 90
 	}
 
-	dns[field] = timeutil.Duration(time.Duration(qlogIvl) * timeutil.Day)
+	dns[field] = timeutil.Duration{Duration: time.Duration(qlogIvl) * timeutil.Day}
 
 	return nil
 }

internal/configmigrate/v20.go

@@ -38,7 +38,7 @@ func migrateTo20(diskConf yobj) (err error) {
 		ivl = 1
 	}
 
-	stats[field] = timeutil.Duration(time.Duration(ivl) * timeutil.Day)
+	stats[field] = timeutil.Duration{Duration: time.Duration(ivl) * timeutil.Day}
 
 	return nil
 }

internal/configmigrate/v23.go

@@ -48,7 +48,7 @@ func migrateTo23(diskConf yobj) (err error) {
 
 	diskConf["http"] = yobj{
 		"address":     netip.AddrPortFrom(bindHostAddr, uint16(bindPort)).String(),
-		"session_ttl": timeutil.Duration(time.Duration(sessionTTL) * time.Hour).String(),
+		"session_ttl": timeutil.Duration{Duration: time.Duration(sessionTTL) * time.Hour}.String(),
 	}
 
 	delete(diskConf, "bind_host")

internal/dhcpd/README.md

@@ -1,50 +1,61 @@
-# Testing DHCP Server
+ #  Testing DHCP Server
 
 Contents:
+ *  [Test setup with Virtual Box](#vbox)
+ *  [Quick test with DHCPTest](#dhcptest)
 
-- [Test setup with Virtual Box](#vbox)
-- [Quick test with DHCPTest](#dhcptest)
+##  <a href="#vbox" id="vbox" name="vbox">Test setup with Virtual Box</a>
 
-## <a href="#vbox" id="vbox" name="vbox">Test setup with Virtual Box</a>
-
-### Prerequisites
+   ### Prerequisites
 
 To set up a test environment for DHCP server you will need:
 
-- Linux AG Home host machine (Virtual)
-- Virtual Box
-- Virtual machine (guest OS doesn't matter)
+ *  Linux AG Home host machine (Virtual).
+ *  Virtual Box.
+ *  Virtual machine (guest OS doesn't matter).
 
-### Configure Virtual Box
+   ### Configure Virtual Box
 
-1. Install Virtual Box and run the following command to create a Host-Only network:
+ 1.  Install Virtual Box and run the following command to create a Host-Only
+     network:
 
-    ```sh
-    VBoxManage hostonlyif create
-    ```
+     ```sh
+     $ VBoxManage hostonlyif create
+     ```
 
-    You can check its status by `ip a` command.
+     You can check its status by `ip a` command.
 
-    You can also set up Host-Only network using Virtual Box menu in *File → Host Network Manager.*
+     You can also set up Host-Only network using Virtual Box menu:
 
-2. Create your virtual machine and set up its network in *VM Settings → Network → Host-only Adapter.*
+     ```
+     File -> Host Network Manager...
+     ```
 
-3. Start your VM, install an OS. Configure your network interface to use DHCP and the OS should ask for a IP address from our DHCP server.
+ 2.  Create your virtual machine and set up its network:
 
-4. To see the current IP addresses on client OS you can use `ip a` command on Linux or `ipconfig` on Windows.
+     ```
+     VM Settings -> Network -> Host-only Adapter
+     ```
 
-5. To force the client OS to request an IP from DHCP server again, you can use `dhclient` on Linux or `ipconfig /release` on Windows.
+ 3.  Start your VM, install an OS.  Configure your network interface to use
+     DHCP and the OS should ask for a IP address from our DHCP server.
 
-### Configure server
+ 4.  To see the current IP addresses on client OS you can use `ip a` command on
+     Linux or `ipconfig` on Windows.
 
-1. Edit server configuration file `AdGuardHome.yaml`, for example:
+ 5.  To force the client OS to request an IP from DHCP server again, you can
+     use `dhclient` on Linux or `ipconfig /release` on Windows.
 
-    ```yaml
-    dhcp:
-        enabled: true
-        interface_name: vboxnet0
-        local_domain_name: lan
-        dhcpv4:
+   ### Configure server
+
+ 1.  Edit server configuration file `AdGuardHome.yaml`, for example:
+
+     ```yaml
+     dhcp:
+          enabled: true
+          interface_name: vboxnet0
+          local_domain_name: lan
+          dhcpv4:
             gateway_ip: 192.168.56.1
             subnet_mask: 255.255.255.0
             range_start: 192.168.56.2
@@ -52,33 +63,34 @@ To set up a test environment for DHCP server you will need:
             lease_duration: 86400
             icmp_timeout_msec: 1000
             options: []
-        dhcpv6:
+          dhcpv6:
             range_start: 2001::1
             lease_duration: 86400
             ra_slaac_only: false
             ra_allow_slaac: false
-    ```
+     ```
 
-2. Start the server:
+ 2.  Start the server
 
-    ```sh
-    ./AdGuardHome -v
-    ```
+     ```sh
+     ./AdGuardHome -v
+     ```
 
-    There should be a message in log which shows that DHCP server is ready:
+     There should be a message in log which shows that DHCP server is ready:
 
-    ```none
-    [info] dhcpv4: listening
-    ```
+     ```
+     [info] DHCP: listening on 0.0.0.0:67
+     ```
 
-## <a href="#dhcptest" id="dhcptest" name="dhcptest">Quick test with DHCPTest utility</a>
+##  <a href="#dhcptest" id="dhcptest" name="dhcptest">Quick test with DHCPTest utility</a>
 
-### Prerequisites
+   ### Prerequisites
 
-- [DHCP test utility][dhcptest-gh].
+ *  [DHCP test utility][dhcptest-gh].
 
-### Quick test
+   ### Quick test
 
-The DHCP server could be tested for DISCOVER-OFFER packets with in interactive mode.
+The DHCP server could be tested for DISCOVER-OFFER packets with in
+interactive mode.
 
 [dhcptest-gh]: https://github.com/CyberShadow/dhcptest

internal/dhcpd/options_unix.go

@@ -84,7 +84,7 @@ func parseDHCPOptionDur(s string) (val dhcpv4.OptionValue, err error) {
 		return nil, fmt.Errorf("decoding dur: %w", err)
 	}
 
-	return dhcpv4.Duration(v), nil
+	return dhcpv4.Duration(v.Duration), nil
 }
 
 // parseDHCPOptionUint parses a DHCP option as an unsigned integer.  bitSize is

internal/dhcpd/options_unix_test.go

@@ -144,8 +144,8 @@ func TestParseOpt(t *testing.T) {
 		in:       "24 dur 3y",
 		wantCode: nil,
 		wantVal:  nil,
-		wantErrMsg: `invalid option string "24 dur 3y": decoding dur: time: ` +
-			`unknown unit "y" in duration "3y"`,
+		wantErrMsg: "invalid option string \"24 dur 3y\": decoding dur: " +
+			"unmarshaling duration: time: unknown unit \"y\" in duration \"3y\"",
 	}, {
 		name:     "u8_error",
 		in:       "23 u8 256",

internal/dnsforward/beforerequest.go

@@ -81,7 +81,7 @@ func (s *Server) clientIDFromDNSContext(pctx *proxy.DNSContext) (clientID string
 
 	cliSrvName, err := clientServerName(pctx, proto)
 	if err != nil {
-		return "", fmt.Errorf("getting client server-name: %w", err)
+		return "", err
 	}
 
 	clientID, err = clientIDFromClientServerName(

internal/dnsforward/clientid.go

@@ -3,7 +3,6 @@ package dnsforward
 import (
 	"crypto/tls"
 	"fmt"
-	"net/http"
 	"path"
 	"strings"
 
@@ -119,13 +118,17 @@ func clientServerName(pctx *proxy.DNSContext, proto proxy.Proto) (srvName string
 
 	switch proto {
 	case proxy.ProtoHTTPS:
-		var fromHost bool
-		srvName, fromHost, err = clientServerNameFromHTTP(pctx.HTTPRequest)
-		if err != nil {
-			return "", fmt.Errorf("from http: %w", err)
-		}
+		r := pctx.HTTPRequest
+		if connState := r.TLS; connState != nil {
+			srvName = connState.ServerName
+		} else if r.Host != "" {
+			var host string
+			host, err = netutil.SplitHost(r.Host)
+			if err != nil {
+				return "", fmt.Errorf("parsing host: %w", err)
+			}
 
-		if fromHost {
+			srvName = host
 			from = "host header"
 		}
 	case proxy.ProtoQUIC:
@@ -150,23 +153,3 @@ func clientServerName(pctx *proxy.DNSContext, proto proxy.Proto) (srvName string
 
 	return srvName, nil
 }
-
-// clientServerNameFromHTTP returns the TLS server name or the value of the host
-// header depending on the protocol.  fromHost is true if srvName comes from the
-// "Host" HTTP header.
-func clientServerNameFromHTTP(r *http.Request) (srvName string, fromHost bool, err error) {
-	if connState := r.TLS; connState != nil {
-		return connState.ServerName, false, nil
-	}
-
-	if r.Host == "" {
-		return "", false, nil
-	}
-
-	srvName, err = netutil.SplitHost(r.Host)
-	if err != nil {
-		return "", false, fmt.Errorf("parsing host: %w", err)
-	}
-
-	return srvName, true, nil
-}

internal/dnsforward/config.go

@@ -348,7 +348,7 @@ func (s *Server) newProxyConfig() (conf *proxy.Config, err error) {
 		conf.EDNSAddr = net.IP(srvConf.EDNSClientSubnet.CustomIP.AsSlice())
 	}
 
-	err = setProxyUpstreamMode(conf, srvConf.UpstreamMode, time.Duration(srvConf.FastestTimeout))
+	err = setProxyUpstreamMode(conf, srvConf.UpstreamMode, srvConf.FastestTimeout.Duration)
 	if err != nil {
 		return nil, fmt.Errorf("upstream mode: %w", err)
 	}

internal/dnsforward/dnsforward.go

@@ -740,7 +740,7 @@ func (s *Server) prepareInternalProxy() (err error) {
 		MessageConstructor:        s,
 	}
 
-	err = setProxyUpstreamMode(conf, srvConf.UpstreamMode, time.Duration(srvConf.FastestTimeout))
+	err = setProxyUpstreamMode(conf, srvConf.UpstreamMode, srvConf.FastestTimeout.Duration)
 	if err != nil {
 		return fmt.Errorf("invalid upstream mode: %w", err)
 	}

internal/filtering/README.md

@@ -0,0 +1,70 @@
+# AdGuard Home's DNS filtering go library
+
+Example use:
+```bash
+[ -z "$GOPATH" ] && export GOPATH=$HOME/go
+go get -d github.com/AdguardTeam/AdGuardHome/filtering
+```
+
+Create file filter.go
+```filter.go
+package main
+
+import (
+    "github.com/AdguardTeam/AdGuardHome/filtering"
+    "log"
+)
+
+func main() {
+    filter := filtering.New()
+    filter.AddRule("||dou*ck.net^")
+    host := "www.doubleclick.net"
+    res, err := filter.CheckHost(host)
+    if err != nil {
+        // temporary failure
+        log.Fatalf("Failed to check host %q: %s", host, err)
+    }
+    if res.IsFiltered {
+        log.Printf("Host %s is filtered, reason - %q, matched rule: %q", host, res.Reason, res.Rule)
+    } else {
+        log.Printf("Host %s is not filtered, reason - %q", host, res.Reason)
+    }
+}
+```
+
+And then run it:
+```bash
+go run filter.go
+```
+
+You will get:
+```
+2000/01/01 00:00:00 Host www.doubleclick.net is filtered, reason - 'FilteredBlackList', matched rule: '||dou*ck.net^'
+```
+
+You can also enable checking against AdGuard's SafeBrowsing:
+
+```go
+package main
+
+import (
+    "github.com/AdguardTeam/AdGuardHome/filtering"
+    "log"
+)
+
+func main() {
+    filter := filtering.New()
+    filter.EnableSafeBrowsing()
+    host := "wmconvirus.narod.ru" // hostname for testing safebrowsing
+    res, err := filter.CheckHost(host)
+    if err != nil {
+        // temporary failure
+        log.Fatalf("Failed to check host %q: %s", host, err)
+    }
+    if res.IsFiltered {
+        log.Printf("Host %s is filtered, reason - %q, matched rule: %q", host, res.Reason, res.Rule)
+    } else {
+        log.Printf("Host %s is not filtered, reason - %q", host, res.Reason)
+    }
+}
+```

internal/filtering/rulelist/filter_test.go

@@ -18,6 +18,7 @@ func TestFilter_Refresh(t *testing.T) {
 	t.Parallel()
 
 	cacheDir := t.TempDir()
+	uid := rulelist.MustNewUID()
 
 	const fltData = testRuleTextTitle + testRuleTextBlocked
 	fileURL, srvURL := newFilterLocations(t, cacheDir, fltData, fltData)
@@ -53,7 +54,6 @@ func TestFilter_Refresh(t *testing.T) {
 		t.Run(tc.name, func(t *testing.T) {
 			t.Parallel()
 
-			uid := rulelist.MustNewUID()
 			f, err := rulelist.NewFilter(&rulelist.FilterConfig{
 				URL:         tc.url,
 				Name:        tc.name,

internal/home/clients.go

@@ -400,7 +400,7 @@ func (clients *clientsContainer) UpstreamConfigByID(
 		upstreams,
 		&upstream.Options{
 			Bootstrap:    bootstrap,
-			Timeout:      time.Duration(config.DNS.UpstreamTimeout),
+			Timeout:      config.DNS.UpstreamTimeout.Duration,
 			HTTPVersions: dnsforward.UpstreamHTTPVersions(config.DNS.UseHTTP3Upstreams),
 			PreferIPv6:   config.DNS.BootstrapPreferIPv6,
 		},

internal/home/clientshttp.go

@@ -424,8 +424,6 @@ func (clients *clientsContainer) handleUpdateClient(w http.ResponseWriter, r *ht
 }
 
 // handleFindClient is the handler for GET /control/clients/find HTTP API.
-//
-// Deprecated:  Remove it when migration to the new API is over.
 func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http.Request) {
 	q := r.URL.Query()
 	data := []map[string]*clientJSON{}
@@ -435,58 +433,19 @@ func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http
 			break
 		}
 
+		ip, _ := netip.ParseAddr(idStr)
+		c, ok := clients.storage.Find(idStr)
+		var cj *clientJSON
+		if !ok {
+			cj = clients.findRuntime(ip, idStr)
+		} else {
+			cj = clientToJSON(c)
+			disallowed, rule := clients.clientChecker.IsBlockedClient(ip, idStr)
+			cj.Disallowed, cj.DisallowedRule = &disallowed, &rule
+		}
+
 		data = append(data, map[string]*clientJSON{
-			idStr: clients.findClient(idStr),
-		})
-	}
-
-	aghhttp.WriteJSONResponseOK(w, r, data)
-}
-
-// findClient returns available information about a client by idStr from the
-// client's storage or access settings.  cj is guaranteed to be non-nil.
-func (clients *clientsContainer) findClient(idStr string) (cj *clientJSON) {
-	ip, _ := netip.ParseAddr(idStr)
-	c, ok := clients.storage.Find(idStr)
-	if !ok {
-		return clients.findRuntime(ip, idStr)
-	}
-
-	cj = clientToJSON(c)
-	disallowed, rule := clients.clientChecker.IsBlockedClient(ip, idStr)
-	cj.Disallowed, cj.DisallowedRule = &disallowed, &rule
-
-	return cj
-}
-
-// searchQueryJSON is a request to the POST /control/clients/search HTTP API.
-//
-// TODO(s.chzhen):  Add UIDs.
-type searchQueryJSON struct {
-	Clients []searchClientJSON `json:"clients"`
-}
-
-// searchClientJSON is a part of [searchQueryJSON] that contains a string
-// representation of the client's IP address, CIDR, MAC address, or ClientID.
-type searchClientJSON struct {
-	ID string `json:"id"`
-}
-
-// handleSearchClient is the handler for the POST /control/clients/search HTTP API.
-func (clients *clientsContainer) handleSearchClient(w http.ResponseWriter, r *http.Request) {
-	q := searchQueryJSON{}
-	err := json.NewDecoder(r.Body).Decode(&q)
-	if err != nil {
-		aghhttp.Error(r, w, http.StatusBadRequest, "failed to process request body: %s", err)
-
-		return
-	}
-
-	data := []map[string]*clientJSON{}
-	for _, c := range q.Clients {
-		idStr := c.ID
-		data = append(data, map[string]*clientJSON{
-			idStr: clients.findClient(idStr),
+			idStr: cj,
 		})
 	}
 
@@ -534,8 +493,5 @@ func (clients *clientsContainer) registerWebHandlers() {
 	httpRegister(http.MethodPost, "/control/clients/add", clients.handleAddClient)
 	httpRegister(http.MethodPost, "/control/clients/delete", clients.handleDelClient)
 	httpRegister(http.MethodPost, "/control/clients/update", clients.handleUpdateClient)
-	httpRegister(http.MethodPost, "/control/clients/search", clients.handleSearchClient)
-
-	// Deprecated handler.
 	httpRegister(http.MethodGet, "/control/clients/find", clients.handleFindClient)
 }

internal/home/clientshttp_internal_test.go

@@ -16,7 +16,6 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/client"
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
 	"github.com/AdguardTeam/AdGuardHome/internal/schedule"
-	"github.com/AdguardTeam/AdGuardHome/internal/whois"
 	"github.com/AdguardTeam/golibs/testutil"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -409,145 +408,3 @@ func TestClientsContainer_HandleFindClient(t *testing.T) {
 		})
 	}
 }
-
-func TestClientsContainer_HandleSearchClient(t *testing.T) {
-	var (
-		runtimeCli = "runtime_client1"
-
-		runtimeCliIP     = "3.3.3.3"
-		blockedCliIP     = "4.4.4.4"
-		nonExistentCliIP = "5.5.5.5"
-
-		allowed     = false
-		dissallowed = true
-
-		emptyRule      = ""
-		disallowedRule = "disallowed_rule"
-	)
-
-	clients := newClientsContainer(t)
-	clients.clientChecker = &testBlockedClientChecker{
-		onIsBlockedClient: func(ip netip.Addr, _ string) (ok bool, rule string) {
-			if ip == netip.MustParseAddr(blockedCliIP) {
-				return true, disallowedRule
-			}
-
-			return false, emptyRule
-		},
-	}
-
-	ctx := testutil.ContextWithTimeout(t, testTimeout)
-
-	clientOne := newPersistentClientWithIDs(t, "client1", []string{testClientIP1})
-	err := clients.storage.Add(ctx, clientOne)
-	require.NoError(t, err)
-
-	clientTwo := newPersistentClientWithIDs(t, "client2", []string{testClientIP2})
-	err = clients.storage.Add(ctx, clientTwo)
-	require.NoError(t, err)
-
-	assertPersistentClients(t, clients, []*client.Persistent{clientOne, clientTwo})
-
-	clients.UpdateAddress(ctx, netip.MustParseAddr(runtimeCliIP), runtimeCli, nil)
-
-	testCases := []struct {
-		name           string
-		query          *searchQueryJSON
-		wantPersistent []*client.Persistent
-		wantRuntime    *clientJSON
-	}{{
-		name: "single",
-		query: &searchQueryJSON{
-			Clients: []searchClientJSON{{
-				ID: testClientIP1,
-			}},
-		},
-		wantPersistent: []*client.Persistent{clientOne},
-	}, {
-		name: "multiple",
-		query: &searchQueryJSON{
-			Clients: []searchClientJSON{{
-				ID: testClientIP1,
-			}, {
-				ID: testClientIP2,
-			}},
-		},
-		wantPersistent: []*client.Persistent{clientOne, clientTwo},
-	}, {
-		name: "runtime",
-		query: &searchQueryJSON{
-			Clients: []searchClientJSON{{
-				ID: runtimeCliIP,
-			}},
-		},
-		wantRuntime: &clientJSON{
-			Name:           runtimeCli,
-			IDs:            []string{runtimeCliIP},
-			Disallowed:     &allowed,
-			DisallowedRule: &emptyRule,
-			WHOIS:          &whois.Info{},
-		},
-	}, {
-		name: "blocked_access",
-		query: &searchQueryJSON{
-			Clients: []searchClientJSON{{
-				ID: blockedCliIP,
-			}},
-		},
-		wantRuntime: &clientJSON{
-			IDs:            []string{blockedCliIP},
-			Disallowed:     &dissallowed,
-			DisallowedRule: &disallowedRule,
-			WHOIS:          &whois.Info{},
-		},
-	}, {
-		name: "non_existing_client",
-		query: &searchQueryJSON{
-			Clients: []searchClientJSON{{
-				ID: nonExistentCliIP,
-			}},
-		},
-		wantRuntime: &clientJSON{
-			IDs:            []string{nonExistentCliIP},
-			Disallowed:     &allowed,
-			DisallowedRule: &emptyRule,
-			WHOIS:          &whois.Info{},
-		},
-	}}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			var body []byte
-			body, err = json.Marshal(tc.query)
-			require.NoError(t, err)
-
-			var r *http.Request
-			r, err = http.NewRequest(http.MethodPost, "", bytes.NewReader(body))
-			require.NoError(t, err)
-
-			rw := httptest.NewRecorder()
-			clients.handleSearchClient(rw, r)
-			require.NoError(t, err)
-			require.Equal(t, http.StatusOK, rw.Code)
-
-			body, err = io.ReadAll(rw.Body)
-			require.NoError(t, err)
-
-			clientData := []map[string]*clientJSON{}
-			err = json.Unmarshal(body, &clientData)
-			require.NoError(t, err)
-
-			if tc.wantPersistent != nil {
-				assertPersistentClientsData(t, clients, clientData, tc.wantPersistent)
-
-				return
-			}
-
-			require.Len(t, clientData, 1)
-			require.Len(t, clientData[0], 1)
-
-			rc := clientData[0][tc.wantRuntime.IDs[0]]
-			assert.Equal(t, tc.wantRuntime, rc)
-		})
-	}
-}

internal/home/config.go

@@ -339,7 +339,7 @@ var config = &configuration{
 	AuthBlockMin: 15,
 	HTTPConfig: httpConfig{
 		Address:    netip.AddrPortFrom(netip.IPv4Unspecified(), 3000),
-		SessionTTL: timeutil.Duration(30 * timeutil.Day),
+		SessionTTL: timeutil.Duration{Duration: 30 * timeutil.Day},
 		Pprof: &httpPprofConfig{
 			Enabled: false,
 			Port:    6060,
@@ -355,7 +355,9 @@ var config = &configuration{
 			RefuseAny:              true,
 			UpstreamMode:           dnsforward.UpstreamModeLoadBalance,
 			HandleDDR:              true,
-			FastestTimeout:         timeutil.Duration(fastip.DefaultPingWaitTimeout),
+			FastestTimeout: timeutil.Duration{
+				Duration: fastip.DefaultPingWaitTimeout,
+			},
 
 			TrustedProxies: []netutil.Prefix{{
 				Prefix: netip.MustParsePrefix("127.0.0.0/8"),
@@ -376,7 +378,7 @@ var config = &configuration{
 			// was later increased to 300 due to https://github.com/AdguardTeam/AdGuardHome/issues/2257
 			MaxGoroutines: 300,
 		},
-		UpstreamTimeout:  timeutil.Duration(dnsforward.DefaultTimeout),
+		UpstreamTimeout:  timeutil.Duration{Duration: dnsforward.DefaultTimeout},
 		UsePrivateRDNS:   true,
 		ServePlainDNS:    true,
 		HostsFileEnabled: true,
@@ -389,13 +391,13 @@ var config = &configuration{
 	QueryLog: queryLogConfig{
 		Enabled:     true,
 		FileEnabled: true,
-		Interval:    timeutil.Duration(90 * timeutil.Day),
+		Interval:    timeutil.Duration{Duration: 90 * timeutil.Day},
 		MemSize:     1000,
 		Ignored:     []string{},
 	},
 	Stats: statsConfig{
 		Enabled:  true,
-		Interval: timeutil.Duration(1 * timeutil.Day),
+		Interval: timeutil.Duration{Duration: 1 * timeutil.Day},
 		Ignored:  []string{},
 	},
 	// NOTE: Keep these parameters in sync with the one put into
@@ -563,8 +565,8 @@ func parseConfig() (err error) {
 		return err
 	}
 
-	if config.DNS.UpstreamTimeout == 0 {
-		config.DNS.UpstreamTimeout = timeutil.Duration(dnsforward.DefaultTimeout)
+	if config.DNS.UpstreamTimeout.Duration == 0 {
+		config.DNS.UpstreamTimeout = timeutil.Duration{Duration: dnsforward.DefaultTimeout}
 	}
 
 	// Do not wrap the error because it's informative enough as is.
@@ -657,7 +659,7 @@ func (c *configuration) write() (err error) {
 	if Context.stats != nil {
 		statsConf := stats.Config{}
 		Context.stats.WriteDiskConfig(&statsConf)
-		config.Stats.Interval = timeutil.Duration(statsConf.Limit)
+		config.Stats.Interval = timeutil.Duration{Duration: statsConf.Limit}
 		config.Stats.Enabled = statsConf.Enabled
 		config.Stats.Ignored = statsConf.Ignored.Values()
 	}
@@ -668,7 +670,7 @@ func (c *configuration) write() (err error) {
 		config.DNS.AnonymizeClientIP = dc.AnonymizeClientIP
 		config.QueryLog.Enabled = dc.Enabled
 		config.QueryLog.FileEnabled = dc.FileEnabled
-		config.QueryLog.Interval = timeutil.Duration(dc.RotationIvl)
+		config.QueryLog.Interval = timeutil.Duration{Duration: dc.RotationIvl}
 		config.QueryLog.MemSize = dc.MemSize
 		config.QueryLog.Ignored = dc.Ignored.Values()
 	}

internal/home/controlinstall.go

@@ -5,7 +5,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"log/slog"
 	"net/http"
 	"net/netip"
 	"os"
@@ -20,7 +19,7 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
 	"github.com/AdguardTeam/AdGuardHome/internal/version"
 	"github.com/AdguardTeam/golibs/errors"
-	"github.com/AdguardTeam/golibs/logutil/slogutil"
+	"github.com/AdguardTeam/golibs/log"
 	"github.com/quic-go/quic-go/http3"
 )
 
@@ -125,8 +124,6 @@ func (req *checkConfReq) validateWeb(tcpPorts aghalg.UniqChecker[tcpPort]) (err
 // be set.  canAutofix is true if the port can be unbound by AdGuard Home
 // automatically.
 func (req *checkConfReq) validateDNS(
-	ctx context.Context,
-	l *slog.Logger,
 	tcpPorts aghalg.UniqChecker[tcpPort],
 ) (canAutofix bool, err error) {
 	defer func() { err = errors.Annotate(err, "validating ports: %w") }()
@@ -157,10 +154,10 @@ func (req *checkConfReq) validateDNS(
 	}
 
 	// Try to fix automatically.
-	canAutofix = checkDNSStubListener(ctx, l)
+	canAutofix = checkDNSStubListener()
 	if canAutofix && req.DNS.Autofix {
-		if derr := disableDNSStubListener(ctx, l); derr != nil {
-			l.ErrorContext(ctx, "disabling DNSStubListener", slogutil.KeyError, err)
+		if derr := disableDNSStubListener(); derr != nil {
+			log.Error("disabling DNSStubListener: %s", err)
 		}
 
 		err = aghnet.CheckPort("udp", netip.AddrPortFrom(req.DNS.IP, port))
@@ -187,7 +184,7 @@ func (web *webAPI) handleInstallCheckConfig(w http.ResponseWriter, r *http.Reque
 		resp.Web.Status = err.Error()
 	}
 
-	if resp.DNS.CanAutofix, err = req.validateDNS(r.Context(), web.logger, tcpPorts); err != nil {
+	if resp.DNS.CanAutofix, err = req.validateDNS(tcpPorts); err != nil {
 		resp.DNS.Status = err.Error()
 	} else if !req.DNS.IP.IsUnspecified() {
 		resp.StaticIP = handleStaticIP(req.DNS.IP, req.SetStaticIP)
@@ -236,39 +233,27 @@ func handleStaticIP(ip netip.Addr, set bool) staticIPJSON {
 	return resp
 }
 
-// checkDNSStubListener returns true if DNSStubListener is active.
-func checkDNSStubListener(ctx context.Context, l *slog.Logger) (ok bool) {
+// Check if DNSStubListener is active
+func checkDNSStubListener() bool {
 	if runtime.GOOS != "linux" {
 		return false
 	}
 
 	cmd := exec.Command("systemctl", "is-enabled", "systemd-resolved")
-	l.DebugContext(ctx, "executing", "cmd", cmd.Path, "args", cmd.Args)
+	log.Tracef("executing %s %v", cmd.Path, cmd.Args)
 	_, err := cmd.Output()
 	if err != nil || cmd.ProcessState.ExitCode() != 0 {
-		l.InfoContext(
-			ctx,
-			"execution failed",
-			"cmd", cmd.Path,
-			"code", cmd.ProcessState.ExitCode(),
-			slogutil.KeyError, err,
-		)
-
+		log.Info("command %s has failed: %v code:%d",
+			cmd.Path, err, cmd.ProcessState.ExitCode())
 		return false
 	}
 
 	cmd = exec.Command("grep", "-E", "#?DNSStubListener=yes", "/etc/systemd/resolved.conf")
-	l.DebugContext(ctx, "executing", "cmd", cmd.Path, "args", cmd.Args)
+	log.Tracef("executing %s %v", cmd.Path, cmd.Args)
 	_, err = cmd.Output()
 	if err != nil || cmd.ProcessState.ExitCode() != 0 {
-		l.InfoContext(
-			ctx,
-			"execution failed",
-			"cmd", cmd.Path,
-			"code", cmd.ProcessState.ExitCode(),
-			slogutil.KeyError, err,
-		)
-
+		log.Info("command %s has failed: %v code:%d",
+			cmd.Path, err, cmd.ProcessState.ExitCode())
 		return false
 	}
 
@@ -284,9 +269,8 @@ DNSStubListener=no
 )
 const resolvConfPath = "/etc/resolv.conf"
 
-// disableDNSStubListener deactivates DNSStubListerner and returns an error, if
-// any.
-func disableDNSStubListener(ctx context.Context, l *slog.Logger) (err error) {
+// Deactivate DNSStubListener
+func disableDNSStubListener() (err error) {
 	dir := filepath.Dir(resolvedConfPath)
 	err = os.MkdirAll(dir, 0o755)
 	if err != nil {
@@ -306,7 +290,7 @@ func disableDNSStubListener(ctx context.Context, l *slog.Logger) (err error) {
 	}
 
 	cmd := exec.Command("systemctl", "reload-or-restart", "systemd-resolved")
-	l.DebugContext(ctx, "executing", "cmd", cmd.Path, "args", cmd.Args)
+	log.Tracef("executing %s %v", cmd.Path, cmd.Args)
 	_, err = cmd.Output()
 	if err != nil {
 		return err
@@ -343,9 +327,9 @@ func copyInstallSettings(dst, src *configuration) {
 // shutdownTimeout is the timeout for shutting HTTP server down operation.
 const shutdownTimeout = 5 * time.Second
 
-// shutdownSrv shuts down srv and logs the error, if any.  l must not be nil.
-func shutdownSrv(ctx context.Context, l *slog.Logger, srv *http.Server) {
-	defer slogutil.RecoverAndLog(ctx, l)
+// shutdownSrv shuts srv down and prints error messages to the log.
+func shutdownSrv(ctx context.Context, srv *http.Server) {
+	defer log.OnPanic("")
 
 	if srv == nil {
 		return
@@ -356,19 +340,19 @@ func shutdownSrv(ctx context.Context, l *slog.Logger, srv *http.Server) {
 		return
 	}
 
-	lvl := slog.LevelDebug
-	if !errors.Is(err, context.Canceled) {
-		lvl = slog.LevelError
+	const msgFmt = "shutting down http server %q: %s"
+	if errors.Is(err, context.Canceled) {
+		log.Debug(msgFmt, srv.Addr, err)
+	} else {
+		log.Error(msgFmt, srv.Addr, err)
 	}
-
-	l.Log(ctx, lvl, "shutting down http server", "addr", srv.Addr, slogutil.KeyError, err)
 }
 
-// shutdownSrv3 shuts down srv and logs the error, if any.  l must not be nil.
+// shutdownSrv3 shuts srv down and prints error messages to the log.
 //
 // TODO(a.garipov): Think of a good way to merge with [shutdownSrv].
-func shutdownSrv3(ctx context.Context, l *slog.Logger, srv *http3.Server) {
-	defer slogutil.RecoverAndLog(ctx, l)
+func shutdownSrv3(srv *http3.Server) {
+	defer log.OnPanic("")
 
 	if srv == nil {
 		return
@@ -379,12 +363,12 @@ func shutdownSrv3(ctx context.Context, l *slog.Logger, srv *http3.Server) {
 		return
 	}
 
-	lvl := slog.LevelDebug
-	if !errors.Is(err, context.Canceled) {
-		lvl = slog.LevelError
+	const msgFmt = "shutting down http/3 server %q: %s"
+	if errors.Is(err, context.Canceled) {
+		log.Debug(msgFmt, srv.Addr, err)
+	} else {
+		log.Error(msgFmt, srv.Addr, err)
 	}
-
-	l.Log(ctx, lvl, "shutting down http/3 server", "addr", srv.Addr, slogutil.KeyError, err)
 }
 
 // PasswordMinRunes is the minimum length of user's password in runes.
@@ -452,7 +436,7 @@ func (web *webAPI) handleInstallConfigure(w http.ResponseWriter, r *http.Request
 	// moment we'll allow setting up TLS in the initial configuration or the
 	// configuration itself will use HTTPS protocol, because the underlying
 	// functions potentially restart the HTTPS server.
-	err = startMods(web.baseLogger)
+	err = startMods(web.logger)
 	if err != nil {
 		Context.firstRun = true
 		copyInstallSettings(config, curConfig)
@@ -488,11 +472,12 @@ func (web *webAPI) handleInstallConfigure(w http.ResponseWriter, r *http.Request
 	// and with its own context, because it waits until all requests are handled
 	// and will be blocked by it's own caller.
 	go func(timeout time.Duration) {
+		defer log.OnPanic("web")
+
 		ctx, cancel := context.WithTimeout(context.Background(), timeout)
-		defer slogutil.RecoverAndLog(ctx, web.logger)
 		defer cancel()
 
-		shutdownSrv(ctx, web.logger, web.httpServer)
+		shutdownSrv(ctx, web.httpServer)
 	}(shutdownTimeout)
 }
 

internal/home/controlupdate.go

@@ -4,7 +4,6 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"log/slog"
 	"net/http"
 	"os"
 	"os/exec"
@@ -17,8 +16,7 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
 	"github.com/AdguardTeam/AdGuardHome/internal/updater"
 	"github.com/AdguardTeam/golibs/errors"
-	"github.com/AdguardTeam/golibs/logutil/slogutil"
-	"github.com/AdguardTeam/golibs/osutil"
+	"github.com/AdguardTeam/golibs/log"
 )
 
 // temporaryError is the interface for temporary errors from the Go standard
@@ -54,7 +52,7 @@ func (web *webAPI) handleVersionJSON(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
-	err = web.requestVersionInfo(r.Context(), resp, req.Recheck)
+	err = web.requestVersionInfo(resp, req.Recheck)
 	if err != nil {
 		// Don't wrap the error, because it's informative enough as is.
 		aghhttp.Error(r, w, http.StatusBadGateway, "%s", err)
@@ -75,11 +73,7 @@ func (web *webAPI) handleVersionJSON(w http.ResponseWriter, r *http.Request) {
 
 // requestVersionInfo sets the VersionInfo field of resp if it can reach the
 // update server.
-func (web *webAPI) requestVersionInfo(
-	ctx context.Context,
-	resp *versionResponse,
-	recheck bool,
-) (err error) {
+func (web *webAPI) requestVersionInfo(resp *versionResponse, recheck bool) (err error) {
 	updater := web.conf.updater
 	for range 3 {
 		resp.VersionInfo, err = updater.VersionInfo(recheck)
@@ -95,9 +89,7 @@ func (web *webAPI) requestVersionInfo(
 			// See https://github.com/AdguardTeam/AdGuardHome/issues/934.
 			const sleepTime = 2 * time.Second
 
-			err = fmt.Errorf("temp net error: %w; sleeping for %s and retrying", err, sleepTime)
-			web.logger.InfoContext(ctx, "updating version info", slogutil.KeyError, err)
-
+			log.Info("update: temp net error: %v; sleeping for %s and retrying", err, sleepTime)
 			time.Sleep(sleepTime)
 
 			continue
@@ -148,7 +140,7 @@ func (web *webAPI) handleUpdate(w http.ResponseWriter, r *http.Request) {
 	// The background context is used because the underlying functions wrap it
 	// with timeout and shut down the server, which handles current request.  It
 	// also should be done in a separate goroutine for the same reason.
-	go finishUpdate(context.Background(), web.logger, execPath, web.conf.runningAsService)
+	go finishUpdate(context.Background(), execPath, web.conf.runningAsService)
 }
 
 // versionResponse is the response for /control/version.json endpoint.
@@ -188,17 +180,15 @@ func tlsConfUsesPrivilegedPorts(c *tlsConfigSettings) (ok bool) {
 	return c.Enabled && (c.PortHTTPS < 1024 || c.PortDNSOverTLS < 1024 || c.PortDNSOverQUIC < 1024)
 }
 
-// finishUpdate completes an update procedure.  It is intended to be used as a
-// goroutine.
-func finishUpdate(ctx context.Context, l *slog.Logger, execPath string, runningAsService bool) {
-	defer slogutil.RecoverAndExit(ctx, l, osutil.ExitCodeFailure)
+// finishUpdate completes an update procedure.
+func finishUpdate(ctx context.Context, execPath string, runningAsService bool) {
+	var err error
 
-	l.InfoContext(ctx, "stopping all tasks")
+	log.Info("stopping all tasks")
 
 	cleanup(ctx)
 	cleanupAlways()
 
-	var err error
 	if runtime.GOOS == "windows" {
 		if runningAsService {
 			// NOTE: We can't restart the service via "kardianos/service"
@@ -209,28 +199,28 @@ func finishUpdate(ctx context.Context, l *slog.Logger, execPath string, runningA
 			cmd := exec.Command("cmd", "/c", "net stop AdGuardHome & net start AdGuardHome")
 			err = cmd.Start()
 			if err != nil {
-				panic(fmt.Errorf("restarting service: %w", err))
+				log.Fatalf("restarting: stopping: %s", err)
 			}
 
-			os.Exit(osutil.ExitCodeSuccess)
+			os.Exit(0)
 		}
 
 		cmd := exec.Command(execPath, os.Args[1:]...)
-		l.InfoContext(ctx, "restarting", "exec_path", execPath, "args", os.Args[1:])
+		log.Info("restarting: %q %q", execPath, os.Args[1:])
 		cmd.Stdin = os.Stdin
 		cmd.Stdout = os.Stdout
 		cmd.Stderr = os.Stderr
 		err = cmd.Start()
 		if err != nil {
-			panic(fmt.Errorf("restarting: %w", err))
+			log.Fatalf("restarting:: %s", err)
 		}
 
-		os.Exit(osutil.ExitCodeSuccess)
+		os.Exit(0)
 	}
 
-	l.InfoContext(ctx, "restarting", "exec_path", execPath, "args", os.Args[1:])
+	log.Info("restarting: %q %q", execPath, os.Args[1:])
 	err = syscall.Exec(execPath, os.Args, os.Environ())
 	if err != nil {
-		panic(fmt.Errorf("restarting: %w", err))
+		log.Fatalf("restarting: %s", err)
 	}
 }

internal/home/dns.go

@@ -47,14 +47,14 @@ func onConfigModified() {
 
 // initDNS updates all the fields of the [Context] needed to initialize the DNS
 // server and initializes it at last.  It also must not be called unless
-// [config] and [Context] are initialized.  baseLogger must not be nil.
+// [config] and [Context] are initialized.  l must not be nil.
 func initDNS(baseLogger *slog.Logger, statsDir, querylogDir string) (err error) {
 	anonymizer := config.anonymizer()
 
 	statsConf := stats.Config{
 		Logger:            baseLogger.With(slogutil.KeyPrefix, "stats"),
 		Filename:          filepath.Join(statsDir, "stats.db"),
-		Limit:             time.Duration(config.Stats.Interval),
+		Limit:             config.Stats.Interval.Duration,
 		ConfigModified:    onConfigModified,
 		HTTPRegister:      httpRegister,
 		Enabled:           config.Stats.Enabled,
@@ -80,7 +80,7 @@ func initDNS(baseLogger *slog.Logger, statsDir, querylogDir string) (err error)
 		FindClient:        Context.clients.findMultiple,
 		BaseDir:           querylogDir,
 		AnonymizeClientIP: config.DNS.AnonymizeClientIP,
-		RotationIvl:       time.Duration(config.QueryLog.Interval),
+		RotationIvl:       config.QueryLog.Interval.Duration,
 		MemSize:           config.QueryLog.MemSize,
 		Enabled:           config.QueryLog.Enabled,
 		FileEnabled:       config.QueryLog.FileEnabled,
@@ -243,7 +243,7 @@ func newServerConfig(
 		Config:                 fwdConf,
 		TLSConfig:              newDNSTLSConfig(tlsConf, hosts),
 		TLSAllowUnencryptedDoH: tlsConf.AllowUnencryptedDoH,
-		UpstreamTimeout:        time.Duration(dnsConf.UpstreamTimeout),
+		UpstreamTimeout:        dnsConf.UpstreamTimeout.Duration,
 		TLSv12Roots:            Context.tlsRoots,
 		ConfigModified:         onConfigModified,
 		HTTPRegister:           httpReg,

internal/home/home.go

@@ -167,13 +167,13 @@ func setupContext(opts options) (err error) {
 	if err != nil {
 		log.Error("parsing configuration file: %s", err)
 
-		os.Exit(osutil.ExitCodeFailure)
+		os.Exit(1)
 	}
 
 	if opts.checkConfig {
 		log.Info("configuration file is ok")
 
-		os.Exit(osutil.ExitCodeSuccess)
+		os.Exit(0)
 	}
 
 	return nil
@@ -522,20 +522,18 @@ func isUpdateEnabled(ctx context.Context, l *slog.Logger, opts *options, customU
 	}
 }
 
-// initWeb initializes the web module.  upd and baseLogger must not be nil.
+// initWeb initializes the web module.
 func initWeb(
 	ctx context.Context,
 	opts options,
 	clientBuildFS fs.FS,
 	upd *updater.Updater,
-	baseLogger *slog.Logger,
+	l *slog.Logger,
 	customURL bool,
 ) (web *webAPI, err error) {
-	logger := baseLogger.With(slogutil.KeyPrefix, "webapi")
-
 	var clientFS fs.FS
 	if opts.localFrontend {
-		logger.WarnContext(ctx, "using local frontend files")
+		log.Info("warning: using local frontend files")
 
 		clientFS = os.DirFS("build/static")
 	} else {
@@ -545,12 +543,10 @@ func initWeb(
 		}
 	}
 
-	disableUpdate := !isUpdateEnabled(ctx, baseLogger, &opts, customURL)
+	disableUpdate := !isUpdateEnabled(ctx, l, &opts, customURL)
 
 	webConf := &webConfig{
-		updater:    upd,
-		logger:     logger,
-		baseLogger: baseLogger,
+		updater: upd,
 
 		clientFS: clientFS,
 
@@ -566,7 +562,7 @@ func initWeb(
 		serveHTTP3:       config.DNS.ServeHTTP3,
 	}
 
-	web = newWebAPI(ctx, webConf)
+	web = newWebAPI(webConf, l)
 	if web == nil {
 		return nil, errors.Error("can not initialize web")
 	}
@@ -644,7 +640,7 @@ func run(opts options, clientBuildFS fs.FS, done chan struct{}) {
 		fatalOnError(err)
 
 		if config.HTTPConfig.Pprof.Enabled {
-			startPprof(slogLogger, config.HTTPConfig.Pprof.Port)
+			startPprof(config.HTTPConfig.Pprof.Port)
 		}
 	}
 
@@ -696,7 +692,7 @@ func run(opts options, clientBuildFS fs.FS, done chan struct{}) {
 		checkPermissions(ctx, slogLogger, Context.workDir, confPath, dataDir, statsDir, querylogDir)
 	}
 
-	Context.web.start(ctx)
+	Context.web.start()
 
 	// Wait for other goroutines to complete their job.
 	<-done
@@ -787,7 +783,7 @@ func initUsers() (auth *Auth, err error) {
 
 	trustedProxies := netutil.SliceSubnetSet(netutil.UnembedPrefixes(config.DNS.TrustedProxies))
 
-	sessionTTL := time.Duration(config.HTTPConfig.SessionTTL).Seconds()
+	sessionTTL := config.HTTPConfig.SessionTTL.Seconds()
 	auth = InitAuth(sessFilename, config.Users, uint32(sessionTTL), rateLimiter, trustedProxies)
 	if auth == nil {
 		return nil, errors.Error("initializing auth module failed")
@@ -807,15 +803,15 @@ func (c *configuration) anonymizer() (ipmut *aghnet.IPMut) {
 	return aghnet.NewIPMut(anonFunc)
 }
 
-// startMods initializes and starts the DNS server after installation.
-// baseLogger must not be nil.
-func startMods(baseLogger *slog.Logger) (err error) {
+// startMods initializes and starts the DNS server after installation.  l must
+// not be nil.
+func startMods(l *slog.Logger) (err error) {
 	statsDir, querylogDir, err := checkStatsAndQuerylogDirs(&Context, config)
 	if err != nil {
 		return err
 	}
 
-	err = initDNS(baseLogger, statsDir, querylogDir)
+	err = initDNS(l, statsDir, querylogDir)
 	if err != nil {
 		return err
 	}
@@ -988,7 +984,7 @@ func loadCmdLineOpts() (opts options) {
 			exitWithError()
 		}
 
-		os.Exit(osutil.ExitCodeSuccess)
+		os.Exit(0)
 	}
 
 	return opts

internal/home/options.go

@@ -10,7 +10,6 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/configmigrate"
 	"github.com/AdguardTeam/AdGuardHome/internal/version"
 	"github.com/AdguardTeam/golibs/log"
-	"github.com/AdguardTeam/golibs/osutil"
 	"github.com/AdguardTeam/golibs/stringutil"
 )
 
@@ -330,7 +329,7 @@ var cmdLineOpts = []cmdLineOpt{{
 				fmt.Println(version.Full())
 			}
 
-			os.Exit(osutil.ExitCodeSuccess)
+			os.Exit(0)
 
 			return nil
 		}, nil

internal/home/web.go

@@ -3,7 +3,6 @@ package home
 import (
 	"context"
 	"crypto/tls"
-	"fmt"
 	"io/fs"
 	"log/slog"
 	"net/http"
@@ -16,11 +15,9 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/updater"
 	"github.com/AdguardTeam/golibs/errors"
 	"github.com/AdguardTeam/golibs/log"
-	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/netutil"
 	"github.com/AdguardTeam/golibs/netutil/httputil"
 	"github.com/AdguardTeam/golibs/netutil/urlutil"
-	"github.com/AdguardTeam/golibs/osutil"
 	"github.com/NYTimes/gziphandler"
 	"github.com/quic-go/quic-go/http3"
 	"golang.org/x/net/http2"
@@ -42,13 +39,6 @@ const (
 type webConfig struct {
 	updater *updater.Updater
 
-	// logger is a slog logger used in webAPI. It must not be nil.
-	logger *slog.Logger
-
-	// baseLogger is used to create loggers for other entities.  It must not be
-	// nil.
-	baseLogger *slog.Logger
-
 	clientFS fs.FS
 
 	// BindAddr is the binding address with port for plain HTTP web interface.
@@ -104,26 +94,21 @@ type webAPI struct {
 	// logger is a slog logger used in webAPI. It must not be nil.
 	logger *slog.Logger
 
-	// baseLogger is used to create loggers for other entities.  It must not be
-	// nil.
-	baseLogger *slog.Logger
-
 	// httpsServer is the server that handles HTTPS traffic.  If it is not nil,
 	// [Web.http3Server] must also not be nil.
 	httpsServer httpsServer
 }
 
-// newWebAPI creates a new instance of the web UI and API server.  conf must be
-// valid.
+// newWebAPI creates a new instance of the web UI and API server.  l must not be
+// nil.
 //
 // TODO(a.garipov):  Return a proper error.
-func newWebAPI(ctx context.Context, conf *webConfig) (w *webAPI) {
-	conf.logger.InfoContext(ctx, "initializing")
+func newWebAPI(conf *webConfig, l *slog.Logger) (w *webAPI) {
+	log.Info("web: initializing")
 
 	w = &webAPI{
-		conf:       conf,
-		logger:     conf.logger,
-		baseLogger: conf.baseLogger,
+		conf:   conf,
+		logger: l,
 	}
 
 	clientFS := http.FileServer(http.FS(conf.clientFS))
@@ -133,11 +118,7 @@ func newWebAPI(ctx context.Context, conf *webConfig) (w *webAPI) {
 
 	// add handlers for /install paths, we only need them when we're not configured yet
 	if conf.firstRun {
-		conf.logger.InfoContext(
-			ctx,
-			"This is the first launch of AdGuard Home, redirecting everything to /install.html",
-		)
-
+		log.Info("This is the first launch of AdGuard Home, redirecting everything to /install.html ")
 		Context.mux.Handle("/install.html", preInstallHandler(clientFS))
 		w.registerInstallHandlers()
 	} else {
@@ -173,9 +154,7 @@ func webCheckPortAvailable(port uint16) (ok bool) {
 // tlsConfigChanged updates the TLS configuration and restarts the HTTPS server
 // if necessary.
 func (web *webAPI) tlsConfigChanged(ctx context.Context, tlsConf tlsConfigSettings) {
-	defer slogutil.RecoverAndExit(ctx, web.logger, osutil.ExitCodeFailure)
-
-	web.logger.DebugContext(ctx, "applying new tls configuration")
+	log.Debug("web: applying new tls configuration")
 
 	enabled := tlsConf.Enabled &&
 		tlsConf.PortHTTPS != 0 &&
@@ -186,7 +165,7 @@ func (web *webAPI) tlsConfigChanged(ctx context.Context, tlsConf tlsConfigSettin
 	if enabled {
 		cert, err = tls.X509KeyPair(tlsConf.CertificateChainData, tlsConf.PrivateKeyData)
 		if err != nil {
-			panic(err)
+			log.Fatal(err)
 		}
 	}
 
@@ -194,8 +173,8 @@ func (web *webAPI) tlsConfigChanged(ctx context.Context, tlsConf tlsConfigSettin
 	if web.httpsServer.server != nil {
 		var cancel context.CancelFunc
 		ctx, cancel = context.WithTimeout(ctx, shutdownTimeout)
-		shutdownSrv(ctx, web.logger, web.httpsServer.server)
-		shutdownSrv3(ctx, web.logger, web.httpsServer.server3)
+		shutdownSrv(ctx, web.httpsServer.server)
+		shutdownSrv3(web.httpsServer.server3)
 
 		cancel()
 	}
@@ -206,17 +185,12 @@ func (web *webAPI) tlsConfigChanged(ctx context.Context, tlsConf tlsConfigSettin
 	web.httpsServer.cond.L.Unlock()
 }
 
-// loggerKeyServer is the key used by [webAPI] to identify servers.
-const loggerKeyServer = "server"
-
 // start - start serving HTTP requests
-func (web *webAPI) start(ctx context.Context) {
-	defer slogutil.RecoverAndExit(ctx, web.logger, osutil.ExitCodeFailure)
-
-	web.logger.InfoContext(ctx, "AdGuard Home is available at the following addresses:")
+func (web *webAPI) start() {
+	log.Println("AdGuard Home is available at the following addresses:")
 
 	// for https, we have a separate goroutine loop
-	go web.tlsServerLoop(ctx)
+	go web.tlsServerLoop()
 
 	// this loop is used as an ability to change listening host and/or port
 	for !web.httpsServer.inShutdown {
@@ -226,19 +200,17 @@ func (web *webAPI) start(ctx context.Context) {
 		// Use an h2c handler to support unencrypted HTTP/2, e.g. for proxies.
 		hdlr := h2c.NewHandler(withMiddlewares(Context.mux, limitRequestBody), &http2.Server{})
 
-		logger := web.baseLogger.With(loggerKeyServer, "plain")
-
 		// Create a new instance, because the Web is not usable after Shutdown.
 		web.httpServer = &http.Server{
+			ErrorLog:          log.StdLog("web: plain", log.DEBUG),
 			Addr:              web.conf.BindAddr.String(),
 			Handler:           hdlr,
 			ReadTimeout:       web.conf.ReadTimeout,
 			ReadHeaderTimeout: web.conf.ReadHeaderTimeout,
 			WriteTimeout:      web.conf.WriteTimeout,
-			ErrorLog:          slog.NewLogLogger(logger.Handler(), slog.LevelError),
 		}
 		go func() {
-			defer slogutil.RecoverAndLog(ctx, web.logger)
+			defer log.OnPanic("web: plain")
 
 			errs <- web.httpServer.ListenAndServe()
 		}()
@@ -246,7 +218,7 @@ func (web *webAPI) start(ctx context.Context) {
 		err := <-errs
 		if !errors.Is(err, http.ErrServerClosed) {
 			cleanupAlways()
-			panic(err)
+			log.Fatal(err)
 		}
 
 		// We use ErrServerClosed as a sign that we need to rebind on a new
@@ -256,7 +228,7 @@ func (web *webAPI) start(ctx context.Context) {
 
 // close gracefully shuts down the HTTP servers.
 func (web *webAPI) close(ctx context.Context) {
-	web.logger.InfoContext(ctx, "stopping http server")
+	log.Info("stopping http server...")
 
 	web.httpsServer.cond.L.Lock()
 	web.httpsServer.inShutdown = true
@@ -266,16 +238,14 @@ func (web *webAPI) close(ctx context.Context) {
 	ctx, cancel = context.WithTimeout(ctx, shutdownTimeout)
 	defer cancel()
 
-	shutdownSrv(ctx, web.logger, web.httpsServer.server)
-	shutdownSrv3(ctx, web.logger, web.httpsServer.server3)
-	shutdownSrv(ctx, web.logger, web.httpServer)
+	shutdownSrv(ctx, web.httpsServer.server)
+	shutdownSrv3(web.httpsServer.server3)
+	shutdownSrv(ctx, web.httpServer)
 
-	web.logger.InfoContext(ctx, "stopped http server")
+	log.Info("stopped http server")
 }
 
-func (web *webAPI) tlsServerLoop(ctx context.Context) {
-	defer slogutil.RecoverAndExit(ctx, web.logger, osutil.ExitCodeFailure)
-
+func (web *webAPI) tlsServerLoop() {
 	for {
 		web.httpsServer.cond.L.Lock()
 		if web.httpsServer.inShutdown {
@@ -303,40 +273,38 @@ func (web *webAPI) tlsServerLoop(ctx context.Context) {
 		}()
 
 		addr := netip.AddrPortFrom(web.conf.BindAddr.Addr(), portHTTPS).String()
-		logger := web.baseLogger.With(loggerKeyServer, "https")
-
 		web.httpsServer.server = &http.Server{
-			Addr:    addr,
-			Handler: withMiddlewares(Context.mux, limitRequestBody),
+			ErrorLog: log.StdLog("web: https", log.DEBUG),
+			Addr:     addr,
 			TLSConfig: &tls.Config{
 				Certificates: []tls.Certificate{web.httpsServer.cert},
 				RootCAs:      Context.tlsRoots,
 				CipherSuites: Context.tlsCipherIDs,
 				MinVersion:   tls.VersionTLS12,
 			},
+			Handler:           withMiddlewares(Context.mux, limitRequestBody),
 			ReadTimeout:       web.conf.ReadTimeout,
 			ReadHeaderTimeout: web.conf.ReadHeaderTimeout,
 			WriteTimeout:      web.conf.WriteTimeout,
-			ErrorLog:          slog.NewLogLogger(logger.Handler(), slog.LevelError),
 		}
 
 		printHTTPAddresses(urlutil.SchemeHTTPS)
 
 		if web.conf.serveHTTP3 {
-			go web.mustStartHTTP3(ctx, addr)
+			go web.mustStartHTTP3(addr)
 		}
 
-		web.logger.DebugContext(ctx, "starting https server")
+		log.Debug("web: starting https server")
 		err := web.httpsServer.server.ListenAndServeTLS("", "")
 		if !errors.Is(err, http.ErrServerClosed) {
 			cleanupAlways()
-			panic(fmt.Errorf("https: %w", err))
+			log.Fatalf("web: https: %s", err)
 		}
 	}
 }
 
-func (web *webAPI) mustStartHTTP3(ctx context.Context, address string) {
-	defer slogutil.RecoverAndExit(ctx, web.logger, osutil.ExitCodeFailure)
+func (web *webAPI) mustStartHTTP3(address string) {
+	defer log.OnPanic("web: http3")
 
 	web.httpsServer.server3 = &http3.Server{
 		// TODO(a.garipov): See if there is a way to use the error log as
@@ -351,16 +319,16 @@ func (web *webAPI) mustStartHTTP3(ctx context.Context, address string) {
 		Handler: withMiddlewares(Context.mux, limitRequestBody),
 	}
 
-	web.logger.DebugContext(ctx, "starting http/3 server")
+	log.Debug("web: starting http/3 server")
 	err := web.httpsServer.server3.ListenAndServe()
 	if !errors.Is(err, http.ErrServerClosed) {
 		cleanupAlways()
-		panic(fmt.Errorf("http3: %w", err))
+		log.Fatalf("web: http3: %s", err)
 	}
 }
 
 // startPprof launches the debug and profiling server on the provided port.
-func startPprof(baseLogger *slog.Logger, port uint16) {
+func startPprof(port uint16) {
 	addr := netip.AddrPortFrom(netutil.IPv4Localhost(), port)
 
 	runtime.SetBlockProfileRate(1)
@@ -369,16 +337,13 @@ func startPprof(baseLogger *slog.Logger, port uint16) {
 	mux := http.NewServeMux()
 	httputil.RoutePprof(mux)
 
-	ctx := context.Background()
-	logger := baseLogger.With(slogutil.KeyPrefix, "pprof")
-
 	go func() {
-		defer slogutil.RecoverAndLog(ctx, logger)
+		defer log.OnPanic("pprof server")
 
-		logger.InfoContext(ctx, "listening", "addr", addr)
+		log.Info("pprof: listening on %q", addr)
 		err := http.ListenAndServe(addr.String(), mux)
 		if !errors.Is(err, http.ErrServerClosed) {
-			logger.ErrorContext(ctx, "shutting down", slogutil.KeyError, err)
+			log.Error("pprof: shutting down: %s", err)
 		}
 	}()
 }

internal/next/agh/agh.go

@@ -13,7 +13,6 @@ import (
 type ServiceWithConfig[ConfigType any] interface {
 	service.Interface
 
-	// Config returns a deep clone of the configuration of the service.
 	Config() (c ConfigType)
 }
 

internal/next/changelog.md

@@ -1,17 +1,15 @@
 # AdGuard Home v0.108.0 Changelog DRAFT
 
-This changelog should be merged into the main one once the next API matures enough.
+This changelog should be merged into the main one once the next API matures
+enough.
 
 ## [v0.108.0] - TODO
 
 ### Added
 
 - The ability to change the port of the pprof debug API.
-
 - The ability to log to stderr using `--logFile=stderr`.
-
 - The new `--web-addr` flag to set the Web UI address in a `host:port` form.
-
 - `SIGHUP` now reloads all configuration from the configuration file ([#5676]).
 
 ### Changed
@@ -22,21 +20,20 @@ This changelog should be merged into the main one once the next API matures enou
 
 #### Other changes
 
-- `-h` is now an alias for `--help` instead of the removed `--host`, see below. Use `--web-addr=host:port` to set an address on which to serve the Web UI.
+- `-h` is now an alias for `--help` instead of the removed `--host`, see below.
+  Use `--web-addr=host:port` to set an address on which to serve the Web UI.
 
 ### Fixed
 
 - `--check-config` breaking the configuration file ([#4067]).
-
 - Inconsistent application of `--work-dir/-w` ([#2598], [#2902]).
-
 - The order of `-v/--verbose` and `--version` being significant ([#2893]).
 
 ### Removed
 
 - The deprecated `--no-mem-optimization` and `--no-etc-hosts` flags.
-
-- `--host` and `-p/--port` flags.  Use `--web-addr=host:port` to set an address on which to serve the Web UI.  `-h` is now an alias for `--help`, see above.
+- `--host` and `-p/--port` flags.  Use `--web-addr=host:port` to set an address
+  on which to serve the Web UI.  `-h` is now an alias for `--help`, see above.
 
 [#2598]: https://github.com/AdguardTeam/AdGuardHome/issues/2598
 [#2893]: https://github.com/AdguardTeam/AdGuardHome/issues/2893

internal/next/configmgr/config.go

@@ -1,12 +1,12 @@
 package configmgr
 
 import (
+	"fmt"
 	"net/netip"
 
 	"github.com/AdguardTeam/golibs/container"
 	"github.com/AdguardTeam/golibs/errors"
 	"github.com/AdguardTeam/golibs/timeutil"
-	"github.com/AdguardTeam/golibs/validate"
 )
 
 // config is the top-level on-disk configuration structure.
@@ -19,10 +19,10 @@ type config struct {
 }
 
 // type check
-var _ validate.Interface = (*config)(nil)
+var _ validator = (*config)(nil)
 
-// Validate implements the [validate.Interface] interface for *config.
-func (c *config) Validate() (err error) {
+// validate implements the [validator] interface for *config.
+func (c *config) validate() (err error) {
 	if c == nil {
 		return errors.ErrNoValue
 	}
@@ -30,7 +30,7 @@ func (c *config) Validate() (err error) {
 	// TODO(a.garipov): Add more validations.
 
 	// Keep this in the same order as the fields in the config.
-	validators := container.KeyValues[string, validate.Interface]{{
+	validators := container.KeyValues[string, validator]{{
 		Key:   "dns",
 		Value: c.DNS,
 	}, {
@@ -41,12 +41,14 @@ func (c *config) Validate() (err error) {
 		Value: c.Log,
 	}}
 
-	var errs []error
 	for _, kv := range validators {
-		errs = validate.Append(errs, kv.Key, kv.Value)
+		err = kv.Value.validate()
+		if err != nil {
+			return fmt.Errorf("%s: %w", kv.Key, err)
+		}
 	}
 
-	return errors.Join(errs...)
+	return nil
 }
 
 // dnsConfig is the on-disk DNS configuration.
@@ -61,19 +63,21 @@ type dnsConfig struct {
 }
 
 // type check
-var _ validate.Interface = (*dnsConfig)(nil)
+var _ validator = (*dnsConfig)(nil)
 
-// Validate implements the [validate.Interface] interface for *dnsConfig.
+// validate implements the [validator] interface for *dnsConfig.
 //
 // TODO(a.garipov): Add more validations.
-func (c *dnsConfig) Validate() (err error) {
-	if c == nil {
-		return errors.ErrNoValue
-	}
-
+func (c *dnsConfig) validate() (err error) {
 	// TODO(a.garipov): Add more validations.
-
-	return validate.Positive("upstream_timeout", c.UpstreamTimeout)
+	switch {
+	case c == nil:
+		return errors.ErrNoValue
+	case c.UpstreamTimeout.Duration <= 0:
+		return newErrNotPositive("upstream_timeout", c.UpstreamTimeout)
+	default:
+		return nil
+	}
 }
 
 // httpConfig is the on-disk web API configuration.
@@ -88,23 +92,20 @@ type httpConfig struct {
 }
 
 // type check
-var _ validate.Interface = (*httpConfig)(nil)
+var _ validator = (*httpConfig)(nil)
 
-// Validate implements the [validate.Interface] interface for *httpConfig.
+// validate implements the [validator] interface for *httpConfig.
 //
 // TODO(a.garipov): Add more validations.
-func (c *httpConfig) Validate() (err error) {
-	if c == nil {
+func (c *httpConfig) validate() (err error) {
+	switch {
+	case c == nil:
 		return errors.ErrNoValue
+	case c.Timeout.Duration <= 0:
+		return newErrNotPositive("timeout", c.Timeout)
+	default:
+		return c.Pprof.validate()
 	}
-
-	errs := []error{
-		validate.Positive("timeout", c.Timeout),
-	}
-
-	errs = validate.Append(errs, "pprof", c.Pprof)
-
-	return errors.Join(errs...)
 }
 
 // httpPprofConfig is the on-disk pprof configuration.
@@ -114,10 +115,10 @@ type httpPprofConfig struct {
 }
 
 // type check
-var _ validate.Interface = (*httpPprofConfig)(nil)
+var _ validator = (*httpPprofConfig)(nil)
 
-// Validate implements the [validate.Interface] interface for *httpPprofConfig.
-func (c *httpPprofConfig) Validate() (err error) {
+// validate implements the [validator] interface for *httpPprofConfig.
+func (c *httpPprofConfig) validate() (err error) {
 	if c == nil {
 		return errors.ErrNoValue
 	}
@@ -127,17 +128,17 @@ func (c *httpPprofConfig) Validate() (err error) {
 
 // logConfig is the on-disk web API configuration.
 type logConfig struct {
-	// TODO(a.garipov):  Use.
+	// TODO(a.garipov): Use.
 	Verbose bool `yaml:"verbose"`
 }
 
 // type check
-var _ validate.Interface = (*logConfig)(nil)
+var _ validator = (*logConfig)(nil)
 
-// Validate implements the [validate.Interface] interface for *logConfig.
+// validate implements the [validator] interface for *logConfig.
 //
 // TODO(a.garipov): Add more validations.
-func (c *logConfig) Validate() (err error) {
+func (c *logConfig) validate() (err error) {
 	if c == nil {
 		return errors.ErrNoValue
 	}

internal/next/configmgr/configmgr.go

@@ -63,7 +63,7 @@ func Validate(fileName string) (err error) {
 		return err
 	}
 
-	err = conf.Validate()
+	err = conf.validate()
 	if err != nil {
 		return fmt.Errorf("validating config: %w", err)
 	}
@@ -105,7 +105,7 @@ func New(ctx context.Context, c *Config) (m *Manager, err error) {
 		return nil, err
 	}
 
-	err = conf.Validate()
+	err = conf.validate()
 	if err != nil {
 		return nil, fmt.Errorf("validating config: %w", err)
 	}
@@ -162,7 +162,7 @@ func (m *Manager) assemble(
 		BootstrapServers:    conf.DNS.BootstrapDNS,
 		UpstreamServers:     conf.DNS.UpstreamDNS,
 		DNS64Prefixes:       conf.DNS.DNS64Prefixes,
-		UpstreamTimeout:     time.Duration(conf.DNS.UpstreamTimeout),
+		UpstreamTimeout:     conf.DNS.UpstreamTimeout.Duration,
 		BootstrapPreferIPv6: conf.DNS.BootstrapPreferIPv6,
 		UseDNS64:            conf.DNS.UseDNS64,
 	}
@@ -185,7 +185,7 @@ func (m *Manager) assemble(
 		Addresses:       conf.HTTP.Addresses,
 		SecureAddresses: conf.HTTP.SecureAddresses,
 		OverrideAddress: webAddr,
-		Timeout:         time.Duration(conf.HTTP.Timeout),
+		Timeout:         conf.HTTP.Timeout.Duration,
 		ForceHTTPS:      conf.HTTP.ForceHTTPS,
 	}
 
@@ -266,7 +266,7 @@ func (m *Manager) updateCurrentDNS(c *dnssvc.Config) {
 	m.current.DNS.BootstrapDNS = slices.Clone(c.BootstrapServers)
 	m.current.DNS.UpstreamDNS = slices.Clone(c.UpstreamServers)
 	m.current.DNS.DNS64Prefixes = slices.Clone(c.DNS64Prefixes)
-	m.current.DNS.UpstreamTimeout = timeutil.Duration(c.UpstreamTimeout)
+	m.current.DNS.UpstreamTimeout = timeutil.Duration{Duration: c.UpstreamTimeout}
 	m.current.DNS.BootstrapPreferIPv6 = c.BootstrapPreferIPv6
 	m.current.DNS.UseDNS64 = c.UseDNS64
 }
@@ -318,6 +318,6 @@ func (m *Manager) updateCurrentWeb(c *websvc.Config) {
 
 	m.current.HTTP.Addresses = slices.Clone(c.Addresses)
 	m.current.HTTP.SecureAddresses = slices.Clone(c.SecureAddresses)
-	m.current.HTTP.Timeout = timeutil.Duration(c.Timeout)
+	m.current.HTTP.Timeout = timeutil.Duration{Duration: c.Timeout}
 	m.current.HTTP.ForceHTTPS = c.ForceHTTPS
 }

internal/next/configmgr/error.go

@@ -0,0 +1,31 @@
+package configmgr
+
+import (
+	"fmt"
+
+	"github.com/AdguardTeam/golibs/errors"
+	"github.com/AdguardTeam/golibs/timeutil"
+	"golang.org/x/exp/constraints"
+)
+
+// validator is the interface for configuration entities that can validate
+// themselves.
+type validator interface {
+	// validate returns an error if the entity isn't valid.
+	validate() (err error)
+}
+
+// numberOrDuration is the constraint for integer types along with
+// timeutil.Duration.
+type numberOrDuration interface {
+	constraints.Integer | timeutil.Duration
+}
+
+// newErrNotPositive returns an error about the value that must be positive but
+// isn't.  prop is the name of the property to mention in the error message.
+//
+// TODO(a.garipov): Consider moving such helpers to golibs and use in AdGuardDNS
+// as well.
+func newErrNotPositive[T numberOrDuration](prop string, v T) (err error) {
+	return fmt.Errorf("%s: %w, got %v", prop, errors.ErrNotPositive, v)
+}

internal/next/jsonpatch/jsonpatch.go

@@ -1,43 +0,0 @@
-// Package jsonpatch contains utilities for JSON Merge Patch APIs.
-//
-// See https://www.rfc-editor.org/rfc/rfc7396.
-package jsonpatch
-
-import (
-	"bytes"
-	"encoding/json"
-
-	"github.com/AdguardTeam/golibs/errors"
-)
-
-// NonRemovable is a type that prevents JSON null from being used to try and
-// remove a value.
-type NonRemovable[T any] struct {
-	Value T
-	IsSet bool
-}
-
-// type check
-var _ json.Unmarshaler = (*NonRemovable[struct{}])(nil)
-
-// UnmarshalJSON implements the [json.Unmarshaler] interface for *NonRemovable.
-func (v *NonRemovable[T]) UnmarshalJSON(b []byte) (err error) {
-	if v == nil {
-		return errors.Error("jsonpatch.NonRemovable is nil")
-	}
-
-	if bytes.Equal(b, []byte("null")) {
-		return errors.Error("property cannot be removed")
-	}
-
-	v.IsSet = true
-
-	return json.Unmarshal(b, &v.Value)
-}
-
-// Set sets ptr if the value has been provided.
-func (v NonRemovable[T]) Set(ptr *T) {
-	if v.IsSet {
-		*ptr = v.Value
-	}
-}

internal/next/jsonpatch/jsonpatch_test.go

@@ -1,29 +0,0 @@
-package jsonpatch_test
-
-import (
-	"encoding/json"
-	"testing"
-
-	"github.com/AdguardTeam/AdGuardHome/internal/next/jsonpatch"
-	"github.com/AdguardTeam/golibs/testutil"
-	"github.com/stretchr/testify/assert"
-)
-
-func TestNonRemovable(t *testing.T) {
-	type T struct {
-		Value jsonpatch.NonRemovable[int] `json:"value"`
-	}
-
-	var v T
-
-	err := json.Unmarshal([]byte(`{"value":null}`), &v)
-	testutil.AssertErrorMsg(t, "property cannot be removed", err)
-
-	err = json.Unmarshal([]byte(`{"value":42}`), &v)
-	assert.NoError(t, err)
-
-	var got int
-	v.Value.Set(&got)
-
-	assert.Equal(t, 42, got)
-}

internal/next/websvc/dns.go

@@ -5,9 +5,10 @@ import (
 	"fmt"
 	"net/http"
 	"net/netip"
+	"time"
 
 	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/jsonpatch"
+	"github.com/AdguardTeam/AdGuardHome/internal/next/dnssvc"
 )
 
 // ReqPatchSettingsDNS describes the request to the PATCH /api/v1/settings/dns
@@ -15,15 +16,13 @@ import (
 type ReqPatchSettingsDNS struct {
 	// TODO(a.garipov): Add more as we go.
 
-	Addresses        jsonpatch.NonRemovable[[]netip.AddrPort] `json:"addresses"`
-	BootstrapServers jsonpatch.NonRemovable[[]string]         `json:"bootstrap_servers"`
-	UpstreamServers  jsonpatch.NonRemovable[[]string]         `json:"upstream_servers"`
-	DNS64Prefixes    jsonpatch.NonRemovable[[]netip.Prefix]   `json:"dns64_prefixes"`
-
-	UpstreamTimeout jsonpatch.NonRemovable[aghhttp.JSONDuration] `json:"upstream_timeout"`
-
-	BootstrapPreferIPv6 jsonpatch.NonRemovable[bool] `json:"bootstrap_prefer_ipv6"`
-	UseDNS64            jsonpatch.NonRemovable[bool] `json:"use_dns64"`
+	Addresses           []netip.AddrPort     `json:"addresses"`
+	BootstrapServers    []string             `json:"bootstrap_servers"`
+	UpstreamServers     []string             `json:"upstream_servers"`
+	DNS64Prefixes       []netip.Prefix       `json:"dns64_prefixes"`
+	UpstreamTimeout     aghhttp.JSONDuration `json:"upstream_timeout"`
+	BootstrapPreferIPv6 bool                 `json:"bootstrap_prefer_ipv6"`
+	UseDNS64            bool                 `json:"use_dns64"`
 }
 
 // HTTPAPIDNSSettings are the DNS settings as used by the HTTP API.  See the
@@ -43,7 +42,13 @@ type HTTPAPIDNSSettings struct {
 // handlePatchSettingsDNS is the handler for the PATCH /api/v1/settings/dns HTTP
 // API.
 func (svc *Service) handlePatchSettingsDNS(w http.ResponseWriter, r *http.Request) {
-	req := &ReqPatchSettingsDNS{}
+	req := &ReqPatchSettingsDNS{
+		Addresses:        []netip.AddrPort{},
+		BootstrapServers: []string{},
+		UpstreamServers:  []string{},
+	}
+
+	// TODO(a.garipov): Validate nulls and proper JSON patch.
 
 	err := json.NewDecoder(r.Body).Decode(&req)
 	if err != nil {
@@ -52,20 +57,16 @@ func (svc *Service) handlePatchSettingsDNS(w http.ResponseWriter, r *http.Reques
 		return
 	}
 
-	dnsSvc := svc.confMgr.DNS()
-	newConf := dnsSvc.Config()
-
-	// TODO(a.garipov): Add more as we go.
-
-	req.Addresses.Set(&newConf.Addresses)
-	req.BootstrapServers.Set(&newConf.BootstrapServers)
-	req.UpstreamServers.Set(&newConf.UpstreamServers)
-	req.DNS64Prefixes.Set(&newConf.DNS64Prefixes)
-
-	req.UpstreamTimeout.Set((*aghhttp.JSONDuration)(&newConf.UpstreamTimeout))
-
-	req.BootstrapPreferIPv6.Set(&newConf.BootstrapPreferIPv6)
-	req.UseDNS64.Set(&newConf.UseDNS64)
+	newConf := &dnssvc.Config{
+		Logger:              svc.logger,
+		Addresses:           req.Addresses,
+		BootstrapServers:    req.BootstrapServers,
+		UpstreamServers:     req.UpstreamServers,
+		DNS64Prefixes:       req.DNS64Prefixes,
+		UpstreamTimeout:     time.Duration(req.UpstreamTimeout),
+		BootstrapPreferIPv6: req.BootstrapPreferIPv6,
+		UseDNS64:            req.UseDNS64,
+	}
 
 	ctx := r.Context()
 	err = svc.confMgr.UpdateDNS(ctx, newConf)

internal/next/websvc/dns_test.go

@@ -41,7 +41,7 @@ func TestService_HandlePatchSettingsDNS(t *testing.T) {
 				return nil
 			},
 			OnShutdown: func(_ context.Context) (err error) { panic("not implemented") },
-			OnConfig:   func() (c *dnssvc.Config) { return &dnssvc.Config{} },
+			OnConfig:   func() (c *dnssvc.Config) { panic("not implemented") },
 		}
 	}
 	confMgr.onUpdateDNS = func(ctx context.Context, c *dnssvc.Config) (err error) {

internal/next/websvc/http.go

@@ -10,7 +10,6 @@ import (
 
 	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
 	"github.com/AdguardTeam/AdGuardHome/internal/next/agh"
-	"github.com/AdguardTeam/AdGuardHome/internal/next/jsonpatch"
 	"github.com/AdguardTeam/golibs/logutil/slogutil"
 )
 
@@ -21,12 +20,9 @@ type ReqPatchSettingsHTTP struct {
 	//
 	// TODO(a.garipov): Add wait time.
 
-	Addresses       jsonpatch.NonRemovable[[]netip.AddrPort] `json:"addresses"`
-	SecureAddresses jsonpatch.NonRemovable[[]netip.AddrPort] `json:"secure_addresses"`
-
-	Timeout jsonpatch.NonRemovable[aghhttp.JSONDuration] `json:"timeout"`
-
-	ForceHTTPS jsonpatch.NonRemovable[bool] `json:"force_https"`
+	Addresses       []netip.AddrPort     `json:"addresses"`
+	SecureAddresses []netip.AddrPort     `json:"secure_addresses"`
+	Timeout         aghhttp.JSONDuration `json:"timeout"`
 }
 
 // HTTPAPIHTTPSettings are the HTTP settings as used by the HTTP API.  See the
@@ -45,6 +41,8 @@ type HTTPAPIHTTPSettings struct {
 func (svc *Service) handlePatchSettingsHTTP(w http.ResponseWriter, r *http.Request) {
 	req := &ReqPatchSettingsHTTP{}
 
+	// TODO(a.garipov): Validate nulls and proper JSON patch.
+
 	err := json.NewDecoder(r.Body).Decode(&req)
 	if err != nil {
 		aghhttp.WriteJSONResponseError(w, r, fmt.Errorf("decoding: %w", err))
@@ -52,14 +50,20 @@ func (svc *Service) handlePatchSettingsHTTP(w http.ResponseWriter, r *http.Reque
 		return
 	}
 
-	newConf := svc.Config()
-
-	// TODO(a.garipov): Add more as we go.
-
-	req.Addresses.Set(&newConf.Addresses)
-	req.SecureAddresses.Set(&newConf.SecureAddresses)
-	req.Timeout.Set((*aghhttp.JSONDuration)(&newConf.Timeout))
-	req.ForceHTTPS.Set(&newConf.ForceHTTPS)
+	newConf := &Config{
+		Logger: svc.logger,
+		Pprof: &PprofConfig{
+			Port:    svc.pprofPort,
+			Enabled: svc.pprof != nil,
+		},
+		ConfigManager:   svc.confMgr,
+		Frontend:        svc.frontend,
+		TLS:             svc.tls,
+		Addresses:       req.Addresses,
+		SecureAddresses: req.SecureAddresses,
+		Timeout:         time.Duration(req.Timeout),
+		ForceHTTPS:      svc.forceHTTPS,
+	}
 
 	aghhttp.WriteJSONResponseOK(w, r, &HTTPAPIHTTPSettings{
 		Addresses:       newConf.Addresses,

internal/next/websvc/path.go

@@ -0,0 +1,14 @@
+package websvc
+
+// Path constants
+const (
+	PathRoot     = "/"
+	PathFrontend = "/*filepath"
+
+	PathHealthCheck = "/health-check"
+
+	PathV1SettingsAll  = "/api/v1/settings/all"
+	PathV1SettingsDNS  = "/api/v1/settings/dns"
+	PathV1SettingsHTTP = "/api/v1/settings/http"
+	PathV1SystemInfo   = "/api/v1/system/info"
+)

internal/next/websvc/waitlistener.go

@@ -0,0 +1,31 @@
+package websvc
+
+import (
+	"net"
+	"sync"
+)
+
+// Wait Listener
+
+// waitListener is a wrapper around a listener that also calls wg.Done() on the
+// first call to Accept.  It is useful in situations where it is important to
+// catch the precise moment of the first call to Accept, for example when
+// starting an HTTP server.
+//
+// TODO(a.garipov): Move to aghnet?
+type waitListener struct {
+	net.Listener
+
+	firstAcceptWG   *sync.WaitGroup
+	firstAcceptOnce sync.Once
+}
+
+// type check
+var _ net.Listener = (*waitListener)(nil)
+
+// Accept implements the [net.Listener] interface for *waitListener.
+func (l *waitListener) Accept() (conn net.Conn, err error) {
+	l.firstAcceptOnce.Do(l.firstAcceptWG.Done)
+
+	return l.Listener.Accept()
+}

internal/next/websvc/waitlistener_internal_test.go

@@ -0,0 +1,40 @@
+package websvc
+
+import (
+	"net"
+	"sync"
+	"sync/atomic"
+	"testing"
+
+	"github.com/AdguardTeam/golibs/testutil/fakenet"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestWaitListener_Accept(t *testing.T) {
+	var accepted atomic.Bool
+	var l net.Listener = &fakenet.Listener{
+		OnAccept: func() (conn net.Conn, err error) {
+			accepted.Store(true)
+
+			return nil, nil
+		},
+		OnAddr:  func() (addr net.Addr) { panic("not implemented") },
+		OnClose: func() (err error) { panic("not implemented") },
+	}
+
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
+
+	go func() {
+		var wrapper net.Listener = &waitListener{
+			Listener:      l,
+			firstAcceptWG: wg,
+		}
+
+		_, _ = wrapper.Accept()
+	}()
+
+	wg.Wait()
+
+	assert.Eventually(t, accepted.Load, testTimeout, testTimeout/10)
+}

internal/next/websvc/websvc_internal_test.go

@@ -0,0 +1,6 @@
+package websvc
+
+import "time"
+
+// testTimeout is the common timeout for tests.
+const testTimeout = 1 * time.Second

internal/schedule/schedule.go

@@ -163,8 +163,8 @@ func (w *Weekly) UnmarshalYAML(value *yaml.Node) (err error) {
 	}
 	for i, d := range days {
 		r := dayRange{
-			start: time.Duration(d.Start),
-			end:   time.Duration(d.End),
+			start: d.Start.Duration,
+			end:   d.End.Duration,
 		}
 
 		err = w.validate(r)
@@ -255,32 +255,32 @@ func (w *Weekly) MarshalYAML() (v any, err error) {
 	return weeklyConfigYAML{
 		TimeZone: w.location.String(),
 		Sunday: dayConfigYAML{
-			Start: timeutil.Duration(w.days[time.Sunday].start),
-			End:   timeutil.Duration(w.days[time.Sunday].end),
+			Start: timeutil.Duration{Duration: w.days[time.Sunday].start},
+			End:   timeutil.Duration{Duration: w.days[time.Sunday].end},
 		},
 		Monday: dayConfigYAML{
-			Start: timeutil.Duration(w.days[time.Monday].start),
-			End:   timeutil.Duration(w.days[time.Monday].end),
+			Start: timeutil.Duration{Duration: w.days[time.Monday].start},
+			End:   timeutil.Duration{Duration: w.days[time.Monday].end},
 		},
 		Tuesday: dayConfigYAML{
-			Start: timeutil.Duration(w.days[time.Tuesday].start),
-			End:   timeutil.Duration(w.days[time.Tuesday].end),
+			Start: timeutil.Duration{Duration: w.days[time.Tuesday].start},
+			End:   timeutil.Duration{Duration: w.days[time.Tuesday].end},
 		},
 		Wednesday: dayConfigYAML{
-			Start: timeutil.Duration(w.days[time.Wednesday].start),
-			End:   timeutil.Duration(w.days[time.Wednesday].end),
+			Start: timeutil.Duration{Duration: w.days[time.Wednesday].start},
+			End:   timeutil.Duration{Duration: w.days[time.Wednesday].end},
 		},
 		Thursday: dayConfigYAML{
-			Start: timeutil.Duration(w.days[time.Thursday].start),
-			End:   timeutil.Duration(w.days[time.Thursday].end),
+			Start: timeutil.Duration{Duration: w.days[time.Thursday].start},
+			End:   timeutil.Duration{Duration: w.days[time.Thursday].end},
 		},
 		Friday: dayConfigYAML{
-			Start: timeutil.Duration(w.days[time.Friday].start),
-			End:   timeutil.Duration(w.days[time.Friday].end),
+			Start: timeutil.Duration{Duration: w.days[time.Friday].start},
+			End:   timeutil.Duration{Duration: w.days[time.Friday].end},
 		},
 		Saturday: dayConfigYAML{
-			Start: timeutil.Duration(w.days[time.Saturday].start),
-			End:   timeutil.Duration(w.days[time.Saturday].end),
+			Start: timeutil.Duration{Duration: w.days[time.Saturday].start},
+			End:   timeutil.Duration{Duration: w.days[time.Saturday].end},
 		},
 	}, nil
 }

internal/stats/http.go

@@ -63,7 +63,11 @@ func (s *StatsCtx) handleStats(w http.ResponseWriter, r *http.Request) {
 		resp, ok = s.getData(uint32(s.limit.Hours()))
 	}()
 
-	s.logger.DebugContext(ctx, "prepared data", "elapsed", time.Since(start))
+	s.logger.DebugContext(
+		ctx,
+		"prepared data",
+		"elapsed", timeutil.Duration{Duration: time.Since(start)},
+	)
 
 	if !ok {
 		// Don't bring the message to the lower case since it's a part of UI

internal/tools/go.mod

@@ -1,6 +1,6 @@
 module github.com/AdguardTeam/AdGuardHome/internal/tools
 
-go 1.23.5
+go 1.23.4
 
 require (
 	github.com/fzipp/gocyclo v0.6.0
@@ -9,8 +9,8 @@ require (
 	github.com/jstemmer/go-junit-report/v2 v2.1.0
 	github.com/kisielk/errcheck v1.8.0
 	github.com/securego/gosec/v2 v2.21.4
-	github.com/uudashr/gocognit v1.2.0
-	golang.org/x/tools v0.28.0
+	github.com/uudashr/gocognit v1.1.3
+	golang.org/x/tools v0.27.0
 	golang.org/x/vuln v1.1.3
 	honnef.co/go/tools v0.5.1
 	mvdan.cc/gofumpt v0.7.0
@@ -21,7 +21,7 @@ require (
 require (
 	cloud.google.com/go v0.116.0 // indirect
 	cloud.google.com/go/ai v0.9.0 // indirect
-	cloud.google.com/go/auth v0.12.1 // indirect
+	cloud.google.com/go/auth v0.11.0 // indirect
 	cloud.google.com/go/auth/oauth2adapt v0.2.6 // indirect
 	cloud.google.com/go/compute/metadata v0.5.2 // indirect
 	cloud.google.com/go/longrunning v0.6.3 // indirect
@@ -30,7 +30,8 @@ require (
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
-	github.com/google/generative-ai-go v0.19.0 // indirect
+	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
+	github.com/google/generative-ai-go v0.18.0 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/renameio/v2 v2.0.0 // indirect
 	github.com/google/s2a-go v0.1.8 // indirect
@@ -40,27 +41,28 @@ require (
 	github.com/gookit/color v1.5.4 // indirect
 	github.com/rogpeppe/go-internal v1.13.1 // indirect
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
+	go.opencensus.io v0.24.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.57.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0 // indirect
 	go.opentelemetry.io/otel v1.32.0 // indirect
 	go.opentelemetry.io/otel/metric v1.32.0 // indirect
 	go.opentelemetry.io/otel/trace v1.32.0 // indirect
-	golang.org/x/crypto v0.31.0 // indirect
-	golang.org/x/exp v0.0.0-20241210194714-1829a127f884 // indirect
-	golang.org/x/exp/typeparams v0.0.0-20241210194714-1829a127f884 // indirect
+	golang.org/x/crypto v0.29.0 // indirect
+	golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f // indirect
+	golang.org/x/exp/typeparams v0.0.0-20241108190413-2d47ceb2692f // indirect
 	golang.org/x/mod v0.22.0 // indirect
-	golang.org/x/net v0.32.0 // indirect
+	golang.org/x/net v0.31.0 // indirect
 	golang.org/x/oauth2 v0.24.0 // indirect
-	golang.org/x/sync v0.10.0 // indirect
-	golang.org/x/sys v0.28.0 // indirect
-	golang.org/x/telemetry v0.0.0-20241204182053-c0ac0e154df3 // indirect
-	golang.org/x/term v0.27.0 // indirect
-	golang.org/x/text v0.21.0 // indirect
+	golang.org/x/sync v0.9.0 // indirect
+	golang.org/x/sys v0.27.0 // indirect
+	golang.org/x/telemetry v0.0.0-20241108154256-525ce2e96f55 // indirect
+	golang.org/x/term v0.26.0 // indirect
+	golang.org/x/text v0.20.0 // indirect
 	golang.org/x/time v0.8.0 // indirect
-	google.golang.org/api v0.211.0 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect
-	google.golang.org/grpc v1.68.1 // indirect
+	google.golang.org/api v0.209.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20241202173237-19429a94021a // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a // indirect
+	google.golang.org/grpc v1.68.0 // indirect
 	google.golang.org/protobuf v1.35.2 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	mvdan.cc/editorconfig v0.3.0 // indirect

internal/tools/go.sum

@@ -1,21 +1,31 @@
+cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.116.0 h1:B3fRrSDkLRt5qSHWe40ERJvhvnQwdZiHu0bJOpldweE=
 cloud.google.com/go v0.116.0/go.mod h1:cEPSRWPzZEswwdr9BxE6ChEn01dWlTaF05LiC2Xs70U=
 cloud.google.com/go/ai v0.9.0 h1:r1Ig8O8+Qr3Ia3WfoO+gokD0fxB2Rk4quppuKjmGMsY=
 cloud.google.com/go/ai v0.9.0/go.mod h1:28bKM/oxmRgxmRgI1GLumFv+NSkt+DscAg/gF+54zzY=
-cloud.google.com/go/auth v0.12.1 h1:n2Bj25BUMM0nvE9D2XLTiImanwZhO3DkfWSYS/SAJP4=
-cloud.google.com/go/auth v0.12.1/go.mod h1:BFMu+TNpF3DmvfBO9ClqTR/SiqVIm7LukKF9mbendF4=
+cloud.google.com/go/auth v0.11.0 h1:Ic5SZz2lsvbYcWT5dfjNWgw6tTlGi2Wc8hyQSC9BstA=
+cloud.google.com/go/auth v0.11.0/go.mod h1:xxA5AqpDrvS+Gkmo9RqrGGRh6WSNKKOXhY3zNOr38tI=
 cloud.google.com/go/auth/oauth2adapt v0.2.6 h1:V6a6XDu2lTwPZWOawrAa9HUK+DB2zfJyTuciBG5hFkU=
 cloud.google.com/go/auth/oauth2adapt v0.2.6/go.mod h1:AlmsELtlEBnaNTL7jCj8VQFLy6mbZv0s4Q7NGBeQ5E8=
 cloud.google.com/go/compute/metadata v0.5.2 h1:UxK4uu/Tn+I3p2dYWTfiX4wva7aYlKixAHn3fyqngqo=
 cloud.google.com/go/compute/metadata v0.5.2/go.mod h1:C66sj2AluDcIqakBq/M8lw8/ybHgOZqin2obFxa/E5k=
 cloud.google.com/go/longrunning v0.6.3 h1:A2q2vuyXysRcwzqDpMMLSI6mb6o39miS52UEG/Rd2ng=
 cloud.google.com/go/longrunning v0.6.3/go.mod h1:k/vIs83RN4bE3YCswdXC5PFfWVILjm3hpEUlSko4PiI=
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c h1:pxW6RcqyfI9/kWtOwnv/G+AzdKuy2ZrqINhenH4HyNs=
 github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
 github.com/ccojocar/zxcvbn-go v1.0.2 h1:na/czXU8RrhXO4EZme6eQJLR4PzcGsahsBOAwU6I3Vg=
 github.com/ccojocar/zxcvbn-go v1.0.2/go.mod h1:g1qkXtUSvHP8lhHp5GrSmTz6uWALGRMQdw6Qnz/hi60=
+github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
+github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
+github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
+github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
 github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/fzipp/gocyclo v0.6.0 h1:lsblElZG7d3ALtGMx9fmxeTKZaLLpU8mET09yN4BBLo=
@@ -29,14 +39,34 @@ github.com/go-quicktest/qt v1.101.0 h1:O1K29Txy5P2OK0dGo59b7b0LR6wKfIhttaAhHUyn7
 github.com/go-quicktest/qt v1.101.0/go.mod h1:14Bz/f7NwaXPtdYEgzsx46kqSxVwTbzVZsDC26tQJow=
 github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
 github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
+github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ=
+github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw=
+github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
+github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
+github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
+github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
+github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
+github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
+github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
 github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
 github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
 github.com/golangci/misspell v0.6.0 h1:JCle2HUTNWirNlDIAUO44hUsKhOFqGPoC4LZxlaSXDs=
 github.com/golangci/misspell v0.6.0/go.mod h1:keMNyY6R9isGaSAu+4Q8NMBwMPkh15Gtc8UCVoDtAWo=
-github.com/google/generative-ai-go v0.19.0 h1:R71szggh8wHMCUlEMsW2A/3T+5LdEIkiaHSYgSpUgdg=
-github.com/google/generative-ai-go v0.19.0/go.mod h1:JYolL13VG7j79kM5BtHz4qwONHkeJQzOCkKXnpqtS/E=
+github.com/google/generative-ai-go v0.18.0 h1:6ybg9vOCLcI/UpBBYXOTVgvKmcUKFRNj+2Cj3GnebSo=
+github.com/google/generative-ai-go v0.18.0/go.mod h1:JYolL13VG7j79kM5BtHz4qwONHkeJQzOCkKXnpqtS/E=
 github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786 h1:rcv+Ippz6RAtvaGgKxc+8FQIpxHgsF+HBzPyYL2cyVU=
 github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786/go.mod h1:apVn/GCasLZUVpAJ6oWAuyP7Ne7CEsQbTnc0plM3m+o=
+github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
+github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
@@ -48,6 +78,7 @@ github.com/google/renameio/v2 v2.0.0 h1:UifI23ZTGY8Tt29JbYFiuyIU3eX+RNFtUwefq9qA
 github.com/google/renameio/v2 v2.0.0/go.mod h1:BtmJXm5YlszgC+TD4HOEEUFgkJP3nLxehU6hfe7jRt4=
 github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM=
 github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA=
+github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/googleapis/enterprise-certificate-proxy v0.3.4 h1:XYIDZApgAnrN1c855gTgghdIA6Stxb52D5RnLI1SLyw=
@@ -72,19 +103,28 @@ github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8=
 github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
 github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
 github.com/securego/gosec/v2 v2.21.4 h1:Le8MSj0PDmOnHJgUATjD96PaXRvCpKC+DGJvwyy0Mlk=
 github.com/securego/gosec/v2 v2.21.4/go.mod h1:Jtb/MwRQfRxCXyCm1rfM1BEiiiTfUOdyzzAhlr6lUTA=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
 github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/uudashr/gocognit v1.2.0 h1:3BU9aMr1xbhPlvJLSydKwdLN3tEUUrzPSSM8S4hDYRA=
-github.com/uudashr/gocognit v1.2.0/go.mod h1:k/DdKPI6XBZO1q7HgoV2juESI2/Ofj9AcHPZhBBdrTU=
+github.com/uudashr/gocognit v1.1.3 h1:l+a111VcDbKfynh+airAy/DJQKaXh2m9vkoysMPSZyM=
+github.com/uudashr/gocognit v1.1.3/go.mod h1:aKH8/e8xbTRBwjbCkwZ8qt4l2EpKXl31KMHgSS+lZ2U=
 github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=
 github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
+go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.57.0 h1:qtFISDHKolvIxzSs0gIaiPUPR0Cucb0F2coHC7ZLdps=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.57.0/go.mod h1:Y+Pop1Q6hCOnETWTW4NROK/q1hv50hM7yDaUTjG8lp8=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0 h1:DheMAlT6POBP+gh8RUH19EOTnQIor5QE0uSRPtzCpSw=
@@ -97,68 +137,110 @@ go.opentelemetry.io/otel/trace v1.32.0 h1:WIC9mYrXf8TmY/EXuULKc8hR17vE+Hjv2cssQD
 go.opentelemetry.io/otel/trace v1.32.0/go.mod h1:+i4rkvCraA+tG6AzwloGaCtkx53Fa+L+V8e9a7YvhT8=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
-golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
-golang.org/x/exp v0.0.0-20241210194714-1829a127f884 h1:Y/Mj/94zIQQGHVSv1tTtQBDaQaJe62U9bkDZKKyhPCU=
-golang.org/x/exp v0.0.0-20241210194714-1829a127f884/go.mod h1:qj5a5QZpwLU2NLQudwIN5koi3beDhSAlJwa67PuM98c=
-golang.org/x/exp/typeparams v0.0.0-20241210194714-1829a127f884 h1:1xaZTydL5Gsg78QharTwKfA9FY9CZ1VQj6D/AZEvHR0=
-golang.org/x/exp/typeparams v0.0.0-20241210194714-1829a127f884/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
+golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
+golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f h1:XdNn9LlyWAhLVp6P/i8QYBW+hlyhrhei9uErw2B5GJo=
+golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:D5SMRVC3C2/4+F/DB1wZsLRnSNimn2Sp/NPsCrsv8ak=
+golang.org/x/exp/typeparams v0.0.0-20241108190413-2d47ceb2692f h1:WTyX8eCCyfdqiPYkRGm0MqElSfYFH3yR1+rl/mct9sA=
+golang.org/x/exp/typeparams v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
+golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
 golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
+golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
-golang.org/x/net v0.32.0 h1:ZqPmj8Kzc+Y6e0+skZsuACbx+wzMgo5MQsJh9Qd6aYI=
-golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs=
+golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
+golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE=
 golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
-golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
+golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
-golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/telemetry v0.0.0-20241204182053-c0ac0e154df3 h1:rCLsPBq7l0E9Z451UgkWFkaWYhgt7dGmAlpD6hLjK5I=
-golang.org/x/telemetry v0.0.0-20241204182053-c0ac0e154df3/go.mod h1:8h4Hgq+jcTvCDv2+i7NrfWwpYHcESleo2nGHxLbFLJ4=
+golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
+golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/telemetry v0.0.0-20241108154256-525ce2e96f55 h1:ZZOVC4W26kVZSAW314SD81pWtiRgWNMbZsgLqKXx9lE=
+golang.org/x/telemetry v0.0.0-20241108154256-525ce2e96f55/go.mod h1:7Vh679jcBo81KQrd4wo0gKov7BE6IHwu1tEhHxHNM30=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
-golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
+golang.org/x/term v0.26.0 h1:WEQa6V3Gja/BhNxg540hBip/kkaYtRg3cxg4oXSw4AU=
+golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
-golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
+golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
+golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
 golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg=
 golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.28.0 h1:WuB6qZ4RPCQo5aP3WdKZS7i595EdWqWR8vqJTlwTVK8=
-golang.org/x/tools v0.28.0/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw=
+golang.org/x/tools v0.27.0 h1:qEKojBykQkQ4EynWy4S8Weg69NumxKdn40Fce3uc/8o=
+golang.org/x/tools v0.27.0/go.mod h1:sUi0ZgbwW9ZPAq26Ekut+weQPR5eIM6GQLQ1Yjm1H0Q=
 golang.org/x/vuln v1.1.3 h1:NPGnvPOTgnjBc9HTaUx+nj+EaUYxl5SJOWqaDYGaFYw=
 golang.org/x/vuln v1.1.3/go.mod h1:7Le6Fadm5FOqE9C926BCD0g12NWyhg7cxV4BwcPFuNY=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/api v0.211.0 h1:IUpLjq09jxBSV1lACO33CGY3jsRcbctfGzhj+ZSE/Bg=
-google.golang.org/api v0.211.0/go.mod h1:XOloB4MXFH4UTlQSGuNUxw0UT74qdENK8d6JNsXKLi0=
-google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576 h1:CkkIfIt50+lT6NHAVoRYEyAvQGFM7xEwXUUywFvEb3Q=
-google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576/go.mod h1:1R3kvZ1dtP3+4p4d3G8uJ8rFk/fWlScl38vanWACI08=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 h1:8ZmaLZE4XWrtU3MyClkYqqtl6Oegr3235h7jxsDyqCY=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU=
-google.golang.org/grpc v1.68.1 h1:oI5oTa11+ng8r8XMMN7jAOmWfPZWbYpCFaMUTACxkM0=
-google.golang.org/grpc v1.68.1/go.mod h1:+q1XYFJjShcqn0QZHvCyeR4CXPA+llXIeUIfIe00waw=
+google.golang.org/api v0.209.0 h1:Ja2OXNlyRlWCWu8o+GgI4yUn/wz9h/5ZfFbKz+dQX+w=
+google.golang.org/api v0.209.0/go.mod h1:I53S168Yr/PNDNMi5yPnDc0/LGRZO6o7PoEbl/HY3CM=
+google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
+google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
+google.golang.org/genproto/googleapis/api v0.0.0-20241202173237-19429a94021a h1:OAiGFfOiA0v9MRYsSidp3ubZaBnteRUyn3xB2ZQ5G/E=
+google.golang.org/genproto/googleapis/api v0.0.0-20241202173237-19429a94021a/go.mod h1:jehYqy3+AhJU9ve55aNOaSml7wUXjF9x6z2LcCfpAhY=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a h1:hgh8P4EuoxpsuKMXX/To36nOFD7vixReXgn8lPGnt+o=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU=
+google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
+google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
+google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
+google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
+google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
+google.golang.org/grpc v1.68.0 h1:aHQeeJbo8zAkAa3pRzrVjZlbz6uSfeOXlJNQM0RAbz0=
+google.golang.org/grpc v1.68.0/go.mod h1:fmSPC5AsjSBCK54MyHRx48kpOti1/jRfOlwEWywNjWA=
+google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
+google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
+google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
+google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
+google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
+google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
 google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io=
 google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.5.1 h1:4bH5o3b5ZULQ4UrBmP+63W9r7qIkqJClEA9ko5YKx+I=
 honnef.co/go/tools v0.5.1/go.mod h1:e9irvo83WDG9/irijV44wr3tbhcFeRnfpVlRqVwpzMs=
 mvdan.cc/editorconfig v0.3.0 h1:D1D2wLYEYGpawWT5SpM5pRivgEgXjtEXwC9MWhEY0gQ=

openapi/README.md

@@ -1,27 +1,35 @@
 # AdGuard Home OpenAPI
 
-We are using [OpenAPI specification](https://swagger.io/docs/specification/about/) to generate AdGuard Home API specification.
+We are using
+[OpenAPI specification](https://swagger.io/docs/specification/about/)
+to generate AdGuard Home API specification.
 
-## How to edit the API spec
+## How To Edit The API Spec
 
-The easiest way would be to use [Swagger Editor](http://editor.swagger.io/) and just copy/paste the YAML file there.
+The easiest way would be to use
+[Swagger Editor](http://editor.swagger.io/)
+and just copy/paste the YAML file there.
 
-## How to read the API doc
+## How To Read The API Doc
 
 1. `yarn install`
 2. `yarn start`
-3. open `http://localhost:4000/`
+3. Open `http://localhost:4000/`
 
 ## Changelog
 
-[Here](CHANGELOG.md) we keep track of all non-compatible changes that are being made.
+[Here](CHANGELOG.md) we keep track of all non-compatible changes that are being
+made.
 
 ## Authentication
 
-If AdGuard Home’s web user is password-protected, a web client must use authentication mechanism when sending requests to server. Basic access authentication is the most simple method: a client must pass `Authorization` HTTP header along with all requests:
+If AdGuard Home's web user is password-protected, a web client must use
+authentication mechanism when sending requests to server.  Basic access
+authentication is the most simple method - a client must pass `Authorization`
+HTTP header along with all requests:
 
 ```http
 Authorization: Basic BASE64_DATA
 ```
 
-Where `BASE64_DATA` is base64-encoded data for `username:password` string.
+Where BASE64_DATA is base64-encoded data for `username:password` string.

openapi/openapi.yaml

@@ -934,9 +934,6 @@
           'description': 'OK.'
   '/clients/find':
     'get':
-      'deprecated': true
-      'description': >
-        Deprecated: Use `POST /clients/search` instead.
       'tags':
       - 'clients'
       'operationId': 'clientsFind'
@@ -960,26 +957,6 @@
             'application/json':
               'schema':
                 '$ref': '#/components/schemas/ClientsFindResponse'
-  '/clients/search':
-    'post':
-      'tags':
-      - 'clients'
-      'operationId': 'clientsSearch'
-      'summary': >
-        Get information about clients by their IP addresses, CIDRs, MAC addresses, or ClientIDs.
-      'requestBody':
-        'content':
-          'application/json':
-            'schema':
-              '$ref': '#/components/schemas/ClientsSearchRequest'
-        'required': true
-      'responses':
-        '200':
-          'description': 'OK.'
-          'content':
-            'application/json':
-              'schema':
-                '$ref': '#/components/schemas/ClientsFindResponse'
   '/access/list':
     'get':
       'operationId': 'accessList'
@@ -2501,11 +2478,9 @@
       'description': 'Network interface info'
       'required':
       - 'flags'
-      - 'gateway_ip'
       - 'hardware_address'
-      - 'ipv4_addresses'
-      - 'ipv6_addresses'
       - 'name'
+      - 'mtu'
       'properties':
         'flags':
           'type': 'string'
@@ -2514,28 +2489,18 @@
             the "|" character: "up", "broadcast", "loopback", "pointtopoint" and
             "multicast".
           'example': 'up|broadcast|multicast'
-        'gateway_ip':
-          'type': 'string'
-          'description': 'The IP address of the gateway.'
-          'example': '192.0.2.0'
         'hardware_address':
           'type': 'string'
           'example': '52:54:00:11:09:ba'
-        'ipv4_addresses':
-          'type': 'array'
-          'description': >
-            The addresses of the interface of v4 family.
-          'items':
-            'type': 'string'
-        'ipv6_addresses':
-          'type': 'array'
-          'description': >
-            The addresses of the interface of v6 family.
-          'items':
-            'type': 'string'
         'name':
           'type': 'string'
           'example': 'eth0'
+        'ip_addresses':
+          'type': 'array'
+          'items':
+            'type': 'string'
+        'mtu':
+          'type': 'integer'
     'AddressInfo':
       'type': 'object'
       'description': 'Port information'
@@ -2784,20 +2749,6 @@
       'properties':
         'name':
           'type': 'string'
-    'ClientsSearchRequest':
-      'type': 'object'
-      'description': 'Client search request'
-      'properties':
-        'clients':
-          'type': 'array'
-          'items':
-            '$ref': '#/components/schemas/ClientsSearchRequestItem'
-    'ClientsSearchRequestItem':
-      'type': 'object'
-      'properties':
-        'id':
-          'type': 'string'
-          'description': 'Client IP address, CIDR, MAC address, or ClientID'
     'ClientsFindResponse':
       'type': 'array'
       'description': 'Client search results.'

scripts/README.md

@@ -1,72 +1,96 @@
-# AdGuard Home scripts
+ #  AdGuard Home Scripts
 
-## `hooks/`: Git hooks
+##  `hooks/`: Git Hooks
 
-### Usage
+   ###  Usage
 
 Run `make init` from the project root.
 
-## `querylog/`: Query Log Helpers
 
-### Usage
 
-- `npm install`: install dependencies. Run this first.
+##  `querylog/`: Query Log Helpers
 
-- `npm run anonymize <source> <dst>`: read the query log from the `<source>` and write anonymized version to `<dst>`.
+   ###  Usage
 
-## `make/`: Makefile scripts
+ *  `npm install`: install dependencies.  Run this first.
+ *  `npm run anonymize <source> <dst>`: read the query log from the `<source>`
+    and write anonymized version to `<dst>`.
 
-The release channels are: `development` (the default), `edge`, `beta`, and `release`. If verbosity levels aren’t documented here, there are only two: `0`, don’t print anything, and `1`, be verbose.
 
-### `build-docker.sh`: Build a multi-architecture Docker image
+
+##  `make/`: Makefile scripts
+
+The release channels are: `development` (the default), `edge`, `beta`, and
+`release`.  If verbosity levels aren't documented here, there are only two: `0`,
+don't print anything, and `1`, be verbose.
+
+
+
+   ###  `build-docker.sh`: Build a multi-architecture Docker image
 
 Required environment:
 
-- `CHANNEL`: release channel, see above.
+ *  `CHANNEL`: release channel, see above.
 
-- `DIST_DIR`: the directory where a release has previously been built.
+ *  `DIST_DIR`: the directory where a release has previously been built.
 
-- `REVISION`: current Git revision.
+ *  `REVISION`: current Git revision.
 
-- `VERSION`: release version.
+ *  `VERSION`: release version.
 
 Optional environment:
 
-- `DOCKER_IMAGE_NAME`: the name of the resulting Docker container. By default it’s `adguardhome-dev`.
+ *  `DOCKER_IMAGE_NAME`: the name of the resulting Docker container.  By default
+    it's `adguardhome-dev`.
 
-- `DOCKER_OUTPUT`: the `--output` parameters. By default they are `type=image,name=${DOCKER_IMAGE_NAME},push=false`.
+ *  `DOCKER_OUTPUT`: the `--output` parameters.  By default they are
+    `type=image,name=${DOCKER_IMAGE_NAME},push=false`.
 
-- `SUDO`: allow users to use `sudo` or `doas` with `docker`. By default none is used.
+ *  `SUDO`: allow users to use `sudo` or `doas` with `docker`.  By default none
+    is used.
 
-### `build-release.sh`: Build a release for all platforms
+
+
+   ###  `build-release.sh`: Build a release for all platforms
 
 Required environment:
 
-- `CHANNEL`: release channel, see above.
+ *  `CHANNEL`: release channel, see above.
 
-- `GPG_KEY` and `GPG_KEY_PASSPHRASE`: data for `gpg`. Only required if `SIGN` is `1`.
+ *  `GPG_KEY` and `GPG_KEY_PASSPHRASE`: data for `gpg`.  Only required if `SIGN`
+    is `1`.
 
 Optional environment:
 
-- `ARCH` and `OS`: space-separated list of architectures and operating systems for which to build a release. For example, to build only for 64-bit ARM and AMD on Linux and Darwin:
+ *  `ARCH` and `OS`: space-separated list of architectures and operating systems
+    for which to build a release.  For example, to build only for 64-bit ARM and
+    AMD on Linux and Darwin:
 
     ```sh
     make ARCH='amd64 arm64' OS='darwin linux' … build-release
     ```
-
     The default value is `''`, which means build everything.
 
-- `DIST_DIR`: the directory to build a release into. The default value is `dist`.
+ *  `DIST_DIR`: the directory to build a release into.  The default value is
+    `dist`.
 
-- `GO`: set an alternative name for the Go compiler.
+ *  `GO`: set an alternative name for the Go compiler.
 
-- `SIGN`: `0` to not sign the resulting packages, `1` to sign. The default value is `1`.
+ *  `SIGN`: `0` to not sign the resulting packages, `1` to sign.  The default
+    value is `1`.
 
-- `VERBOSE`: `1` to be verbose, `2` to also print environment. This script calls `go-build.sh` with the verbosity level one level lower, so to get verbosity level `2` in `go-build.sh`, set this to `3` when calling `build-release.sh`.
+ *  `VERBOSE`: `1` to be verbose, `2` to also print environment.  This script
+    calls `go-build.sh` with the verbosity level one level lower, so to get
+    verbosity level `2` in `go-build.sh`, set this to `3` when calling
+    `build-release.sh`.
 
-- `VERSION`: release version. Will be set by `version.sh` if it is unset or if it has the default `Makefile` value of `v0.0.0`.
+ *  `VERSION`: release version.  Will be set by `version.sh` if it is unset or
+    if it has the default `Makefile` value of `v0.0.0`.
 
-We’re using Go’s [forward compatibility mechanism][go-toolchain] for updating the Go version. This means that if your `go` version is 1.21+ but is different from the one required by AdGuard Home, the `go` tool will automatically download the required version.
+We're using Go's [forward compatibility mechanism][go-toolchain] for updating
+the Go version.  This means that if your `go` version is 1.21+ but is different
+from the one required by AdGuard Home, the `go` tool will automatically download
+the required version.
 
 If you want to use the version installed on your builder, run:
 
@@ -79,164 +103,220 @@ and call `make` with `GOTOOLCHAIN=local`.
 
 [go-toolchain]: https://go.dev/blog/toolchain
 
-### `go-bench.sh`: Run backend benchmarks
+
+
+   ###  `go-bench.sh`: Run backend benchmarks
 
 Optional environment:
 
-- `GO`: set an alternative name for the Go compiler.
+ *  `GO`: set an alternative name for the Go compiler.
 
-- `TIMEOUT_FLAGS`: set timeout flags for tests. The default value is `--timeout=30s`.
+ *  `TIMEOUT_FLAGS`: set timeout flags for tests.  The default value is
+    `--timeout=30s`.
 
-- `VERBOSE`: verbosity level. `1` shows every command that is run and every Go package that is processed. `2` also shows subcommands and environment. The default value is `0`, don’t be verbose.
+ *  `VERBOSE`: verbosity level.  `1` shows every command that is run and every
+    Go package that is processed.  `2` also shows subcommands and environment.
+    The default value is `0`, don't be verbose.
 
-### `go-build.sh`: Build the backend
+
+
+   ###  `go-build.sh`: Build the backend
 
 Optional environment:
 
-- `GOAMD64`: architectural level for [AMD64][amd64]. The default value is `v1`.
+ *  `GOAMD64`: architectural level for [AMD64][amd64].  The default value is
+    `v1`.
 
-- `GOARM`: ARM processor options for the Go compiler.
+ *  `GOARM`: ARM processor options for the Go compiler.
 
-- `GOMIPS`: ARM processor options for the Go compiler.
+ *  `GOMIPS`: ARM processor options for the Go compiler.
 
-- `GO`: set an alternative name for the Go compiler.
+ *  `GO`: set an alternative name for the Go compiler.
 
-- `OUT`: output binary name.
+ *  `OUT`: output binary name.
 
-- `PARALLELISM`: set the maximum number of concurrently run build commands (that is, compiler, linker, etc.).
+ *  `PARALLELISM`: set the maximum number of concurrently run build commands
+    (that is, compiler, linker, etc.).
 
-- `SOURCE_DATE_EPOCH`: the [standardized][repr] environment variable for the Unix epoch time of the latest commit in the repository. If set, overrides the default obtained from Git. Useful for reproducible builds.
+ *  `SOURCE_DATE_EPOCH`: the [standardized][repr] environment variable for the
+    Unix epoch time of the latest commit in the repository.  If set, overrides
+    the default obtained from Git.  Useful for reproducible builds.
 
-- `VERBOSE`: verbosity level. `1` shows every command that is run and every Go package that is processed. `2` also shows subcommands and environment. The default value is `0`, don’t be verbose.
+ *  `VERBOSE`: verbosity level.  `1` shows every command that is run and every
+    Go package that is processed.  `2` also shows subcommands and environment.
+    The default value is `0`, don't be verbose.
 
-- `VERSION`: release version. Will be set by `version.sh` if it is unset or if it has the default `Makefile` value of `v0.0.0`.
+ *  `VERSION`: release version.  Will be set by `version.sh` if it is unset or
+    if it has the default `Makefile` value of `v0.0.0`.
 
 Required environment:
 
-- `CHANNEL`: release channel, see above.
+ *  `CHANNEL`: release channel, see above.
 
 [amd64]: https://github.com/golang/go/wiki/MinimumRequirements#amd64
 [repr]:  https://reproducible-builds.org/docs/source-date-epoch/
 
-### `go-deps.sh`: Install backend dependencies
+
+
+   ###  `go-deps.sh`: Install backend dependencies
 
 Optional environment:
 
-- `GO`: set an alternative name for the Go compiler.
+ *  `GO`: set an alternative name for the Go compiler.
 
-- `VERBOSE`: verbosity level. `1` shows every command that is run and every Go package that is processed. `2` also shows subcommands and environment. The default value is `0`, don’t be verbose.
+ *  `VERBOSE`: verbosity level.  `1` shows every command that is run and every
+    Go package that is processed.  `2` also shows subcommands and environment.
+    The default value is `0`, don't be verbose.
 
-### `go-fuzz.sh`: Run backend fuzz tests
+
+
+   ###  `go-fuzz.sh`: Run backend fuzz tests
 
 Optional environment:
 
-- `GO`: set an alternative name for the Go compiler.
+ *  `GO`: set an alternative name for the Go compiler.
 
-- `FUZZTIME_FLAGS`: set fuss flags for tests. The default value is `--fuzztime=20s`.
+ *  `FUZZTIME_FLAGS`: set fuss flags for tests.  The default value is
+    `--fuzztime=20s`.
 
-- `TIMEOUT_FLAGS`: set timeout flags for tests. The default value is `--timeout=30s`.
+ *  `TIMEOUT_FLAGS`: set timeout flags for tests.  The default value is
+    `--timeout=30s`.
 
-- `VERBOSE`: verbosity level. `1` shows every command that is run and every Go package that is processed. `2` also shows subcommands and environment. The default value is `0`, don’t be verbose.
+ *  `VERBOSE`: verbosity level.  `1` shows every command that is run and every
+    Go package that is processed.  `2` also shows subcommands and environment.
+    The default value is `0`, don't be verbose.
 
-### `go-lint.sh`: Run backend static analyzers
 
-Don’t forget to run `make go-tools` once first!
+
+   ###  `go-lint.sh`: Run backend static analyzers
+
+Don't forget to run `make go-tools` once first!
 
 Optional environment:
 
-- `EXIT_ON_ERROR`: if set to `0`, don’t exit the script after the first encountered error. The default value is `1`.
+ *  `EXIT_ON_ERROR`: if set to `0`, don't exit the script after the first
+    encountered error.  The default value is `1`.
 
-- `GO`: set an alternative name for the Go compiler.
+ *  `GO`: set an alternative name for the Go compiler.
 
-- `VERBOSE`: verbosity level. `1` shows every command that is run. `2` also shows subcommands. The default value is `0`, don’t be verbose.
+ *  `VERBOSE`: verbosity level.  `1` shows every command that is run.  `2` also
+    shows subcommands.  The default value is `0`, don't be verbose.
 
-### `go-test.sh`: Run backend tests
+
+
+   ###  `go-test.sh`: Run backend tests
 
 Optional environment:
 
-- `GO`: set an alternative name for the Go compiler.
+ *  `GO`: set an alternative name for the Go compiler.
 
-- `RACE`: set to `0` to not use the Go race detector. The default value is `1`, use the race detector.
+ *  `RACE`: set to `0` to not use the Go race detector.  The default value is
+    `1`, use the race detector.
 
-- `TIMEOUT_FLAGS`: set timeout flags for tests. The default value is `--timeout=30s`.
+ *  `TIMEOUT_FLAGS`: set timeout flags for tests.  The default value is
+    `--timeout=30s`.
 
-- `VERBOSE`: verbosity level. `1` shows every command that is run and every Go package that is processed. `2` also shows subcommands. The default value is `0`, don’t be verbose.
+ *  `VERBOSE`: verbosity level.  `1` shows every command that is run and every
+    Go package that is processed.  `2` also shows subcommands.  The default
+    value is `0`, don't be verbose.
 
-### `go-tools.sh`: Install backend tooling
 
-Installs the Go static analysis and other tools into `${PWD}/bin`. Either add `${PWD}/bin` to your `$PATH` before all other entries, or use the commands directly, or use the commands through `make` (for example, `make go-lint`).
+
+   ###  `go-tools.sh`: Install backend tooling
+
+Installs the Go static analysis and other tools into `${PWD}/bin`.  Either add
+`${PWD}/bin` to your `$PATH` before all other entries, or use the commands
+directly, or use the commands through `make` (for example, `make go-lint`).
 
 Optional environment:
 
-- `GO`: set an alternative name for the Go compiler.
+ *  `GO`: set an alternative name for the Go compiler.
 
-### `version.sh`: Generate And Print The Current Version
+
+
+   ###  `version.sh`: Generate And Print The Current Version
 
 Required environment:
 
-- `CHANNEL`: release channel, see above.
+ *  `CHANNEL`: release channel, see above.
 
-## `snap/`: Snapcraft scripts
 
-### `build.sh`
+
+##  `snap/`: Snapcraft scripts
+
+   ###  `build.sh`
 
 Builds the Snapcraft packages from the binaries created by `download.sh`.
 
-### `download.sh`
+   ###  `download.sh`
 
 Downloads the binaries to pack them into Snapcraft packages.
 
 Required environment:
 
-- `CHANNEL`: release channel, see above.
+ *  `CHANNEL`: release channel, see above.
 
-### `upload.sh`
+   ###  `upload.sh`
 
 Uploads the Snapcraft packages created by `build.sh`.
 
 Required environment:
 
-- `SNAPCRAFT_CHANNEL`: Snapcraft release channel: `edge`, `beta`, or `candidate`.
+ *  `SNAPCRAFT_CHANNEL`: Snapcraft release channel: `edge`, `beta`, or
+    `candidate`.
 
-- `SNAPCRAFT_STORE_CREDENTIALS`: Credentials for Snapcraft store.
+ *  `SNAPCRAFT_STORE_CREDENTIALS`: Credentials for Snapcraft store.
 
 Optional environment:
 
-- `SNAPCRAFT_CMD`: Overrides the Snapcraft command. Default: `snapcraft`.
+ *  `SNAPCRAFT_CMD`: Overrides the Snapcraft command.  Default: `snapcraft`.
 
-## `translations/`: Twosky Integration Script
 
-### Usage
 
-- `go run ./scripts/translations help`: print usage.
+##  `translations/`: Twosky Integration Script
 
-- `go run ./scripts/translations download [-n <count>]`: download and save all translations. `n` is optional flag where count is a number of concurrent downloads.
+   ###  Usage
 
-- `go run ./scripts/translations upload`: upload the base `en` locale.
+ *  `go run ./scripts/translations help`: print usage.
 
-- `go run ./scripts/translations summary`: show the current locales summary.
+ *  `go run ./scripts/translations download [-n <count>]`: download and save
+    all translations.  `n` is optional flag where count is a number of
+    concurrent downloads.
 
-- `go run ./scripts/translations unused`: show the list of unused strings.
+ *  `go run ./scripts/translations upload`: upload the base `en` locale.
 
-- `go run ./scripts/translations auto-add`: add locales with additions to the git and restore locales with deletions.
+ *  `go run ./scripts/translations summary`: show the current locales summary.
 
-After the download you’ll find the output locales in the `client/src/__locales/` directory.
+ *  `go run ./scripts/translations unused`: show the list of unused strings.
+
+ *  `go run ./scripts/translations auto-add`: add locales with additions to the
+    git and restore locales with deletions.
+
+After the download you'll find the output locales in the `client/src/__locales/`
+directory.
 
 Optional environment:
 
-- `DOWNLOAD_LANGUAGES`: set a list of specific languages to `download`. For example `ar be bg`. If it set to `blocker` then script will download only those languages, which need to be fully translated (`de en es fr it ja ko pt-br pt-pt ru zh-cn zh-tw`).
+ *  `DOWNLOAD_LANGUAGES`: set a list of specific languages to `download`.  For
+    example `ar be bg`.  If it set to `blocker` then script will download only
+    those languages, which need to be fully translated (`de en es fr it ja ko
+    pt-br pt-pt ru zh-cn zh-tw`).
 
-- `UPLOAD_LANGUAGE`: set an alternative language for `upload`.
+ *  `UPLOAD_LANGUAGE`: set an alternative language for `upload`.
 
-- `TWOSKY_URI`: set an alternative URL for `download` or `upload`.
+ *  `TWOSKY_URI`: set an alternative URL for `download` or `upload`.
 
-- `TWOSKY_PROJECT_ID`: set an alternative project ID for `download` or `upload`.
+ *  `TWOSKY_PROJECT_ID`: set an alternative project ID for `download` or
+    `upload`.
 
-## `companiesdb/`: Whotracks.me database converter
 
-A simple script that downloads and updates the companies DB in the `client` code from [the repo][companiesrepo].
 
-### Usage
+##  `companiesdb/`: Whotracks.me Database Converter
+
+A simple script that downloads and updates the companies DB in the `client`
+code from [the repo][companiesrepo].
+
+   ###  Usage
 
 ```sh
 sh ./scripts/companiesdb/download.sh
@@ -244,15 +324,19 @@ sh ./scripts/companiesdb/download.sh
 
 [companiesrepo]: https://github.com/AdguardTeam/companiesdb
 
-## `blocked-services/`: Blocked-services updater
 
-A simple script that downloads and updates the blocked services index from AdGuard’s [Hostlists Registry][reg].
+
+##  `blocked-services/`: Blocked Services Updater
+
+A simple script that downloads and updates the blocked services index from
+AdGuard's [Hostlists Registry][reg].
 
 Optional environment:
 
-- `URL`: the URL of the index file. By default it’s `https://adguardteam.github.io/HostlistsRegistry/assets/services.json`.
+ *  `URL`: the URL of the index file.  By default it's
+    `https://adguardteam.github.io/HostlistsRegistry/assets/services.json`.
 
-### Usage
+   ###  Usage
 
 ```sh
 go run ./scripts/blocked-services/main.go
@@ -260,15 +344,19 @@ go run ./scripts/blocked-services/main.go
 
 [reg]: https://github.com/AdguardTeam/HostlistsRegistry
 
-## `vetted-filters/`: Vetted-filters updater
 
-Similar to the one above, a script that downloads and updates the vetted filtering list data from AdGuard’s [Hostlists Registry][reg].
+
+##  `vetted-filters/`: Vetted Filters Updater
+
+Similar to the one above, a script that downloads and updates the vetted
+filtering list data from AdGuard's [Hostlists Registry][reg].
 
 Optional environment:
 
-- `URL`: the URL of the index file. By default it’s `https://adguardteam.github.io/HostlistsRegistry/assets/filters.json`.
+ *  `URL`: the URL of the index file.  By default it's
+    `https://adguardteam.github.io/HostlistsRegistry/assets/filters.json`.
 
-### Usage
+   ###  Usage
 
 ```sh
 go run ./scripts/vetted-filters/main.go

scripts/make/go-build.sh

@@ -133,14 +133,7 @@ if [ "$verbose" -gt '0' ]; then
 	"$go" env
 fi
 
-if [ "${COVER:-0}" -eq '1' ]; then
-	cover_flags='--cover=1'
-else
-	cover_flags='--cover=0'
-fi
-
 "$go" build \
-	"$cover_flags" \
 	--ldflags="$ldflags" \
 	"$race_flags" \
 	"$tags_flags" \

scripts/make/go-lint.sh

@@ -223,12 +223,6 @@ run_linter ineffassign ./...
 run_linter unparam ./...
 
 find . \
-	'(' \
-	-name 'node_modules' \
-	-type 'd' \
-	-prune \
-	')' \
-	-o \
 	-type 'f' \
 	'(' \
 	-name 'Makefile' \

scripts/make/md-lint.sh

@@ -8,21 +8,13 @@
 verbose="${VERBOSE:-0}"
 readonly verbose
 
-# Don't use -f, because we use globs in this script.
-set -e -u
+set -e -f -u
 
 if [ "$verbose" -gt '0' ]; then
 	set -x
 fi
 
-# TODO(e.burkov):  Add README.md and possibly AGHTechDoc.md.
-markdownlint \
-	./CHANGELOG.md \
-	./CONTRIBUTING.md \
-	./HACKING.md \
-	./SECURITY.md \
-	./internal/next/changelog.md \
-	./internal/dhcpd/*.md \
-	./openapi/*.md \
-	./scripts/*.md \
-	;
+# TODO(e.burkov):  Lint markdown documents within this project.
+# markdownlint \
+# 	./README.md \
+# 	;

scripts/translations/main.go

@@ -22,7 +22,6 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/aghos"
 	"github.com/AdguardTeam/golibs/errors"
 	"github.com/AdguardTeam/golibs/logutil/slogutil"
-	"github.com/AdguardTeam/golibs/osutil"
 )
 
 const (
@@ -125,12 +124,12 @@ Commands:
 	if addStr != "" {
 		fmt.Printf("%s\n%s\n", addStr, usageStr)
 
-		os.Exit(osutil.ExitCodeFailure)
+		os.Exit(1)
 	}
 
 	fmt.Println(usageStr)
 
-	os.Exit(osutil.ExitCodeSuccess)
+	os.Exit(0)
 }
 
 // twoskyConfig is the configuration structure for localization.