Merge release/1.5-alpha to main

.editorconfig

@@ -5,22 +5,21 @@ charset = utf-8
 end_of_line = lf
 insert_final_newline = true
 indent_style = space
-indent_size = 2
 
 [*.{ts,tsx}]
 indent_style = space
 indent_size = 2
-rulers = 90
+rulers = 100
 
 [*.{scss}]
 indent_style = space
 indent_size = 2
-rulers = 90
+rulers = 100
 
 [*.{html}]
 indent_style = space
 indent_size = 2
-rulers = 90
+rulers = 100
 
 [*.{json,yaml}]
 indent_style = space
@@ -30,4 +29,4 @@ rulers = 80
 [*.{rs}]
 indent_style = space
 indent_size = 4
-rulers = 90
+rulers = 100

.github/workflows/lint.yaml

@@ -1,38 +1,47 @@
-name: 'lint'
+name: "lint"
 
 on:
   push:
     branches:
       - main
       - dev
+      - "release/**"
+    paths-ignore:
+      - "*.md"
+      - "LICENSE"
   pull_request:
     branches:
       - main
       - dev
+      - "release/**"
+    paths-ignore:
+      - "*.md"
+      - "LICENSE"
 
 jobs:
   lint-web:
-    runs-on: [self-hosted, Linux, X64]
+    runs-on:
+      - codebuild-defguard-client-runner-${{ github.run_id }}-${{ github.run_attempt }}
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
-          submodules: 'recursive'
+          submodules: recursive
       - uses: actions/setup-node@v4
         with:
-          node-version: '20'
+          node-version: "22"
 
-      - uses: pnpm/action-setup@v2
+      - uses: pnpm/action-setup@v4
         with:
-          version: 9
+          version: 10
           run_install: false
 
       - name: Get pnpm store directory
         shell: bash
         run: |
           echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
 
-      - uses: actions/cache@v3
+      - uses: actions/cache@v4
         name: Setup pnpm cache
         with:
           path: ${{ env.STORE_PATH }}
@@ -43,11 +52,8 @@ jobs:
       - name: Install deps
         run: pnpm install --frozen-lockfile
 
-      - name: Run Eslint and Prettier Lint
+      - name: Run Biome and Prettier Lint
         run: pnpm lint
 
-      - name: Check TSC
-        run: pnpm tsc
-
       - name: Audit
         run: pnpm audit --prod

.github/workflows/release.yaml

@@ -1,4 +1,4 @@
-name: 'Build app and create release'
+name: "Build app and create release"
 on:
   push:
     tags:
@@ -12,15 +12,15 @@ jobs:
         architecture: [arm64, amd64]
     runs-on: [self-hosted, macOS]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           repository: WireGuard/wireguard-go
           ref: master
           fetch-depth: 0
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
-          go-version: '1.24'
+          go-version: "1.24"
       - name: Build wireguard-go binary
         run: make
         env:
@@ -71,26 +71,26 @@ jobs:
             deb_arch: amd64
             binary_arch: x86_64
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
-          submodules: 'recursive'
+          submodules: "recursive"
       - name: Write release version
         run: |
           VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1)
           echo Version: $VERSION
-          echo "VERSION=$VERSION" >> $GITHUB_ENV
-      - uses: actions/setup-node@v3
+          echo "VERSION=$VERSION" >> ${GITHUB_ENV}
+      - uses: actions/setup-node@v4
         with:
-          node-version: '20'
-      - uses: pnpm/action-setup@v2
+          node-version: "22"
+      - uses: pnpm/action-setup@v4
         with:
-          version: 9
+          version: 10
           run_install: false
       - name: Get pnpm store directory
         shell: bash
         run: |
-          echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
-      - uses: actions/cache@v3
+          echo "STORE_PATH=$(pnpm store path --silent)" >> ${GITHUB_ENV}
+      - uses: actions/cache@v4
         name: Setup pnpm cache
         with:
           path: ${{ env.STORE_PATH }}
@@ -103,21 +103,20 @@ jobs:
       - name: Install Linux dependencies
         run: |
           sudo apt-get update
-          sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.0-dev libappindicator3-dev librsvg2-dev patchelf libssl-dev unzip protobuf-compiler libprotobuf-dev rpm
+          sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.1-dev libayatana-appindicator3-dev librsvg2-dev patchelf libssl-dev libxdo-dev unzip protobuf-compiler libprotobuf-dev rpm
       - name: Build packages
         uses: tauri-apps/tauri-action@v0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: Create RPM
-        run: |
-          rpmbuild --build-in-place --define "_topdir $(pwd)" --define "version ${{ env.VERSION }}" -bb resources-linux/defguard-client.spec
+        with:
+          args: "--bundles deb,rpm"
       - name: Upload RPM
         uses: actions/upload-release-asset@v1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           upload_url: ${{ needs.create-release.outputs.upload_url }}
-          asset_path: RPMS/${{ matrix.binary_arch }}/defguard-client-${{ env.VERSION }}-1.${{ matrix.binary_arch }}.rpm
+          asset_path: src-tauri/target/release/bundle/rpm/defguard-client-${{ env.VERSION }}-1.${{ matrix.binary_arch }}.rpm
           asset_name: defguard-client-${{ env.VERSION }}-1.${{ matrix.binary_arch }}.rpm
           asset_content_type: application/octet-stream
       - name: Upload DEB
@@ -187,8 +186,8 @@ jobs:
       - name: Build dg deb
         uses: defGuard/fpm-action@main
         with:
-          fpm_args: 'dg-linux-${{ matrix.binary_arch }}-${{ github.ref_name }}=/usr/sbin/dg dg.service=/usr/lib/systemd/system/dg.service src-tauri/cli/.env=/etc/defguard/dg.conf'
-          fpm_opts: '--architecture ${{ matrix.binary_arch }} --debug --output-type deb --version ${{ env.VERSION }} --package dg-linux-${{ matrix.binary_arch }}-${{ github.ref_name }}.deb'
+          fpm_args: "dg-linux-${{ matrix.binary_arch }}-${{ github.ref_name }}=/usr/sbin/dg dg.service=/usr/lib/systemd/system/dg.service src-tauri/cli/.env=/etc/defguard/dg.conf"
+          fpm_opts: "--architecture ${{ matrix.binary_arch }} --debug --output-type deb --version ${{ env.VERSION }} --package dg-linux-${{ matrix.binary_arch }}-${{ github.ref_name }}.deb"
       - name: Upload DEB
         uses: actions/upload-release-asset@v1.0.2
         env:
@@ -201,8 +200,8 @@ jobs:
       - name: Build dg rpm
         uses: defGuard/fpm-action@main
         with:
-          fpm_args: 'dg-linux-${{ matrix.binary_arch }}-${{ github.ref_name }}=/usr/sbin/dg dg.service=/usr/lib/systemd/system/dg.service src-tauri/cli/.env=/etc/defguard/dg.conf'
-          fpm_opts: '--architecture ${{ matrix.binary_arch }} --debug --output-type rpm --version ${{ env.VERSION }} --package dg-linux-${{ matrix.binary_arch }}-${{ github.ref_name }}.rpm'
+          fpm_args: "dg-linux-${{ matrix.binary_arch }}-${{ github.ref_name }}=/usr/sbin/dg dg.service=/usr/lib/systemd/system/dg.service src-tauri/cli/.env=/etc/defguard/dg.conf"
+          fpm_opts: "--architecture ${{ matrix.binary_arch }} --debug --output-type rpm --version ${{ env.VERSION }} --package dg-linux-${{ matrix.binary_arch }}-${{ github.ref_name }}.rpm"
       - name: Upload RPM
         uses: actions/upload-release-asset@v1.0.2
         env:
@@ -225,30 +224,30 @@ jobs:
       - self-hosted
       - macOS
     env:
-      APPLE_SIGNING_IDENTITY_APPLICATION: 'Developer ID Application: defguard sp. z o.o. (82GZ7KN29J)'
-      APPLE_SIGNING_IDENTITY_INSTALLER: 'Developer ID Installer: defguard sp. z o.o. (82GZ7KN29J)'
-      APPLE_ID: 'kamil@defguard.net'
-      APPLE_TEAM_ID: '82GZ7KN29J'
+      APPLE_SIGNING_IDENTITY_APPLICATION: "Developer ID Application: defguard sp. z o.o. (82GZ7KN29J)"
+      APPLE_SIGNING_IDENTITY_INSTALLER: "Developer ID Installer: defguard sp. z o.o. (82GZ7KN29J)"
+      APPLE_ID: "kamil@defguard.net"
+      APPLE_TEAM_ID: "82GZ7KN29J"
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
-          submodules: 'recursive'
+          submodules: "recursive"
       - name: Write release version
         run: |
           VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1)
           echo Version: $VERSION
-          echo "VERSION=$VERSION" >> $GITHUB_ENV
-      - uses: actions/setup-node@v3
+          echo "VERSION=$VERSION" >> ${GITHUB_ENV}
+      - uses: actions/setup-node@v4
         with:
-          node-version: '20'
-      - uses: pnpm/action-setup@v2
+          node-version: "22"
+      - uses: pnpm/action-setup@v4
         with:
-          version: 9
+          version: 10
           run_install: false
       - name: Get pnpm store directory
         shell: bash
-        run: echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
-      - uses: actions/cache@v3
+        run: echo "STORE_PATH=$(pnpm store path --silent)" >> ${GITHUB_ENV}
+      - uses: actions/cache@v4
         name: Setup pnpm cache
         with:
           path: ${{ env.STORE_PATH }}
@@ -312,25 +311,25 @@ jobs:
       - create-release
     runs-on: windows-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
-          submodules: 'recursive'
+          submodules: "recursive"
       - name: Write release version
         run: |
           $env:VERSION=echo ($env:GITHUB_REF_NAME.Substring(1) -Split "-")[0]
           echo Version: $env:VERSION
           echo "VERSION=$env:VERSION" >> $env:GITHUB_ENV
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
-          node-version: '20'
-      - uses: pnpm/action-setup@v2
+          node-version: "22"
+      - uses: pnpm/action-setup@v4
         with:
-          version: 9
+          version: 10
           run_install: false
       - name: Get pnpm store directory
         shell: bash
-        run: echo "STORE_PATH=$(pnpm store path --silent)" >> $env:GITHUB_ENV
-      - uses: actions/cache@v3
+        run: echo "STORE_PATH=$(pnpm store path --silent)" >> ${GITHUB_ENV}
+      - uses: actions/cache@v4
         name: Setup pnpm cache
         with:
           path: ${{ env.STORE_PATH }}
@@ -376,7 +375,7 @@ jobs:
         run: |
           VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1)
           echo Version: $VERSION
-          echo "VERSION=$VERSION" >> $GITHUB_ENV
+          echo "VERSION=$VERSION" >> ${GITHUB_ENV}
       - name: Download unsigned bundle & burn-engine
         uses: actions/download-artifact@v4
         with:
@@ -422,7 +421,7 @@ jobs:
         run: |
           VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1)
           echo Version: $VERSION
-          echo "VERSION=$VERSION" >> $GITHUB_ENV
+          echo "VERSION=$VERSION" >> ${GITHUB_ENV}
       - name: Download unsigned bundle & signed burn-engine
         uses: actions/download-artifact@v4
         with:

.github/workflows/test.yml

@@ -5,13 +5,15 @@ on:
     branches:
       - main
       - dev
+      - 'release/**'
     paths-ignore:
       - '*.md'
       - 'LICENSE'
   pull_request:
     branches:
       - main
       - dev
+      - 'release/**'
     paths-ignore:
       - '*.md'
       - 'LICENSE'
@@ -21,30 +23,28 @@ env:
 
 jobs:
   test:
-    runs-on: [self-hosted, Linux, X64]
-    container: rust:1
+    runs-on:
+      - codebuild-defguard-client-runner-${{ github.run_id }}-${{ github.run_attempt }}
+
+    container:
+      image: public.ecr.aws/docker/library/rust:1
+      options: --user root
+
     defaults:
       run:
         working-directory: ./src-tauri
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           submodules: recursive
-      - name: Debug
-        run: echo ${{ github.ref_name }}
       - name: Cache
         uses: Swatinem/rust-cache@v2
       - name: Install required packages
         run: |
           apt-get update
-          apt-get install -y libgtk-3-dev libwebkit2gtk-4.0-dev libappindicator3-dev librsvg2-dev patchelf libssl-dev unzip
-      - name: Install protobuf compiler
-        run: |
-          PB_REL='https://github.com/protocolbuffers/protobuf/releases'
-          PB_VERSION='3.20.0' && curl -LO $PB_REL/download/v$PB_VERSION/protoc-$PB_VERSION-linux-x86_64.zip
-          unzip protoc-$PB_VERSION-linux-x86_64.zip bin/protoc include/google/* -d /usr/local
+          apt-get install -y libgtk-3-dev libwebkit2gtk-4.1-dev libayatana-appindicator3-dev librsvg2-dev patchelf libssl-dev libxdo-dev unzip protobuf-compiler
       - name: Check format
         run: |
           rustup component add rustfmt
@@ -55,8 +55,9 @@ jobs:
           rustup component add clippy
           cargo clippy --all-targets --all-features -- -D warnings
       - name: Run cargo deny
-        uses: EmbarkStudios/cargo-deny-action@v2
-        with:
-          manifest-path: ./src-tauri/Cargo.toml
+        working-directory: ./src-tauri
+        run: |
+          cargo install cargo-deny
+          cargo deny check
       - name: Run tests
         run: cargo test --locked --no-fail-fast

.gitignore

@@ -27,5 +27,11 @@ dist-ssr
 *.db-shm
 *.db-wal
 
+src-tauri/gen/
+
 .direnv
 .envrc
+.aider*
+
+# nix stuff
+result