Skip to content

WireGuard inbound: Support dynamic peer management#6360

Merged
RPRX merged 12 commits into
XTLS:mainfrom
bitwiresys:feat/wireguard-usermanager
Jun 27, 2026
Merged

WireGuard inbound: Support dynamic peer management#6360
RPRX merged 12 commits into
XTLS:mainfrom
bitwiresys:feat/wireguard-usermanager

Conversation

@bitwiresys

Copy link
Copy Markdown
Contributor

Problem

The WireGuard inbound only supports static peers defined in the JSON config. Every user change requires a full process restart, which breaks the standard xray API-driven user lifecycle used by panels and management tools (AddUserOperation / RemoveUserOperation via the gRPC management API).

Solution

This PR adds full proxy.UserManager support to the WireGuard inbound Server, enabling peers to be added and removed at runtime without restarting xray.

New file: proxy/wireguard/account.go

  • MemoryAccount — runtime peer credentials (public key, pre-shared key, allowed IPs). Implements protocol.Account (Equals / ToProto).
  • PeerConfig.AsAccount() — lets API callers use "@type": "xray.proxy.wireguard.PeerConfig" in AddUserOperation requests, consistent with how every other inbound protocol works.
  • buildPeerIPC / buildRemovePeerIPC — produce WireGuard IPC strings for device.Device.IpcSet.
  • parseFirstAddr — extracts a netip.Addr from a CIDR or plain address (used for the IP→user reverse lookup map).

Changes to proxy/wireguard/server.go

New fields on Server:

peers     sync.Map    // email (or pubkey) → *protocol.MemoryUser
peersByIP sync.Map    // netip.Addr → *protocol.MemoryUser
peerCount atomic.Int64

NewServer seeds peers / peersByIP from the static peer list so that GetUser / GetUsers work immediately for peers configured at startup.

HandleConnection tags each session's Inbound.User with the matching *protocol.MemoryUser when the tunnel source IP is in peersByIP. This makes the peer identity visible in access logs and enables per-user traffic stats through the existing stats.Manager.

UserManager methods:

Method Behaviour
AddUser Calls device.IpcSet to install the peer, then records it in the maps. Falls back to the public key when Email is empty.
RemoveUser Removes from maps, then calls IpcSet with remove=true.
GetUser Lock-free map lookup by email.
GetUsers Snapshot of all tracked peers.
GetUsersCount Atomic counter, no map scan.

New test files

  • account_test.go — covers MemoryAccount, PeerConfig.AsAccount, IPC helpers, and parseFirstAddr.
  • server_test.go — full coverage of all UserManager methods including error paths: duplicate add, IPC failure, wrong account type, peer not found. Uses a mockIpc injected via the unexported ipcOverride field so no live WireGuard device is required.
$ go test ./proxy/wireguard/... -v
--- PASS: TestPeerConfigAsAccount
--- PASS: TestMemoryAccountEquals
--- PASS: TestMemoryAccountToProto
--- PASS: TestBuildPeerIPC
--- PASS: TestBuildRemovePeerIPC
--- PASS: TestParseFirstAddr
--- PASS: TestStaticPeersSeededAtStartup
--- PASS: TestAddUser
--- PASS: TestAddUserFallsBackToPubKeyWhenEmailEmpty
--- PASS: TestAddUserDuplicate
--- PASS: TestAddUserWrongAccountType
--- PASS: TestAddUserIpcError
--- PASS: TestRemoveUser
--- PASS: TestRemoveUserNotFound
--- PASS: TestGetUserNotFound
--- PASS: TestGetUsers
--- PASS: TestGetUsersCount
--- PASS: TestPeersByIPPopulatedAndCleanedUp
PASS

Compatibility

The change is purely additive. No existing config field, API, or runtime behaviour is removed or altered. The static-peer path in Start() is untouched. Existing configs that do not use the management API continue to work exactly as before.

Example API usage

// Add a peer at runtime (xray management API)
{
  "op": "AddUserOperation",
  "user": {
    "email": "alice@example.com",
    "level": 0,
    "account": {
      "@type": "xray.proxy.wireguard.PeerConfig",
      "publicKey": "BASE64_PUBLIC_KEY",
      "allowedIps": ["10.0.0.2/32"]
    }
  }
}
// Remove a peer at runtime
{
  "op": "RemoveUserOperation",
  "email": "alice@example.com"
}

bitwiresys added 2 commits June 22, 2026 19:27
Add AddUser / RemoveUser / GetUser / GetUsers / GetUsersCount to the
WireGuard inbound Server so that peers can be inserted and removed at
runtime through the xray management API without restarting the process.

Problem
-------
The WireGuard inbound previously only supported static peers defined in
the JSON config. Every user change required a full process restart, which
breaks the standard xray API-driven user lifecycle (used by panels and
management tools that call AddUserOperation / RemoveUserOperation).

Solution
--------
* proxy/wireguard/account.go (new)
  - MemoryAccount: runtime peer credentials (public key, pre-shared key,
    allowed IPs). Implements protocol.Account (Equals / ToProto).
  - PeerConfig.AsAccount(): lets API callers use "@type":
    "xray.proxy.wireguard.PeerConfig" in AddUserOperation requests.
  - buildPeerIPC / buildRemovePeerIPC: produce the WireGuard IPC strings
    needed by device.Device.IpcSet to add and remove individual peers.
  - parseFirstAddr: extracts a netip.Addr from a CIDR or plain address
    (used to key the IP→user reverse lookup map).

* proxy/wireguard/server.go
  - Server gains three new fields:
      peers     sync.Map    // email (or pubkey) → *protocol.MemoryUser
      peersByIP sync.Map    // netip.Addr → *protocol.MemoryUser
      peerCount atomic.Int64
  - NewServer seeds peers/peersByIP from the static peer list so that
    GetUser / GetUsers work immediately without an explicit AddUser call
    for peers that were configured at startup.
  - HandleConnection tags each session's Inbound.User with the matching
    *protocol.MemoryUser when the tunnel source IP is in peersByIP. This
    makes the peer identity visible in access logs and enables per-user
    traffic stats through the existing stats.Manager infrastructure.
  - AddUser: calls device.IpcSet to install the peer into the running
    WireGuard device, then records the peer in the in-memory maps.
    Falls back to the public key as the email when Email is empty.
    Returns an error when the email is already registered.
  - RemoveUser: removes the peer from the maps, then calls IpcSet with
    "remove=true" to uninstall it from the device.
  - GetUser / GetUsers / GetUsersCount: read-only map lookups.
  - ipcOverride (unexported): test hook that substitutes a wgIpcSetter
    mock for the concrete *device.Device, keeping unit tests free of
    kernel-level WireGuard setup.

* proxy/wireguard/account_test.go (new)
  Tests for MemoryAccount, PeerConfig.AsAccount, buildPeerIPC,
  buildRemovePeerIPC, and parseFirstAddr.

* proxy/wireguard/server_test.go (new)
  Full coverage of AddUser / RemoveUser / GetUser / GetUsers /
  GetUsersCount including error paths (duplicate add, IPC error,
  wrong account type, peer not found).
  All 18 tests pass with go test ./proxy/wireguard/...

Compatibility
-------------
The change is additive: no existing API, config field, or behaviour is
removed or altered. The static-peer path in Start() is unchanged. Panels
that do not call the management API continue to work exactly as before.
Fix check-format CI failure: gofumpt requires multi-field anonymous
structs to use the expanded form (one field per line), aligned comments
must not have extra spaces beyond a single space, and function call
arguments with trailing variadic elements must have the closing paren on
its own line.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@LjhAUMEM

Copy link
Copy Markdown
Collaborator

UAPI 的使用方式看起来不错,但整体实现还是太丑陋了,另外这两个文件的作用是?
image

These belong to our private deployment pipeline, not to this PR.
@bitwiresys

Copy link
Copy Markdown
Contributor Author

Hi @LjhAUMEM, thanks for the review!

These two files (.gitlab-ci.yml and Dockerfile.ci) were our internal deployment pipeline — accidentally ended up in this PR. They have nothing to do with the Xray-core codebase. Removed them now.

Also, what specifically feels ugly about the implementation? Happy to clean it up.

@LjhAUMEM

LjhAUMEM commented Jun 23, 2026

Copy link
Copy Markdown
Collaborator

MemoryAccount 的 Equals ToProto AsAccount 不写 infra 应该是用不上 哦不对,路由里只能传 user 的 interface,那先留着吧

另外把 wgIpcSetter interface 删了,直接使用 dev,还有 type Server struct 里的注释删了,两个 test 文件也删了

其余的晚点再看

@bitwiresys

…evice directly

- Remove the wgIpcSetter interface and the test-only ipcOverride field;
  AddUser/RemoveUser now use the concrete *device.Device via s.device().
- Drop the explanatory comments inside the Server struct.
- Remove the two WireGuard UserManager test files.
@bitwiresys

Copy link
Copy Markdown
Contributor Author

Thanks for the review! Done in d737888:

  • Removed the wgIpcSetter interface — AddUser/RemoveUser now use the concrete *device.Device directly via s.device().
  • Dropped the comments inside the Server struct.
  • Removed the two WireGuard test files.

Left MemoryAccount's Equals/ToProto/AsAccount as-is since, as you noted, routing can only carry the user interface.

@Fangliding

Copy link
Copy Markdown
Member

test里把最重要的测试部分用interface替换成了mock 说要删interface又把整个test删了 看这种东西感觉像和机器说话不是和人交流。。。

@LjhAUMEM

Copy link
Copy Markdown
Collaborator

test里把最重要的测试部分用interface替换成了mock 说要删interface又把整个test删了

我就是让直接删的 test 文件没错啊,一个 account 要啥 test

感觉差不多该到我接手的部分了,等今晚有空再说,对话效率有点低

@Fangliding 路由那个 inbound 的 protocol.MemoryUser Account 不是必须的吧,只有 email 也可以路由吧

@Fangliding

Copy link
Copy Markdown
Member

路由只看email但是getinbounduser会解引用看 而且这个pr看起来也没法用adu命令

@bitwiresys

Copy link
Copy Markdown
Contributor Author

@LjhAUMEM all three are in d737888 — dropped the wgIpcSetter interface (AddUser/RemoveUser now use *device.Device directly via s.device()), removed the comments inside the Server struct, and deleted the two test files.

@Fangliding fair point on the adu path and GetInboundUser dereferencing the Account — I'll dig into making the api add-user flow work for the WG inbound. If you'd rather take that part yourself, happy to leave it to you.

@LjhAUMEM

Copy link
Copy Markdown
Collaborator

AllowedIps 类型是 cidr,看了下 peersByIP 还不能这么写,真要按 ip 来匹配用户的话那几个用户就有几个 matcher,有点麻烦了

而且这个pr看起来也没法用adu命令

如果是用 grpc api 的话那 hysteria 应该也不行,hy 也只给 inbound 实现了 proxy.UserManager

image

@bitwiresys

Copy link
Copy Markdown
Contributor Author

On peersByIP — you're right, it's keyed off parseFirstAddr(cidr), so it only holds when a peer's AllowedIPs is a /32; a subnet wouldn't match, and doing it properly means a per-peer range matcher, which is exactly the mess you're describing. The map is only used to tag the session with the user in HandleConnection for per-user stats — AddUser/RemoveUser/GetUser are all email-keyed and don't touch it. Simplest fix is to drop the IP→user map and keep email-only tracking. Happy to strip it, or leave it for your pass if you'd rather rework the matching.

On adu — agreed, extractInboundUsers has no wireguard branch, and as you noted hysteria is in the same spot since it also only implements proxy.UserManager on the inbound, so it isn't specific to this PR.

@LjhAUMEM

Copy link
Copy Markdown
Collaborator

@bitwiresys 你先不用修改,先提前问下,我可以直接 push 到你的 branch 吗

@LjhAUMEM

Copy link
Copy Markdown
Collaborator

如果真要区分用户那也只会分配一个 v4/32 + v6/128,只匹配一个 v4 + v6 倒也还能写

@bitwiresys

Copy link
Copy Markdown
Contributor Author

Yeah, go for it — "Allow edits from maintainers" is on, so you can push straight to feat/wireguard-usermanager. If you run into a permissions wall, ping me and I'll add you as a collaborator on the fork. I'll hold off on any changes in the meantime.

@Fangliding

Copy link
Copy Markdown
Member

为什么执意要给wireguard加个这玩意 #6314 (comment)
最开始只是为了滥用cf warp怎么弄成现在这样

@LjhAUMEM

Copy link
Copy Markdown
Collaborator

为什么执意要给wireguard加个这玩意 #6314 (comment) 最开始只是为了滥用cf warp怎么弄成现在这样

原来这还有个 issue

不过我是随意,反正入站也重构了,然后好像也没有不支持用户api的入站,那就对齐一下吧,刚好也能猜测一下 cf warp 的管理原理

@Fangliding

Copy link
Copy Markdown
Member

cfwarp是自己写的服务端 不是标准wireguard 它的ipv4 local都能是一样的 只是套了这个协议传l3包而已

@bitwiresys

Copy link
Copy Markdown
Contributor Author

The request actually came from #6314 (not from us) — after #6287 reworked the WG inbound and Finalmask landed, a WG inbound that a panel can manage users on becomes useful.

Concrete use case: multi-protocol panels (PasarGuard / Marzban-style) provision and revoke users for every inbound through one xray gRPC path (AddUser/RemoveUser/AlterInbound). WG was the only inbound without a UserManager, so adding or removing a single peer meant restarting the whole core and dropping every live connection. This PR just lets WG peers be added/removed at runtime like the other protocols — that's the whole scope.

You're right that for pure anti-censorship hysteria/xhttp3 are the better UDP options; WG isn't trying to compete there. Its value is native client support (every OS/router ships a WG client) and giving panels one consistent user-management API across all protocols — not censorship resistance.

And agreed the peer/user-api fit isn't perfect (the peersByIP/CIDR point) — fine to keep it minimal, just enough for add/remove/list.

@LjhAUMEM

LjhAUMEM commented Jun 23, 2026

Copy link
Copy Markdown
Collaborator

cfwarp是自己写的服务端 不是标准wireguard 它的ipv4 local都能是一样的 只是套了这个协议传l3包而已

那肯定不是说完全一样,语言都可能不同,而是只用 wg go device 看看能不能模仿出来,不过按你说的 v4 可以一样这点应该就 GG 了,wg go 应该只能做到按 local ip 来区分(只用接口的情况下)

不过 cf warp 好像也没有说不带 reversed 不给连的情况,我自己连都是不带的,只是简单在 wg 里校验了下 local address

@LjhAUMEM

Copy link
Copy Markdown
Collaborator

其实真正区分用户应该用 pub key,不过 gvisor 的三转四应该是拿不到了

@LjhAUMEM

LjhAUMEM commented Jun 23, 2026

Copy link
Copy Markdown
Collaborator

不行,用 localaddress 来区分还是太诡异了,可以用 user manager 来添加/删除 peers,但不统计各个 peer 的流量(当然也无法路由具体 peer),你觉得怎么样 @bitwiresys

算了,当我没说,我看下怎么实现吧

@LjhAUMEM

Copy link
Copy Markdown
Collaborator

为什么执意要给wireguard加个这玩意 #6314 (comment) 最开始只是为了滥用cf warp怎么弄成现在这样

想了想除了对齐还有另一个原因,wg 的 peer 注定只能给一个设备用,单 peer 多设备必定冲突,不像其他入站可以单 user 多用户

@RPRX

RPRX commented Jun 24, 2026

Copy link
Copy Markdown
Member

@LjhAUMEM ready 时说一下,会合并

@LjhAUMEM

Copy link
Copy Markdown
Collaborator

估计这两天

@LjhAUMEM

Copy link
Copy Markdown
Collaborator

@bitwiresys 应该差不多了,你方便测试下吗

@RPRX

RPRX commented Jun 24, 2026

Copy link
Copy Markdown
Member

@LjhAUMEM 三平台全挂

@LjhAUMEM

Copy link
Copy Markdown
Collaborator

@LjhAUMEM 三平台全挂

好了,删了个文件

@bitwiresys

Copy link
Copy Markdown
Contributor Author

Tested your branch — looks good on our side.

CI (built 9f82e5a locally, 1:1 with the workflow): go build ./..., go vet, go test ./proxy/wireguard/ ./infra/conf/ and vformat -mode check all pass. The only failing test locally was TestGeodataConfig, which just needs the cached geoip.dat/geosite.dat (the check-assets + geodat-cache steps provide those in CI), so unrelated to the change.

Functional test on a real node: ran a WG inbound with a peer that carries email, connected a client and pushed ~9 MB. Handshake + routing work, and per-user stats now key off the email instead of the public key:

user>>>1.hehe>>>traffic>>>uplink    3534
user>>>1.hehe>>>traffic>>>downlink  9038719

That's exactly what panels need — email = {id}.{username} flows straight into per-user accounting and the online indicator. The GetUserByAddr tunnel-IP tagging does the job for the /32 + /128 case.

Works for us, thanks for the rework.

@RPRX

RPRX commented Jun 27, 2026

Copy link
Copy Markdown
Member

@LjhAUMEM 咋顺便把 Hy 的 "version": 2 要求删了

@RPRX

RPRX commented Jun 27, 2026

Copy link
Copy Markdown
Member

又看了下是改成了仅检查配置、不进 proto,还行吧,虽然 Hy 出 3 的时候又要加回来

@RPRX RPRX changed the title feat(wireguard): implement proxy.UserManager for dynamic peer management WireGuard inbound: Support dynamic peer management Jun 27, 2026
@RPRX RPRX merged commit 345c76f into XTLS:main Jun 27, 2026
40 checks passed
@LjhAUMEM

Copy link
Copy Markdown
Collaborator

又看了下是改成了仅检查配置、不进 proto

对,先简单统一一下

bitwiresys pushed a commit to bitwiresys/panel-wg-pr that referenced this pull request Jul 3, 2026
Recognize a `wireguard` protocol inbound inside an Xray core so its tag is
exposed (via /api/inbounds) and users can be assigned to it, and attribute
its per-user traffic/online state.

Xray now ships a first-class WireGuard inbound with a UserManager
(XTLS/Xray-core#6360), so WireGuard can be served through the same Xray
core as the other protocols — in addition to the existing standalone WG
backend (CoreType.wg). This is purely additive.

- app/core/xray.py: `_read_wireguard_inbound` registers a WG-in-Xray
  inbound (interface/listen_port/address/mtu/public key) alongside the
  vmess/vless/trojan/shadowsocks/hysteria readers.
- app/jobs/record_usages.py: the Xray WG inbound reports per-user stats
  keyed by the peer's hex public key; map that back to the panel user id
  so WG traffic and online state are recorded like any other protocol.
Meo597 added a commit that referenced this pull request Jul 5, 2026
commit 65f6f0a
Author: yiguodev <147401898+yiguodev@users.noreply.github.com>
Date:   Sat Jul 4 10:25:15 2026 +0800

    TUN inbound: Refine `gateway` and `autoSystemRoutingTable` on Linux (#6398)

    #6398 (comment)

commit 3263ae9
Author: Jasper344612 <282825138+Jasper344612@users.noreply.github.com>
Date:   Sat Jul 4 09:38:25 2026 +0800

    TUN inbound: Fix `autoOutboundsInterface` on Linux (#6413)

    Fixes #6412

commit 3dc8bf3
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Sat Jul 4 09:28:21 2026 +0800

    Hysteria inbound: Fix dynamic UUID not accepted (#6395)

    Fixes #6375 (comment)

commit 695e68e
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Jul 3 17:53:15 2026 +0000

    Bump github.com/pires/go-proxyproto from 0.12.0 to 0.14.0 (#6420)

    Bumps [github.com/pires/go-proxyproto](https://github.com/pires/go-proxyproto) from 0.12.0 to 0.14.0.
    - [Release notes](https://github.com/pires/go-proxyproto/releases)
    - [Commits](pires/go-proxyproto@v0.12.0...v0.14.0)

    ---
    updated-dependencies:
    - dependency-name: github.com/pires/go-proxyproto
      dependency-version: 0.14.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit dfdbcf8
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Jul 3 17:45:51 2026 +0000

    Bump github.com/klauspost/cpuid/v2 from 2.3.0 to 2.4.0 (#6417)

    Bumps [github.com/klauspost/cpuid/v2](https://github.com/klauspost/cpuid) from 2.3.0 to 2.4.0.
    - [Release notes](https://github.com/klauspost/cpuid/releases)
    - [Commits](klauspost/cpuid@v2.3.0...v2.4.0)

    ---
    updated-dependencies:
    - dependency-name: github.com/klauspost/cpuid/v2
      dependency-version: 2.4.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 2b828b7
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Jul 3 17:45:47 2026 +0000

    Bump google.golang.org/grpc from 1.81.1 to 1.82.0 (#6415)

    Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.81.1 to 1.82.0.
    - [Release notes](https://github.com/grpc/grpc-go/releases)
    - [Commits](grpc/grpc-go@v1.81.1...v1.82.0)

    ---
    updated-dependencies:
    - dependency-name: google.golang.org/grpc
      dependency-version: 1.82.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 45cf289
Author: RPRX <63339210+RPRX@users.noreply.github.com>
Date:   Sat Jun 27 13:18:03 2026 +0000

    Xray-core v26.6.27

    Sponsor & Donation & NFTs: #3668
    Project X Channel: https://t.me/projectXtls

    Announcement of NFTs by Project X: #3633
    Project X NFT: https://opensea.io/assets/ethereum/0x5ee362866001613093361eb8569d59c4141b76d1/1

    VLESS Post-Quantum Encryption: #5067
    VLESS NFT: https://opensea.io/collection/vless

    XHTTP: Beyond REALITY: #4113
    REALITY NFT: https://opensea.io/assets/ethereum/0x5ee362866001613093361eb8569d59c4141b76d1/2

commit 18b85ad
Author: RPRX <63339210+RPRX@users.noreply.github.com>
Date:   Sat Jun 27 12:41:39 2026 +0000

    XHTTP client: Change default `maxConnections` to 6 for anti-RKN

    "xmux": {
        "maxConcurrency": 0,
        "maxConnections": "6",
        "cMaxReuseTimes": 0,
        "hMaxRequestTimes": "600-900",
        "hMaxReusableSecs": "1800-3000",
        "hKeepAlivePeriod": 0
    }

    Replaces 9cc7907 and 4ce65fc

    Closes #6376 (comment)

commit 452b719
Author: seally <70375705+nasralbek@users.noreply.github.com>
Date:   Sat Jun 27 17:04:58 2026 +0500

    Hysteria inbound: Support `routing`'s `vlessRoute` as well (#6375)

    #6375 (comment)

    ---------

    Co-authored-by: LjhAUMEM <llnu14702@gmail.com>

commit 345c76f
Author: bitwiresys <46227999+bitwiresys@users.noreply.github.com>
Date:   Sat Jun 27 14:41:22 2026 +0300

    WireGuard inbound: Support dynamic peer management (#6360)

    #6360 (comment)

    Closes #6314

    ---------

    Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
    Co-authored-by: LjhAUMEM <llnu14702@gmail.com>

commit f496437
Author: 迷途的猫 <xxntmctx@gmail.com>
Date:   Sat Jun 27 18:40:58 2026 +0800

    XHTTP server: Refactor upload_queue.go (#6372)

    #6372 (comment)

    ---------

    Co-authored-by: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
    Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>

commit b12bc50
Author: kokoro <89308518+kokoromagic@users.noreply.github.com>
Date:   Thu Jun 25 04:06:24 2026 +0700

    README.md: Add Magic_V2Ray to Magisk in Installation (#6355)

    #6355 (comment)

    ---------

    Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>

commit dda2b10
Author: yiguodev <147401898+yiguodev@users.noreply.github.com>
Date:   Wed Jun 24 20:00:22 2026 +0800

    TUN inbound: Add traffic counters; Metrics: Rely on instance (#6349)

    #6349 (comment)

commit 241aa38
Author: Jasper344612 <282825138+Jasper344612@users.noreply.github.com>
Date:   Wed Jun 24 19:06:00 2026 +0800

    TUN inbound: Support `autoSystemRoutingTable` and `autoOutboundsInterface` on macOS and Linux as well (#6366)

    #6366 (comment)

commit 7e7e820
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Wed Jun 24 18:49:05 2026 +0800

    Geodata: Apply uTLS Chrome fingerprint when downloading (#6371)

    Closes #6369

commit f9eb159
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Jun 24 10:48:21 2026 +0000

    Bump actions/cache from 5 to 6 (#6368)

    Bumps [actions/cache](https://github.com/actions/cache) from 5 to 6.
    - [Release notes](https://github.com/actions/cache/releases)
    - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
    - [Commits](actions/cache@v5...v6)

    ---
    updated-dependencies:
    - dependency-name: actions/cache
      dependency-version: '6'
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit ac04c44
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Tue Jun 23 19:48:17 2026 +0800

    DNS: Fix unexpected TTL clamp (#6363)

    Fixes #6359

commit e7e9254
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Tue Jun 23 19:37:21 2026 +0800

    TUN inbound: Avoid panic on nil RemoteAddr due to quickly closed connection (#6365)

    Fixes #6364 (comment)

    ---------

    Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>

commit fab4bcc
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Jun 23 10:34:07 2026 +0000

    Bump github.com/cloudflare/circl from 1.6.3 to 1.6.4 (#6362)

    Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) from 1.6.3 to 1.6.4.
    - [Release notes](https://github.com/cloudflare/circl/releases)
    - [Commits](cloudflare/circl@v1.6.3...v1.6.4)

    ---
    updated-dependencies:
    - dependency-name: github.com/cloudflare/circl
      dependency-version: 1.6.4
      dependency-type: direct:production
      update-type: version-update:semver-patch
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit b99c3e5
Author: RPRX <63339210+RPRX@users.noreply.github.com>
Date:   Mon Jun 22 18:55:10 2026 +0000

    Xray-core v26.6.22

    Sponsor & Donation & NFTs: #3668
    Project X Channel: https://t.me/projectXtls

    Announcement of NFTs by Project X: #3633
    Project X NFT: https://opensea.io/assets/ethereum/0x5ee362866001613093361eb8569d59c4141b76d1/1

    VLESS Post-Quantum Encryption: #5067
    VLESS NFT: https://opensea.io/collection/vless

    XHTTP: Beyond REALITY: #4113
    REALITY NFT: https://opensea.io/assets/ethereum/0x5ee362866001613093361eb8569d59c4141b76d1/2

commit 583bb4a
Author: Omoeba <38597972+Omoeba@users.noreply.github.com>
Date:   Mon Jun 22 11:51:47 2026 -0700

    XHTTP server: Fix `scStreamUpServerSecs` when `xPaddingObfsMode` is true (#6343)

    #6343 (comment)

commit 9cd9382
Author: Жора Змейкин <48821354+Katze-942@users.noreply.github.com>
Date:   Mon Jun 22 21:29:23 2026 +0400

    TUN inbound: Support env `XRAY_TUN_FD` on Linux as well (#6338)

    #6338 (comment)

commit 567500c
Author: patterniha <71074308+patterniha@users.noreply.github.com>
Date:   Mon Jun 22 19:57:23 2026 +0330

    Fragment finalmask: Add `lengths` and `delays` (#6334)

    Usage: #6334 (comment)

    Behavior: #6334 (comment)

    ---------

    Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>

commit 5aefcb4
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Jun 22 16:05:47 2026 +0000

    Bump github.com/pion/stun/v3 from 3.1.5 to 3.1.6 (#6357)

    Bumps [github.com/pion/stun/v3](https://github.com/pion/stun) from 3.1.5 to 3.1.6.
    - [Release notes](https://github.com/pion/stun/releases)
    - [Commits](pion/stun@v3.1.5...v3.1.6)

    ---
    updated-dependencies:
    - dependency-name: github.com/pion/stun/v3
      dependency-version: 3.1.6
      dependency-type: direct:production
      update-type: version-update:semver-patch
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit be8009c
Author: Meow <197331664+Meo597@users.noreply.github.com>
Date:   Fri Jun 19 20:02:27 2026 +0800

    Geodata: Cleanup unneeded matchers & `domain:` ignore case (#6342)

    Completes #6139

commit 8734774
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Jun 19 11:23:41 2026 +0000

    Bump actions/checkout from 6 to 7 (#6344)

    Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7.
    - [Release notes](https://github.com/actions/checkout/releases)
    - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
    - [Commits](actions/checkout@v6...v7)

    ---
    updated-dependencies:
    - dependency-name: actions/checkout
      dependency-version: '7'
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 1e036ce
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Fri Jun 19 07:55:11 2026 +0800

    XHTTP/3 client: Actively close underlying QUIC & UDP (#6332)

    Fixes #6328 (comment)

commit c815c2f
Author: j2rong4cn <36783515+j2rong4cn@users.noreply.github.com>
Date:   Fri Jun 19 07:17:01 2026 +0800

    Loopback outbound: Add `sniffing` (#6326)

    Example: #6326 (comment)

commit 986c512
Author: bytecategory <nettopology@proton.me>
Date:   Fri Jun 19 06:55:18 2026 +0800

    XHTTP client: Avoid panic when `host` is invalid (#6316)

    Fixes #6315

commit 711aea4
Author: Meow <197331664+Meo597@users.noreply.github.com>
Date:   Fri Jun 19 06:31:21 2026 +0800

    XHTTP & WS & HU & gRPC servers: Require `sockopt.trustedXForwardedFor` (#6309)

    #6258 (comment)

    Behavior: #6258 (comment)

    Replaces #6159

commit 6412738
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Wed Jun 17 22:27:26 2026 +0800

    Socks5 inbound: Fix issues in new UDP ASSOCIATE (#6325)

    #6325 (comment)

    Fixes #6323

    ---------

    Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>

commit ad2e4cb
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Wed Jun 17 21:59:19 2026 +0800

    Finalmask: Fix unexpected order and UDP's buf issue (#6331)

    XTLS/Xray-docs-next#866 (comment)

    And #6331 (comment)

    Fixes #6184 (comment)

commit 829d54d
Author: Hossin Asaadi <hossin.asaadi@gmail.com>
Date:   Tue Jun 16 22:49:35 2026 +0100

    Hysteria & XHTTP/3 clients: `udpHop` supports `dialerProxy` (#6320)

    #6320 (comment)

    Fixes #6320 (comment)

    ---------

    Co-authored-by: LjhAUMEM <llnu14702@gmail.com>

commit 8626311
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Tue Jun 16 23:24:39 2026 +0800

    WireGuard proxy: Refactor (#6287)

    And #6303 (comment)

    Fixes #6257

commit d27b3e4
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Jun 16 11:45:27 2026 +0000

    Bump golang.org/x/net from 0.55.0 to 0.56.0 (#6310)

    Bumps [golang.org/x/net](https://github.com/golang/net) from 0.55.0 to 0.56.0.
    - [Commits](golang/net@v0.55.0...v0.56.0)

    ---
    updated-dependencies:
    - dependency-name: golang.org/x/net
      dependency-version: 0.56.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit da21a8f
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Wed Jun 10 04:53:55 2026 +0800

    TUN & WireGuard inbounds: Ignore b.UDP's domain when receiving it from outbound (#6285)

    Fixes #6279

commit e10347b
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Tue Jun 9 23:58:02 2026 +0800

    XHTTP transport: Add `sessionIDTable` and `sessionIDLength`; Rename `session*` to `sessionID*` (#6258)

    #6258 (comment)
    #6253 (comment)
    #6251 (comment)

    Usage: #6258 (comment)

    Closes #6264

    ---------

    Co-authored-by: XXcipherX <knazevvv6514@gmail.com>

commit 26a022c
Author: 𐲓𐳛𐳪𐳂𐳐 𐲀𐳢𐳦𐳫𐳢 𐲥𐳔𐳛𐳪𐳌𐳑𐳖𐳇 <26771058+KobeArthurScofield@users.noreply.github.com>
Date:   Tue Jun 9 20:08:38 2026 +0800

    GitHub Action CI, README.md: Refinements and add compliance contents (#6283)

    And #6283 (comment)

commit 95e9816
Author: 𐲓𐳛𐳪𐳂𐳐 𐲀𐳢𐳦𐳫𐳢 𐲥𐳔𐳛𐳪𐳌𐳑𐳖𐳇 <26771058+KobeArthurScofield@users.noreply.github.com>
Date:   Tue Jun 9 18:55:42 2026 +0800

    Chore: Limit sing* dependencies to shadowsocks_2022 only (#6286)

    #6286 (comment)

commit 3239d21
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Tue Jun 9 17:40:55 2026 +0800

    TUN inbound: `autoOutboundsInterface` bypasses loopback addresses (#6276)

    Fixes #6269

commit 06b4931
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Tue Jun 9 17:22:33 2026 +0800

    TUN inbound: Start TUN by AlwaysOnInboundHandler (#6275)

    Fixes #6274

commit 6189d2b
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Tue Jun 9 17:14:54 2026 +0800

    XICMP finalmask: Refine Linux sever (#6272)

    Fixes #6168

commit a0e9347
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Tue Jun 9 17:03:24 2026 +0800

    TLS ECH: Handle "h2c://" query correctly (#6261)

    Fixes #6259 (comment)

    ---------

    Co-authored-by: j2rong4cn <36783515+j2rong4cn@users.noreply.github.com>

commit 83cf229
Author: IconHHw <138437673+IconHHw@users.noreply.github.com>
Date:   Tue Jun 9 03:55:06 2026 +0800

    Salamander finalmask: Replace `math/rand` with `crypto/rand` in salt generation (#6228)

    And #6228 (comment)

    Fixes #6228 (comment)

commit 2249f8b
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Jun 8 19:29:14 2026 +0000

    Bump github.com/pion/stun/v3 from 3.1.2 to 3.1.5 (#6291)

    Bumps [github.com/pion/stun/v3](https://github.com/pion/stun) from 3.1.2 to 3.1.5.
    - [Release notes](https://github.com/pion/stun/releases)
    - [Commits](pion/stun@v3.1.2...v3.1.5)

    ---
    updated-dependencies:
    - dependency-name: github.com/pion/stun/v3
      dependency-version: 3.1.5
      dependency-type: direct:production
      update-type: version-update:semver-patch
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit fdb9b61
Author: lmlm <no_7seven@163.com>
Date:   Wed Jun 3 07:58:56 2026 +0800

    README.md: Add Hey to HarmonyOS in GUI Clients (#6244)

    https://github.com/popsiclelmlm/Hey/blob/main/entry/src/main/cpp/README.md

    ---------

    Co-authored-by: liumin01 <liumin01@roborock.com>

commit d792fba
Author: 𐲓𐳛𐳪𐳂𐳐 𐲀𐳢𐳦𐳫𐳢 𐲥𐳔𐳛𐳪𐳌𐳑𐳖𐳇 <26771058+KobeArthurScofield@users.noreply.github.com>
Date:   Wed Jun 3 07:40:17 2026 +0800

    GitHub Actions CI: Builders run only once in pull requests in the same repository (#6222)

    #6221 (comment)

    Completes #6090 (comment)

commit 55956f8
Author: 𐲓𐳛𐳪𐳂𐳐 𐲀𐳢𐳦𐳫𐳢 𐲥𐳔𐳛𐳪𐳌𐳑𐳖𐳇 <26771058+KobeArthurScofield@users.noreply.github.com>
Date:   Wed Jun 3 07:36:42 2026 +0800

    TLS config: Remove some deprecated fields (#6226)

    https://t.me/projectXtls/1490

    ---------

    Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>

commit 94ffd50
Author: RPRX <63339210+RPRX@users.noreply.github.com>
Date:   Mon Jun 1 02:11:09 2026 +0000

    Xray-core v26.6.1

    Sponsor & Donation & NFTs: #3668
    Project X Channel: https://t.me/projectXtls

    Announcement of NFTs by Project X: #3633
    Project X NFT: https://opensea.io/assets/ethereum/0x5ee362866001613093361eb8569d59c4141b76d1/1

    VLESS Post-Quantum Encryption: #5067
    VLESS NFT: https://opensea.io/collection/vless

    XHTTP: Beyond REALITY: #4113
    REALITY NFT: https://opensea.io/assets/ethereum/0x5ee362866001613093361eb8569d59c4141b76d1/2

commit c4dfcd4
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Mon Jun 1 09:30:40 2026 +0800

    Burst observatory: Fix init check (#6221)

    #6106 (comment)

commit cb8cd04
Author: j2rong4cn <36783515+j2rong4cn@users.noreply.github.com>
Date:   Mon Jun 1 09:25:47 2026 +0800

    DNS outbound: Replace "reject" with "return" (`rCode` is 0 by default) (#6214)

    #6214 (comment)

    Example: #6214 (comment)

    ---------

    Co-authored-by: Meo597 <197331664+Meo597@users.noreply.github.com>

commit 455f6bc
Author: Davoyan <20373889+Davoyan@users.noreply.github.com>
Date:   Sat May 30 20:29:33 2026 +0300

    uTLS: Update `ModernFingerprints` map and `OtherFingerprints` map (#6181)

    Paying attention to #6181 (comment)

    And a real issue: #6181 (comment)

commit ba53861
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Sat May 30 17:30:23 2026 +0800

    Realm finalmask: Fix client punch peers (#6213)

    Fixes #6137

commit d43a808
Author: 𐲓𐳛𐳪𐳂𐳐 𐲀𐳢𐳦𐳫𐳢 𐲥𐳔𐳛𐳪𐳌𐳑𐳖𐳇 <26771058+KobeArthurScofield@users.noreply.github.com>
Date:   Fri May 29 23:04:59 2026 +0800

    GitHub Action CI: Add Go source file format check (#6090)

    #6057 (comment)

    And #6149 (comment)

commit ca4b156
Author: Jesus <75259437+Jolymmiles@users.noreply.github.com>
Date:   Fri May 29 15:59:24 2026 +0400

    Burst observatory: Fix time compare, cancel pending ping on instance close or new schedule started (#6106)

    #6106 (comment)

    ---------

    Co-authored-by: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>

commit aba2272
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Fri May 29 19:48:22 2026 +0800

    Finalmask: Add mkcp-legacy (UDP) to replace mkcp-* and legacy header-* (#6201)

    #6193 (comment)

    #6201 (comment)

    Example: #6201 (comment)

commit 569459c
Author: Cocoon-Break <54054995+kuishou68@users.noreply.github.com>
Date:   Fri May 29 18:47:58 2026 +0800

    Sudoku finalmask: Harden UDP ReadFrom() against invalid packets (#6185)

    #6184 (comment)

    Fixes #6184

    ---------

    Co-authored-by: LjhAUMEM <llnu14702@gmail.com>

commit 2b42699
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Fri May 29 17:44:06 2026 +0800

    XICMP finalmask: Refactor & Speed up; Add multi `ips` and `dgram` mode (client) (#6168)

    #5872 (comment)
    #6168 (comment)
    #6168 (comment)

    Example: #6168 (comment)

    Closes #5879

commit 66a8100
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Fri May 29 16:36:45 2026 +0800

    Salamander finalmask: Support `packetSize` (Gecko in Hysteria v2.9.2) (#6198)

    And some other refinements

    #6198 (comment)

    Example: #6198 (comment)

commit 3630369
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Fri May 29 16:29:53 2026 +0800

    Finalmask: Add Realm (UDP hole punching in Hysteria v2.9.1) (#6137)

    #5657 (comment)

    #6137 (comment)

    Example: #6137 (comment)

commit 4dcf802
Author: Jason Fox <44783405+the-thirteenth-fox@users.noreply.github.com>
Date:   Thu May 28 23:15:38 2026 +0300

    README.md: Add flutter_vless to Xray Wrapper in Others (#6197)

    https://pub.dev/packages/flutter_vless

commit a2cec2e
Author: Meow <197331664+Meo597@users.noreply.github.com>
Date:   Fri May 29 04:06:32 2026 +0800

    DNS: Avoid panic on domain too long (#6207)

    Fixes #6204

commit 1cd7d25
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Fri May 29 03:44:16 2026 +0800

    header-custom finalmask: Remove headerConnMode headerReadAddrAware interface (#6193)

    #5920 (comment)

    #6193 (comment)

commit 09002ab
Author: LjhAUMEM <llnu14702@gmail.com>
Date:   Fri May 29 03:24:22 2026 +0800

    noise finalmask: Better `reset` (#6188)

    #6170

    Explanation: #5657 (comment)

commit cb206dd
Author: Kirill Livanov <13822441+kirilllivanov@users.noreply.github.com>
Date:   Thu May 28 21:27:08 2026 +0300

    DNS: Avoid passing domain to WriteTo func (#6163)

    #6163 (comment)

    ---------

    Co-authored-by: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>

commit fa466f8
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu May 28 18:20:27 2026 +0000

    Bump golang.org/x/net from 0.54.0 to 0.55.0 (#6192)

    Bumps [golang.org/x/net](https://github.com/golang/net) from 0.54.0 to 0.55.0.
    - [Commits](golang/net@v0.54.0...v0.55.0)

    ---
    updated-dependencies:
    - dependency-name: golang.org/x/net
      dependency-version: 0.55.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit e26f5e9
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Thu May 28 22:22:57 2026 +0800

    Socks5 server: More standard UDP ASSOCIATE (RFC 1928) (#6149)

    #6149 (comment)

    Fixes #6145 (comment)

    ---------

    Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>

commit 787aa76
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Sun May 24 22:20:53 2026 +0800

    Hysteria server: `tls.WithNextProto("h3")` by default (#6186)

    Client: #6186 (comment)

commit d878fc8
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Sun May 24 20:50:02 2026 +0800

    SS2022 inbound: Fix potential panic when dispatching (#6162)

    #6162 (comment)

commit ee2b2c5
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Sun May 24 20:27:12 2026 +0800

    leastLoad balancer: Implement missing `tolerance` (#6156)

    Closes #6154

commit 81d993f
Author: Whale Choi <cj1369636717@gmail.com>
Date:   Sun May 24 20:19:00 2026 +0800

    README.md: Remove Xray4Magisk; Add AsteriskNG to Android in GUI Clients (#6153)

    #6153 (comment)

commit 4c38427
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Sun May 24 20:05:40 2026 +0800

    XHTTP client: Fix packet-up `OpenUsage` counting and H3 `keepAlivePeriod` parameter (#6140)

    Fixes #6140 (comment)

commit ab69985
Author: Meow <197331664+Meo597@users.noreply.github.com>
Date:   Sat May 23 21:50:01 2026 +0800

    Config: Warn when `sockopt.trustedXForwardedFor` is not set for XHTTP/WS/HU inbounds (#6159)

    #6110 (comment)

    Usage: #5331 (comment)

commit 56bb636
Author: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Date:   Sat May 23 20:23:52 2026 +0800

    Geodata: Cleanup unneeded shared matchers (weakly referenced in map) (#6139)

    #6139 (comment)

commit 359a28f
Author: bytecategory <nettopology@proton.me>
Date:   Sat May 23 17:24:37 2026 +0800

    XDNS finalmask: Support AAAA & A (#6123)

    #6123 (comment)
    #6123 (comment)
    #6123 (comment)

    Example: #6123 (comment)

    Document: https://xtls.github.io/config/transports/finalmask.html#xdns

commit da9ba69
Author: Yury Kastov <9641779+kastov@users.noreply.github.com>
Date:   Fri May 22 22:49:19 2026 +0300

    Config: Support abstract unix sockets in remote loader (#6111)

    Replaces #5200

commit 5488b86
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri May 22 19:37:44 2026 +0000

    Bump google.golang.org/grpc from 1.81.0 to 1.81.1 (#6133)

    Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.81.0 to 1.81.1.
    - [Release notes](https://github.com/grpc/grpc-go/releases)
    - [Commits](grpc/grpc-go@v1.81.0...v1.81.1)

    ---
    updated-dependencies:
    - dependency-name: google.golang.org/grpc
      dependency-version: 1.81.1
      dependency-type: direct:production
      update-type: version-update:semver-patch
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit a3c054a
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri May 22 19:37:25 2026 +0000

    Bump golang.org/x/net from 0.53.0 to 0.54.0 (#6113)

    Bumps [golang.org/x/net](https://github.com/golang/net) from 0.53.0 to 0.54.0.
    - [Commits](golang/net@v0.53.0...v0.54.0)

    ---
    updated-dependencies:
    - dependency-name: golang.org/x/net
      dependency-version: 0.54.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants