Skip to content

Bump github.com/slackhq/nebula from 1.9.7 to 1.10.0 #2497

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump github.com/slackhq/nebula from 1.9.7 to 1.10.0 #2497

dependabot wants to merge 1 commit into from
+10 −10

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 8, 2025
edited
Loading

Bumps github.com/slackhq/nebula from 1.9.7 to 1.10.0.

Release notes

Sourced from github.com/slackhq/nebula's releases.

Release v1.10.0

See the v1.10.0 milestone for a complete list of changes.

Added

Changed

  • NOTE: default_local_cidr_any now defaults to false, meaning that any firewall rule intended to target an unsafe_routes entry must explicitly declare it via the local_cidr field. This is almost always the intended behavior. This flag is deprecated and will be removed in a future release. (#1373)
  • Improve logging when a relay is in use on an inbound packet. (#1533)
  • Avoid fatal errors if rountines is > 1 on systems that don't support more than 1 routine. (#1531)
  • Log a warning if a firewall rule contains an any that negates a more restrictive filter. (#1513)
  • Accept encrypted CA passphrase from an environment variable. (#1421)
  • Allow handshaking with any trusted remote. (#1509)
  • Log only the count of blocklisted certificate fingerprints instead of the entire list. (#1525)
  • Don't fatal when the ssh server is unable to be configured successfully. (#1520)
  • Update to build against go v1.25. (#1483)
  • Allow projects using nebula as a library with userspace networking to configure the logger and build version. (#1239)
  • Upgrade to yaml.v3. (#1148, #1371, #1438, #1478)

Fixed

  • Fix a potential bug with udp ipv4 only on darwin. (#1532)
  • Improve lost packet statistics. (#1441, #1537)
  • Honor remote_allow_list in hole punch response. (#1186)
  • Fix a panic when tun.use_system_route_table is true and a route lacks a destination. (#1437)
  • Fix an issue when tun.use_system_route_table: true could result in heavy CPU utilization when many thousands of routes are present. (#1326)
  • Fix tests for 32 bit machines. (#1394)
  • Fix a possible 32bit integer underflow in config handling. (#1353)
  • Fix moving a udp address from one vpn address to another in the static_host_map which could cause rapid re-handshaking with an incorrect remote. (#1259)
  • Improve smoke tests in environments where the docker network is not the default. (#1347)
Changelog

Sourced from github.com/slackhq/nebula's changelog.

[1.10.0] - 2025-12-04

See the v1.10.0 milestone for a complete list of changes.

Added

Changed

  • NOTE: default_local_cidr_any now defaults to false, meaning that any firewall rule intended to target an unsafe_routes entry must explicitly declare it via the local_cidr field. This is almost always the intended behavior. This flag is deprecated and will be removed in a future release. (#1373)
  • Improve logging when a relay is in use on an inbound packet. (#1533)
  • Avoid fatal errors if rountines is > 1 on systems that don't support more than 1 routine. (#1531)
  • Log a warning if a firewall rule contains an any that negates a more restrictive filter. (#1513)
  • Accept encrypted CA passphrase from an environment variable. (#1421)
  • Allow handshaking with any trusted remote. (#1509)
  • Log only the count of blocklisted certificate fingerprints instead of the entire list. (#1525)
  • Don't fatal when the ssh server is unable to be configured successfully. (#1520)
  • Update to build against go v1.25. (#1483)
  • Allow projects using nebula as a library with userspace networking to configure the logger and build version. (#1239)
  • Upgrade to yaml.v3. (#1148, #1371, #1438, #1478)

Fixed

  • Fix a potential bug with udp ipv4 only on darwin. (#1532)
  • Improve lost packet statistics. (#1441, #1537)
  • Honor remote_allow_list in hole punch response. (#1186)
  • Fix a panic when tun.use_system_route_table is true and a route lacks a destination. (#1437)
  • Fix an issue when tun.use_system_route_table: true could result in heavy CPU utilization when many thousands of routes are present. (#1326)
  • Fix tests for 32 bit machines. (#1394)
  • Fix a possible 32bit integer underflow in config handling. (#1353)
  • Fix moving a udp address from one vpn address to another in the static_host_map which could cause rapid re-handshaking with an incorrect remote. (#1259)
  • Improve smoke tests in environments where the docker network is not the default. (#1347)
Commits
  • 59e24b9 v1.10.0 (#1534)
  • 56067af Stab at better logging when a relay is being used (#1533)
  • 64f202f Make 0.0.0.0/0 and ::/0 not mean any address family, add any for that (#1538)
  • 6d7cf61 improve nebula-cert sign version auto-select (#1535)
  • 83ae807 No need to clear counter 0 (#1537)
  • 12cf348 feat: support via gateway for v6 multihop for v4 routes (#1521)
  • a5ee928 Bump golang.org/x/crypto in the golang-x-dependencies group (#1536)
  • 7aff313 Relax the restriction on routines from the config (#1531)
  • 297767b warn user if they configure a firewall rule that will allow way more traffic ...
  • 99faab5 Fix a potential bug with udp ipv4 only on darwin (#1532)
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
github.com/slackhq/nebula [>= 1.7.a, < 1.8]

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 8, 2025
@github-actions github-actions bot added the needs triage Waiting for discussion / prioritization by team label Dec 8, 2025
@step-ci step-ci enabled auto-merge December 8, 2025 15:04
@hslatman
Copy link
Member

hslatman commented Dec 9, 2025

@dependabot rebase

@dependabot
Bump github.com/slackhq/nebula from 1.9.7 to 1.10.0
2fa4c76 
Bumps [github.com/slackhq/nebula](https://github.com/slackhq/nebula) from 1.9.7 to 1.10.0.
- [Release notes](https://github.com/slackhq/nebula/releases)
- [Changelog](https://github.com/slackhq/nebula/blob/master/CHANGELOG.md)
- [Commits](slackhq/nebula@v1.9.7...v1.10.0)

---
updated-dependencies:
- dependency-name: github.com/slackhq/nebula
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/slackhq/nebula-1.10.0 branch from 525e109 to 2fa4c76 Compare December 9, 2025 07:38
@hslatman hslatman added this to the v0.29.1 milestone Dec 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code needs triage Waiting for discussion / prioritization by team

Projects

None yet

Milestone

v0.29.1

Development

Successfully merging this pull request may close these issues.

2 participants

@hslatman