{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":128791889,"defaultBranch":"master","name":"haproxy","ownerLogin":"haproxy","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2018-04-09T15:17:42.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/38220289?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1717589675.0","currentOid":""},"activityList":{"items":[{"before":"cdfceb10ae136b02e51f9bb346321cf0045d58e0","after":"61d66a3d061cfb302f1519e5a774eb7e82f57ab9","ref":"refs/heads/master","pushedAt":"2024-06-12T16:21:49.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC/MINOR: management: add -dZ option\n\nAdd some description for missed -dZ command line option in\nthe \"3. Starting HAProxy\" chapter.\n\nNeed to be backported until 2.9.","shortMessageHtmlLink":"DOC/MINOR: management: add -dZ option"}},{"before":"0e09cce0fdf104994b37a492e256d3bc37880ddc","after":"cdfceb10ae136b02e51f9bb346321cf0045d58e0","ref":"refs/heads/master","pushedAt":"2024-06-12T16:08:22.000Z","pushType":"push","commitsCount":5,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"MINOR: quic: refactor qc_prep_pkts() loop\n\nqc_prep_pkts() is built around a double loop iteration. First, it\niterates over every QEL instance register on sending. The inner loop is\nused to repeatdly called qc_build_pkt() with a QEL instance. If the QEL\ninstance has no more data to sent, the next QEL entry is selected. It\ncan also be interrupted earlier if there is not enough room on the sent\nbuffer.\n\nClarify the inner loop by using qc_may_build_pkt() directly into it\nbesides the check on buffer room left. This function is used to test if\nthe QEL instance has something to send.\n\nThis should simplify send evolution, in particular GSO implementation.","shortMessageHtmlLink":"MINOR: quic: refactor qc_prep_pkts() loop"}},{"before":"82a4dd7df69973c8123c73cf7b140685596a73e0","after":"0e09cce0fdf104994b37a492e256d3bc37880ddc","ref":"refs/heads/master","pushedAt":"2024-06-12T14:13:23.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MAJOR: mux-h1: Prevent any UAF on H1 connection after draining a request\n\nSince 2.9, it is possible to drain the request payload from the H1\nmultiplexer in case of early reply. When this happens, the upper stream is\ndetached but the H1 stream is not destroyed. Once the whole request is\ndrained, the end of the detach stage is finished. So the H1 stream is\ndestroyed and the H1 connection is ready to be reused, if possible,\notherwise it is released.\n\nAnd here is the issue. If some data of the next request are received with\nlast bytes of the drained one, parsing of the next request is immediately\nstarted. The previous H1 stream is destroyed and a new one is created to\nhandle the parsing.  At this stage the H1 connection may be released, for\ninstance because of a parsing error. This case was not properly handled.\nInstead of immediately exiting the mux, it was still possible to access the\nreleased H1 connection to refresh its timeouts, leading to a UAF issue.\n\nMany thanks to Annika for her invaluable help on this issue.\n\nThe patch should fix the issue #2602. It must be backported as far as 2.9.","shortMessageHtmlLink":"BUG/MAJOR: mux-h1: Prevent any UAF on H1 connection after draining a …"}},{"before":"91fe085943cea52d0c3d04e81f8ecb6a51668b09","after":"82a4dd7df69973c8123c73cf7b140685596a73e0","ref":"refs/heads/master","pushedAt":"2024-06-12T12:51:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: internals: add a documentation about the master worker\n\nAdd a documentation about the history of the master-worker and how it\nwas implemented in its first version and how it is currently working.\nThis is a global view of the architecture, and not an exhaustive\nexplanation of all mechanisms.","shortMessageHtmlLink":"DOC: internals: add a documentation about the master worker"}},{"before":"c157894ba97a40f40f777344041841e423f99c2c","after":"91fe085943cea52d0c3d04e81f8ecb6a51668b09","ref":"refs/heads/master","pushedAt":"2024-06-12T06:57:49.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MINOR: promex: Skip resolvers metrics when there is no resolver section\n\nBy default, there is always at least on resolver section, the default one,\nbased on \"/etc/resolv.conf\" content. However, it is possible to have no\nresolver at all if the file is empty or if any error occurred. Errors are\nsilently ignored at this stage.\n\nIn that case, there was a bug in the Prometheus exporter leading to a crash\nbecause the resolver section list is empty. An invalid resolver entity was\nused. To fix the issue we must only take care to not dump resolvers metrics\nwhen there is no resolver.\n\nThanks to Aurelien to have spotted the offending commit.\n\nThis patch should fix the issue #2604. It must be backported to 3.0.","shortMessageHtmlLink":"BUG/MINOR: promex: Skip resolvers metrics when there is no resolver s…"}},{"before":"c6931a4f01a29cb4f36e0b70900a6c97a5a2bdda","after":"c157894ba97a40f40f777344041841e423f99c2c","ref":"refs/heads/master","pushedAt":"2024-06-11T15:07:06.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: config: add missing context hint for new server and proxy keywords\n\nTo stay consistent with the work started in 54627f991 (\"DOC: config: add\ncontext hint for proxy keywords\") and 3d4e1e682 (\"DOC: config: add context\nhint for server keywords\"), we add missing context hint for \"guid\" (both\nproxy and server) keyword and \"hash-key\" server keyword that were added\nduring 3.0 development.\n\nThis may be backported in 3.0.","shortMessageHtmlLink":"DOC: config: add missing context hint for new server and proxy keywords"}},{"before":"7acdc3f6ffa69ba97d9f25532f2b7dd1ef390564","after":"c6931a4f01a29cb4f36e0b70900a6c97a5a2bdda","ref":"refs/heads/master","pushedAt":"2024-06-11T09:01:14.000Z","pushType":"push","commitsCount":13,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CLEANUP: log/proxy: fix comment in proxy_free_common()\n\nThanks to previous commit, logformat expressions for default proxies are\nalso postchecked, adjusting a comment that suggests it's not the case.","shortMessageHtmlLink":"CLEANUP: log/proxy: fix comment in proxy_free_common()"}},{"before":"7bff576ebb5e9cc8d081f0a7f7b9cf657e5a3d13","after":"7acdc3f6ffa69ba97d9f25532f2b7dd1ef390564","ref":"refs/heads/master","pushedAt":"2024-06-10T16:55:26.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: install: remove boringssl from the list of supported libraries\n\nBoringSSL support is known to be broken since 2021, it was removed from\nthe CI at this time and never fixed.\n(30ee2965b66f20a2649323ca36029bf2440e34b9)\n\nEven the QUIC code for boringSSL was removed in 2022.\n(e06f7459faf36f5f63092cb6ce89d281dfc4ee6a)","shortMessageHtmlLink":"DOC: install: remove boringssl from the list of supported libraries"}},{"before":"0ef94e2dff873c0755584d0797c81e1b2c697e52","after":"7bff576ebb5e9cc8d081f0a7f7b9cf657e5a3d13","ref":"refs/heads/master","pushedAt":"2024-06-10T12:37:55.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZE flag\n\nInstead of setting this flag on the ones used for the zero-copy negociation,\nit is set on the connection flags used for xprt->rcv_buf()\ncall. Fortunately, there is no real consequence. The only visible effect is\nthe chunk size that is written on 8 bytes for no reason.\n\nThis patch is related to issue #2598. It must be backported to 3.0.","shortMessageHtmlLink":"BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZ…"}},{"before":"711338e1ceb061db0a5c832acdea8edbeafa712f","after":"0ef94e2dff873c0755584d0797c81e1b2c697e52","ref":"refs/heads/master","pushedAt":"2024-06-10T08:46:35.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MINOR: quic: ensure Tx buf is always purged\n\nquic_conn API for sending was recently refactored. The main objective\nwas to regroup the different functions present for both handshake and\napplication emission.\n\nAfter this refactoring, an optimization was introduced to avoid calling\nqc_send() if there was nothing new to emit. However, this prevent the Tx\nbuffer to be purged if previous sending was interrupted, until new\nframes are finally available.\n\nTo fix this, simply remove the optimization. qc_send() is thus now\nalways called in quic_conn IO handlers.\n\nThe impact of this bug should be minimal as it happens only on sending\ntemporary error. However in this case, this could cause extra latency or\neven a complete sending freeze in the worst scenario.\n\nThis must be backported up to 3.0.","shortMessageHtmlLink":"BUG/MINOR: quic: ensure Tx buf is always purged"}},{"before":"93cc23a35561cd89b353143d20962dd86aa82a9c","after":"711338e1ceb061db0a5c832acdea8edbeafa712f","ref":"refs/heads/master","pushedAt":"2024-06-07T14:11:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL\n\nThe ClientHello callback for WolfSSL introduced in haproxy 2.9, seems\nnot to behave correctly with TLSv1.2.\n\nIn TLSv1.2, this is the cipher that is used to chose the authentication algorithm\n(ECDSA or RSA), however an SSL client can send a signature algorithm.\n\nIn TLSv1.3, the authentication is not part of the ciphersuites, and\nis selected using the signature algorithm.\n\nThe mistake in the code is that the signature algorithm in TLSv1.2 are\noverwritting the auth that was selected using the ciphers.\n\nThis must be backported as far as 2.9.","shortMessageHtmlLink":"BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL"}},{"before":"6697e87ae5e1f569dc87cf690b5ecfc049c4aab0","after":"93cc23a35561cd89b353143d20962dd86aa82a9c","ref":"refs/heads/master","pushedAt":"2024-06-05T13:34:14.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration\n\nThe ClientHello Callback which is used for certificate selection uses\nboth the signature algorithms and the ciphers sent by the client.\n\nHowever, when a client is announcing both ECDSA and RSA capabilities\nwith ECSDA ciphers that are not available on haproxy side and RSA\nciphers that are compatibles, the ECDSA certificate will still be used\nbut this will result in a \"no shared cipher\" error, instead of a\nfallback on the RSA certificate.\n\nFor example, a client could send\n'ECDHE-ECDSA-AES128-CCM:ECDHE-RSA-AES256-SHA and HAProxy could be\nconfigured with only 'ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA'.\n\nThis patch fixes the issue by validating that at least one ECDSA cipher\nis available on both side before chosing the ECDSA certificate.\n\nThis must be backported on all stable versions.","shortMessageHtmlLink":"BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+…"}},{"before":null,"after":"25aaf9fd8b9d93aecf2947356c891a8567671568","ref":"refs/heads/20240606-clienthello","pushedAt":"2024-06-05T12:14:35.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration\n\nThe ClientHello Callback which is used for certificate selection uses\nboth the signature algorithms and the ciphers sent by the client.\n\nHowever, when a client is announcing ECDSA capabilities and has ciphers\nthat are not available on haproxy side, the ECDSA certificate will still\nbe used but this will result in a \"no shared cipher\" error, instead of\na fallback on the RSA certificate.\n\nFor example, a client could send\n'ECDHE-ECDSA-AES128-CCM:ECDHE-RSA-AES256-SHA and HAProxy could be\nconfigured with only 'ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA'.\n\nThis patch fixes the issue by validating that at least one ECDSA cipher\nis available on both side before chosing the ECDSA certificate.\n\nThis must be backported on all stable versions.","shortMessageHtmlLink":"BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+…"}},{"before":"2bde0d64ddf0e32257444f14e69adea8f899b74b","after":"6697e87ae5e1f569dc87cf690b5ecfc049c4aab0","ref":"refs/heads/master","pushedAt":"2024-06-05T06:52:50.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"MINOR: mux-quic: Don't send an emtpy H3 DATA frame during zero-copy forwarding\n\nIt may only happens when there is no data to forward but a last stream frame\nmust be sent with the FIN bit. It is not invalid, but it is useless to send\nan empty H3 DATA frame in that case.","shortMessageHtmlLink":"MINOR: mux-quic: Don't send an emtpy H3 DATA frame during zero-copy f…"}},{"before":"f7ae84e7d1b20201b38348d9dcbaefa47eb29814","after":"2bde0d64ddf0e32257444f14e69adea8f899b74b","ref":"refs/heads/master","pushedAt":"2024-06-04T14:31:45.000Z","pushType":"push","commitsCount":7,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume()\n\n'lua_insert(lua->T, -lua_gettop(lua->T))' is actually used to rotate the\ntop value with the bottom one, thus the code was overkill and the comment\nwas actually misleading, let's fix that by using explicit equivalent form\n(absolute index).\n\nIt may be backported with 5508db9a2 (\"BUG/MINOR: hlua: fix unsafe\nlua_tostring() usage with empty stack\") to all stable versions to ease\ncode maintenance.","shortMessageHtmlLink":"CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resu…"}},{"before":"792a645ec21126c74c33820d1e0de63ee98aa810","after":"f7ae84e7d1b20201b38348d9dcbaefa47eb29814","ref":"refs/heads/master","pushedAt":"2024-06-04T13:01:45.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MINOR: quic: prevent crash on qc_kill_conn()\n\nEnsure idle_timer task is allocated in qc_kill_conn() before waking it\nup. It can be NULL if idle timer has already fired but MUX layer is\nstill present, which prevents immediate quic_conn release.\n\nqc_kill_conn() is only used on send() syscall fatal error to notify\nupper layer of an error and close the whole connection asap.\n\nThis crash occurence is pretty rare as it relies on timing issues. It\nhappens only if idle timer occurs before the MUX release (a bigger\nclient timeout is thus required) and any send() syscall detected error.\nFor now, it was only reproduced using GDB to interrupt haproxy longer\nthan the idle timeout.\n\nThis should be backported up to 2.6.","shortMessageHtmlLink":"BUG/MINOR: quic: prevent crash on qc_kill_conn()"}},{"before":"1ef6cdcd26fc3020cff3fd459d7ae37c169861a2","after":"792a645ec21126c74c33820d1e0de63ee98aa810","ref":"refs/heads/master","pushedAt":"2024-06-04T12:26:28.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can be released\n\nIn done_fastfwd() callback function, if nothing was forwarding while the SD\nis blocked, it means there is not enough space in the buffer to proceed. It\nmay be because there are data to be sent. But it may also be data already\nsent waiting for an ack. In this case, no data to be sent by the mux. So the\nquic stream is not woken up when data are finally removed from the\nbuffer. The data forwarding can thus be stuck. This happens when the stats\npage is requested in QUIC/H3. Only applets are affected by this issue and\nonly with the QUIC multiplexer because it is the only mux with already sent\ndata in the TX buf.\n\nTo fix the issue, the idea is to release the txbuf if possible and then\nunblock the SD to perform a new zero-copy data forwarding attempt. Doing so,\nand thanks to the previous patch (\"MEDIUM: applet: Be able to unblock\nzero-copy data forwarding from done_fastfwd\"), the applet will be woken up.\n\nThis patch should fix the issue #2584. It must be backported to 3.0.","shortMessageHtmlLink":"BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can b…"}},{"before":"a63f2cde948e4d8049c961e94029b1fd2752a71d","after":"1ef6cdcd26fc3020cff3fd459d7ae37c169861a2","ref":"refs/heads/master","pushedAt":"2024-06-04T09:19:34.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: FreeBSD: upgrade image, packages\n\nFreeBSD-13.2 was removed from cirrus-ci, let's upgrade to 14.0,\nalso, pcre is EOL, let's switch to pcre2. lua is updated to 5.4","shortMessageHtmlLink":"CI: FreeBSD: upgrade image, packages"}},{"before":"dc8a2c7f43aca6cb02246da67fe0ea93cc3f14b0","after":"a63f2cde948e4d8049c961e94029b1fd2752a71d","ref":"refs/heads/master","pushedAt":"2024-06-03T15:08:21.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CLEANUP: hlua: fix CertCache class comment\n\nCLASS_CERTCACHE is used to declare CertCache global object, not Regex one\n\nThis copy-paste typo introduced was in 30fcca18 (\"MINOR: ssl/lua:\nCertCache.set() allows to update an SSL certificate file\")","shortMessageHtmlLink":"CLEANUP: hlua: fix CertCache class comment"}},{"before":"dc8a2c7f43aca6cb02246da67fe0ea93cc3f14b0","after":null,"ref":"refs/heads/20240603-readme.md","pushedAt":"2024-06-03T13:25:44.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"}},{"before":"45cac52212538ae16e9c232a6a73b6fe4710734c","after":"dc8a2c7f43aca6cb02246da67fe0ea93cc3f14b0","ref":"refs/heads/master","pushedAt":"2024-06-03T13:25:22.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: change the link to the FreeBSD CI in README.md\n\nChange the link to the FreeBSD CI status badge to use the cirrus.com\njobs list.","shortMessageHtmlLink":"DOC: change the link to the FreeBSD CI in README.md"}},{"before":null,"after":"dc8a2c7f43aca6cb02246da67fe0ea93cc3f14b0","ref":"refs/heads/20240603-readme.md","pushedAt":"2024-06-03T13:23:00.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: change the link to the FreeBSD CI in README.md\n\nChange the link to the FreeBSD CI status badge to use the cirrus.com\njobs list.","shortMessageHtmlLink":"DOC: change the link to the FreeBSD CI in README.md"}},{"before":"ab23d7eb690cc3d68b450d58dc1f47d1db01b3f5","after":"45cac52212538ae16e9c232a6a73b6fe4710734c","ref":"refs/heads/master","pushedAt":"2024-06-03T13:15:43.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: add the FreeBSD status badge to README.md\n\nAdd the FreeBSD status badge that comes from the Cirrus CI in the\nREADME.md","shortMessageHtmlLink":"DOC: add the FreeBSD status badge to README.md"}},{"before":"c79c3121427ca240f36e1838fba777b8e92ac81f","after":"ab23d7eb690cc3d68b450d58dc1f47d1db01b3f5","ref":"refs/heads/master","pushedAt":"2024-06-03T09:59:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: speedup apt package install\n\nwe are fine to skip some repos like languages and translations.\nthis drops number of repos twice","shortMessageHtmlLink":"CI: speedup apt package install"}},{"before":"ba958fb230d4add678913f18eb520d9d5935c968","after":"c79c3121427ca240f36e1838fba777b8e92ac81f","ref":"refs/heads/master","pushedAt":"2024-06-03T09:12:44.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: configuration: add an example for keywords from crt-store\n\nIn ticket #785, people are still confused about how to use the crt-store\nload parameters in a crt-list.\n\nThis patch adds an example.\n\nThis must be backported in 3.0","shortMessageHtmlLink":"DOC: configuration: add an example for keywords from crt-store"}},{"before":"f8418d3ade267e5ab28808c17af297fd1ea932a7","after":"ba958fb230d4add678913f18eb520d9d5935c968","ref":"refs/heads/master","pushedAt":"2024-05-31T16:57:33.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory\n\nIn GH issue #2586 @Bbulatov reported a theoretical null-deref in\nenv_expand() in case there's no memory anymore to expand an environment\nvariable. The function should return NULL in this case so that the only\ncaller (str2sa_range) sees it. In practice it may only happen during\nboot thus is harmless but better fix it since it's easy. This can be\nbackported to all versions where this applies.","shortMessageHtmlLink":"BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-m…"}},{"before":"f3e6dfdc9286f7fb86b6a54a6852cac9d1a61f0f","after":"f8418d3ade267e5ab28808c17af297fd1ea932a7","ref":"refs/heads/master","pushedAt":"2024-05-31T11:46:22.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"ADMIN: acme.sh: remove the old acme.sh code\n\nRemove the acme.sh script since it was merged in\nhttps://github.com/acmesh-official/acme.sh/pull/4581\n\nSo people don't try to download a script which is not up to date with\nthe current acme.sh master.","shortMessageHtmlLink":"ADMIN: acme.sh: remove the old acme.sh code"}},{"before":"485b206f61c3b03caa0d21f9e16465b1c298003b","after":"f3e6dfdc9286f7fb86b6a54a6852cac9d1a61f0f","ref":"refs/heads/master","pushedAt":"2024-05-30T15:04:41.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: VTest: accelerate package install a bit\n\nlet's check and install only package is required","shortMessageHtmlLink":"CI: VTest: accelerate package install a bit"}},{"before":"09db70d021d71992377c7f0c03974d65008d569e","after":"485b206f61c3b03caa0d21f9e16465b1c298003b","ref":"refs/heads/master","pushedAt":"2024-05-30T11:54:19.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: replace the README by a markdown version\n\nThis patch removes the old README file and replaces it with a more\nmodern markdown version which allows clickable links on the github page.\n\nIt also adds some of the Github Actions worfklow Status.\n\nThis patch includes the HAProxy png in the doc directory.","shortMessageHtmlLink":"DOC: replace the README by a markdown version"}},{"before":"1eb0f22ee1b64d75c8535b5a48f96b6ead91a341","after":"09db70d021d71992377c7f0c03974d65008d569e","ref":"refs/heads/master","pushedAt":"2024-05-29T20:37:45.000Z","pushType":"push","commitsCount":5,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: use USE_PCRE2 instead of USE_PCRE\n\nUSE_PCRE2 is recommended, I guess USE_PCRE is left unintentionally","shortMessageHtmlLink":"CI: use USE_PCRE2 instead of USE_PCRE"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEY4f4_gA","startCursor":null,"endCursor":null}},"title":"Activity · haproxy/haproxy"}