Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2026-06-15 13:40:11 -04:00
Code Issues Packages Projects Releases Wiki Activity
4,816 Commits 11 Branches 82 Tags
b9d889d2079248ca7a589dec8e17c00f0c03042f
Commit Graph

4816 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
b9d889d207 build(deps): bump google.golang.org/api from 0.280.0 to 0.283.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.280.0 to 0.283.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.280.0...v0.283.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-version: 0.283.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-11 00:48:32 +00:00
dependabot[bot]
7e03b6b504 build(deps): bump github.com/prometheus/common from 0.67.5 to 0.68.1 (#8163) 
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.67.5 to 0.68.1.
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/common/compare/v0.67.5...v0.68.1)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-version: 0.68.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-10 17:46:31 -07:00
dependabot[bot]
8ba320a022 build(deps): bump github.com/aws/aws-sdk-go-v2/service/secretsmanager (#8164) 
Bumps [github.com/aws/aws-sdk-go-v2/service/secretsmanager](https://github.com/aws/aws-sdk-go-v2) from 1.41.7 to 1.42.1.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.41.7...service/s3/v1.42.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/secretsmanager
  dependency-version: 1.42.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-10 17:46:14 -07:00
dependabot[bot]
2a274c6564 build(deps): bump golang.org/x/sys from 0.45.0 to 0.46.0 (#8167) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.45.0 to 0.46.0.
- [Commits](https://github.com/golang/sys/compare/v0.45.0...v0.46.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-version: 0.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-10 17:45:58 -07:00
dependabot[bot]
6e83532c59 build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.41.7 to 1.41.11 (#8168) 
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.41.7 to 1.41.11.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.41.7...v1.41.11)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.41.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-10 17:45:46 -07:00
dependabot[bot]
fee8173cbf build(deps): bump the go-etcd-io group with 2 updates (#8157) 
Bumps the go-etcd-io group with 2 updates: [go.etcd.io/etcd/api/v3](https://github.com/etcd-io/etcd) and [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd).


Updates `go.etcd.io/etcd/api/v3` from 3.6.11 to 3.6.12
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](https://github.com/etcd-io/etcd/compare/v3.6.11...v3.6.12)

Updates `go.etcd.io/etcd/client/v3` from 3.6.11 to 3.6.12
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](https://github.com/etcd-io/etcd/compare/v3.6.11...v3.6.12)

---
updated-dependencies:
- dependency-name: go.etcd.io/etcd/api/v3
  dependency-version: 3.6.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-etcd-io
- dependency-name: go.etcd.io/etcd/client/v3
  dependency-version: 3.6.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-etcd-io
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-10 17:45:28 -07:00
dependabot[bot]
0a33a3d6a1 build(deps): bump actions/checkout from 6.0.2 to 6.0.3 (#8160) 2026-06-10 17:26:59 +03:00
dependabot[bot]
9221482e2d build(deps): bump github/codeql-action from 4.36.0 to 4.36.1 (#8159) 2026-06-10 17:26:16 +03:00
dependabot[bot]
486abeffc5 build(deps): bump astral-sh/setup-uv from 8.1.0 to 8.2.0 (#8156) 2026-06-10 17:25:49 +03:00
Yong Tang
232d7cac38 Update release note (#8155) v1.14.4 2026-06-09 06:22:51 +03:00
Yong Tang
60a439dd4f plugin/proxyproto: Prevent nil pointer dereference when dropping malformed PROXY packets (#8154) 
Avoid a potential nil pointer dereference in PacketConn.ReadFrom() when malformed PROXY protocol headers cause readFrom() to return a nil address.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2026-06-08 16:26:32 -07:00
Yong Tang
b6e5859ee7 Add notes for 1.14.4 (#8153) 
This is part of the 8152

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2026-06-08 04:09:44 -07:00
Yong Tang
513e2ddcd7 Bump version to 1.14.4 (#8150) 
In preparing for 8148

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2026-06-06 07:49:03 +03:00
Yong Tang
3342b414e3 plugin/cache: allow cache TTLs above default 3600s (#8134) 
* plugin/cache: allow cache TTLs above default 3600s

This change allows the cache plugin to honor configured maximum TTL values above the default 3600s limit. Default behavior remains unchanged
This PR fixes 7846

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Keep MinimalTTL

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

---------

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2026-06-06 07:48:26 +03:00
Isolus
b49fe2d469 plugin/dnssec: sign each RRset with the zone that owns its name, not the query zone (#8138) 
Signed-off-by: Björn Kinscher <code@bjoern-kinscher.de>
Co-authored-by: Björn Kinscher <code@bjoern-kinscher.de>
 2026-06-05 18:36:28 -07:00
Cedric Wang
3718f0cc81 dnsserver: use http.LocalAddrContextKey for DoH local address (#8149) 
The DoH server resolved the per-connection local address in a custom
http.Server.ConnContext callback. ConnContext runs synchronously in the
http.Server accept loop, so calling c.LocalAddr() there is a problem when
the listener is proxyproto-wrapped: LocalAddr() triggers the PROXY-header
read, which blocks the accept loop until the header arrives and
head-of-line-blocks acceptance of every other connection.

net/http and http2 already populate http.LocalAddrContextKey from the
connection in the per-connection serving goroutine (net/http server.go,
http2 server_common.go / h2_bundle.go), resolved through the same
tls.Conn -> proxyproto.Conn chain. For a proxyproto connection that value
is the PROXY header's destination address -- byte-identical to what the
custom callback produced -- and it is set off the accept loop on both the
HTTP/1.1 and HTTP/2 paths.

Drop the custom ConnContext callback and the connKey type, and read
http.LocalAddrContextKey in localAddr() instead. The client address is
unaffected: it arrives via r.RemoteAddr, which the framework populates
natively.

Signed-off-by: zongqi-wang <wangzongqi@msn.com>
 2026-06-05 18:31:53 -07:00
dependabot[bot]
408fdf0812 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#8141) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.32.17 to 1.32.18.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.32.17...config/v1.32.18)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.32.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-04 09:58:17 +03:00
dependabot[bot]
58921a2b48 build(deps): bump golang.org/x/net from 0.54.0 to 0.55.0 (#8140) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.54.0 to 0.55.0.
- [Commits](https://github.com/golang/net/compare/v0.54.0...v0.55.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.55.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-04 09:53:08 +03:00
dependabot[bot]
7abb3bbc1e build(deps): bump golang.org/x/crypto from 0.51.0 to 0.52.0 (#8142) 2026-06-04 06:33:31 +03:00
dependabot[bot]
6ae26569a2 build(deps): bump github/codeql-action from 4.35.5 to 4.36.0 (#8147) 2026-06-04 06:31:53 +03:00
dependabot[bot]
d4852224d0 build(deps): bump docker/login-action from 4.1.0 to 4.2.0 (#8146) 2026-06-04 06:30:48 +03:00
dependabot[bot]
1369324776 build(deps): bump golangci/golangci-lint-action from 9.2.0 to 9.2.1 (#8145) 2026-06-04 06:26:25 +03:00
徐晓伟
c02e6dc843 build: add loong64 arch support (#8137) 
* build: add loong64 arch support to Makefile.docker and Makefile.release

Signed-off-by: 徐晓伟 <xuxiaowei@xuxiaowei.com.cn>

* build: add loong64 docker build config using loong64 community images

Signed-off-by: 徐晓伟 <xuxiaowei@xuxiaowei.com.cn>

---------

Signed-off-by: 徐晓伟 <xuxiaowei@xuxiaowei.com.cn>
 2026-06-02 19:11:40 -07:00
Yong Tang
84af2a7a3f core: bound HTTP/3 request header size for DoH3 (#8135) 
This PR Set a conservative MaxHeaderBytes value on the DoH3 HTTP/3 server.
This reduces memory exposure from large request headers before requests
reach the DoH handler.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2026-06-01 00:58:39 -07:00
Immanuel Tikhonov
4c07a287da fix: reject invalid any and local config (#8133) 
Signed-off-by: immanuwell <pchpr.00@list.ru>
 2026-05-31 15:41:27 -07:00
Dmytro Alieksieiev
ce0e5a6f39 plugin/forward: add hostname resolution support for TO endpoints (#5646) (#7923) 
Signed-off-by: Dmytro Alieksieiev <1865999+dragoangel@users.noreply.github.com>
 2026-05-30 19:36:01 -07:00
Immanuel Tikhonov
33c71b1554 fix(kubernetes): remove debug fmt.Println from multicluster zone validation (#8131) 
Signed-off-by: immanuwell <pchpr.00@list.ru>
 2026-05-28 22:11:35 -07:00
Nicholas Amorim
6b93363b94 feat(core): expose TLS ConnectionState (SNI) for DoQ (#8129) 
DoQWriter previously stored only the QUIC stream, so plugins reading
TLS state via dns.ConnectionStater (e.g. for SNI-based routing or
auditing) could not see anything for DoQ connections, even
though the underlying QUIC connection carries a full tls.ConnectionState.

This change adds a *quic.Conn reference to DoQWriter and wires it in serveQUICStream.

It implements dns.ConnectionStater on *DoQWriter, returning the TLS
state from the underlying QUIC connection (mirrors the DoT behavior
that miekg/dns already provides for *tls.Conn)

Forwards ConnectionState through request.ScrubWriter, which wraps
every response writer before the plugin chain runs; the embedded
dns.ResponseWriter interface does not promote ConnectionState (it
belongs to a separate interface), so without this plugins would
still see nil for both DoQ and DoT

Signed-off-by: Nicholas Amorim <nicholas@santos.ee>
 2026-05-28 15:45:48 -07:00
Immanuel Tikhonov
0bcb17df06 fix: use descriptive error for unknown block options in health and log plugins (#8128) 2026-05-27 16:29:24 -07:00
dependabot[bot]
afdf121a5a build(deps): bump google.golang.org/api from 0.279.0 to 0.280.0 (#8123) 2026-05-27 16:28:17 -07:00
dependabot[bot]
516daf5b74 build(deps): bump github.com/DataDog/dd-trace-go/v2 from 2.8.1 to 2.8.2 (#8124) 2026-05-27 16:28:01 -07:00
dependabot[bot]
4158c87ebf build(deps): bump github.com/oschwald/geoip2-golang/v2 (#8125) 2026-05-27 16:27:52 -07:00
dependabot[bot]
fea4f2c708 build(deps): bump actions/stale from 10.2.0 to 10.3.0 (#8127) 
Bumps [actions/stale](https://github.com/actions/stale) from 10.2.0 to 10.3.0.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](b5d41d4e1d...eb5cf3af3a)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-version: 10.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-27 20:49:07 +03:00
dependabot[bot]
63491966e4 build(deps): bump github/codeql-action from 4.35.4 to 4.35.5 (#8126) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.4 to 4.35.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](68bde559de...9e0d7b8d25)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-27 20:48:08 +03:00
Jöran Malek
eb49f402cc plugin/forward: Forward NODATA responses to Next handler (#8065) 2026-05-26 17:15:46 -07:00
Immanuel Tikhonov
17142359e0 fix: reject unknown chaos block options (#8121) 2026-05-24 05:58:11 -07:00
Ville Vesilehto
d9c6b9b8b4 fix: reject unknown trace and dnstap block options (#8120) 2026-05-21 16:06:25 -07:00
Immanuel Tikhonov
1fbc686758 fix: reject unknown ready plugin properties (#8119) 
Signed-off-by: immanuwell <pchpr.00@list.ru>
 2026-05-21 22:29:59 +03:00
JUN YANG
3e762bc603 Remove redundant code (#8072) 
Signed-off-by: Yang Jun <yang.jun22@zte.com.cn>
Signed-off-by: 杨军10092085 <yang.jun22@zte.com.cn>
 2026-05-21 22:11:29 +03:00
weiguozhang
65d15af3a9 pkg/tls: remove duplicate cipher suites (#8118) 
Signed-off-by: Weiguo Zhang <weiguozhang1990@163.com>
 2026-05-20 23:54:11 -07:00
dependabot[bot]
fb74594423 build(deps): bump google.golang.org/grpc from 1.81.0 to 1.81.1 (#8116) 2026-05-20 18:08:49 -07:00
dependabot[bot]
fa470b5d67 build(deps): bump google.golang.org/api from 0.278.0 to 0.279.0 (#8115) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.278.0 to 0.279.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.278.0...v0.279.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-version: 0.279.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-20 17:04:31 -07:00
dependabot[bot]
6d284f0101 build(deps): bump golang.org/x/net from 0.53.0 to 0.54.0 (#8114) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.53.0 to 0.54.0.
- [Commits](https://github.com/golang/net/compare/v0.53.0...v0.54.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-20 17:04:17 -07:00
dependabot[bot]
571bde041d build(deps): bump golang.org/x/crypto from 0.50.0 to 0.51.0 (#8113) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.50.0 to 0.51.0.
- [Commits](https://github.com/golang/crypto/compare/v0.50.0...v0.51.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.51.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-20 17:04:02 -07:00
dependabot[bot]
e323f5e1c8 build(deps): bump github.com/quic-go/quic-go from 0.59.0 to 0.59.1 (#8112) 
Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) from 0.59.0 to 0.59.1.
- [Release notes](https://github.com/quic-go/quic-go/releases)
- [Commits](https://github.com/quic-go/quic-go/compare/v0.59.0...v0.59.1)

---
updated-dependencies:
- dependency-name: github.com/quic-go/quic-go
  dependency-version: 0.59.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-20 22:46:22 +03:00
dependabot[bot]
4a7b286b6e build(deps): bump actions/dependency-review-action from 4.9.0 to 5.0.0 (#8111) 
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.9.0 to 5.0.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](2031cfc080...a1d282b36b)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-20 22:45:13 +03:00
dependabot[bot]
63736a4b08 build(deps): bump github/codeql-action from 4.35.3 to 4.35.4 (#8117) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.3 to 4.35.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](e46ed2cbd0...68bde559de)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-20 22:44:40 +03:00
James R T
84faec64c3 fix(azure): apply access mode to every zone in the same block (#8110) 2026-05-20 08:06:37 -07:00
Ville Vesilehto
f8dffa7fc2 feat(secondary): add fallthrough support (#8041) 2026-05-20 00:13:03 -07:00
Umut Polat
b1a7fc8db1 fix(cache): prefer positive cache over SERVFAIL in ncache (#8003) 
When serve_stale is enabled, a cached SERVFAIL in ncache shadows a valid
positive entry in pcache because ncache is always checked first. SERVFAIL
is transient and should not mask a known-good answer.

When the ncache hit is a SERVFAIL, check pcache for a valid entry before
returning the SERVFAIL. NXDOMAIN and NODATA are unaffected and still
follow the existing ncache-first lookup per RFC 2308.

Fixes #7956

Signed-off-by: umut-polat <52835619+umut-polat@users.noreply.github.com>
 2026-05-19 20:28:35 -07:00