You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
app: Scaffold lib+bin crate, module layout & error strategy- config: Add clap CLI and typed Config with flag>env>default- telemetry: Add tracing subscriber init and startup line- app: Add runtime harness with graceful shutdown- codec: Add bounds-checked wire reader/writer and framing- codec: Add Name type, QNAME codec and bounded RR name-skip- codec: Add 12-byte header codec with typed flags- codec: Add shallow message parse with defensive validation- codec: Add bounded TTL scan for response caching- codec: Add EDNS/OPT-aware response synthesis- storage: Add sqlx SQLite connection pool with migrations- storage: Add schema DDL migration for v0.1 config tables- storage: Add idempotent seed-defaults migration- storage: Add settings & upstreams repositories- storage: Add blacklist, allowlist & local-records repositories- storage: Add blocklist-source & offline-cache repository- resolver: Add arc-swap MatchSet primitive- resolver: Add local-record matcher with wildcard suffix-probe- resolver: Add moka raw-bytes cache with serve-from-cache patching- resolver: Add ResolverState bundle with startup hydration- upstream: Add hickory 0.26 transport clients (UDP/TCP/DoT/DoH)- upstream: Forward queries and extract raw bytes + negative TTL- upstream: Add pool with random selection and failover- pipeline: Add request/response model and tower service shape- pipeline: Add decision stack (SPEC §5 match precedence)- pipeline: Add forward + cache-store inner service- pipeline: Add protective tower middleware (rate limit, concurrency, timeout)- telemetry: Add query event, live-log buffer, and runtime stats- pipeline: Add UDP/TCP listeners with SO_REUSEPORT pool and drain- pipeline: Wire the full DNS engine and add end-to-end tests- blocklist: Add HTTP fetcher with conditional requests- blocklist: Parse hosts and domain-list formats into Name sets- blocklist: Aggregate per-source sets and atomically swap them in- blocklist: Add background refresh scheduler and offline start- web: Add axum skeleton, AppState, embedded assets & base layout- web: Add Argon2id auth, session repos, and login/logout- web: Add CSRF protection on mutating routes- web: Add first-run wizard for the initial admin account- web: Add dashboard with runtime stats and blocklist size- web: Add live query log over SSE with filtering- web: Add one-click list management from the live log- web: Add blacklist/allowlist + local DNS record screens- web: Add upstream resolver + settings screens- web: Add blocklist source management + manual refresh- web: Hide custom IP inputs unless blocking mode is Custom- app: Surface bound addresses and lock in full-stack assembly
CI
Add GitHub Actions workflow and local git hooks- storage: Commit sqlx offline cache and verify offline build- release: Add tag-triggered release workflow skeleton + version gate- release: Build Linux binaries and cut a changelog'd GitHub Release- release: Publish to crates.io on tag + packaging guard in CI- release: Build and push a multi-arch Docker image to ghcr.io
Changed
config: Split clap Cli into its own cli module- storage: Use reversible, timestamped migrations- pipeline: Extract the cache as a read-through tower layer- storage: Type admin user role as an enum- web: Use Argon2::default() instead of explicit params- web: Move auth behavior onto types- web: Move wizard handlers and outcome category onto types- web: Make query-log actions outcome-driven, not stateful- resolver: Convert upstream_config_from_row to TryFrom- Consolidate triplicated now_epoch into time::Clock- resolver: Classify rejections via an extension trait- resolver: Move cache/message byte ops onto their types- resolver: Group DNS serve loops under a ServeLoop type- Adopt mod.rs module layout
Documentation
Verify quickstart, sync SPEC, seed CHANGELOG + deploy examples- Add shell & tooling guidance to CLAUDE.md- Document the release process, secrets, and install paths
Fixed
web: Open the live SSE stream with data-init, not data-on-load- web: Make one-click log actions work + add toggle feedback- web: Display domains without the canonical trailing dot- web: Strip trailing dot on local DNS record names too
Testing
codec: Add cargo-fuzz targets and capture fixtures- upstream: End-to-end integration tests with a mock upstream- e2e: Add full-stack scenario suite driving the assembled binary
