deps: bump domainfront (h2-capable) and kindling#536
Merged
Conversation
- domainfront -> v0.0.0-20260624004218-93591749d736 (getlantern/domainfront#9): makes the fronted round trip ALPN-aware, framing requests as HTTP/2 when the CDN edge negotiates h2 (CloudFront, Aliyun, ...) instead of speaking HTTP/1.1 over the h2 connection and failing with a malformed response. - kindling -> v0.0.0-20260624005117-737fcffe2860 (getlantern/kindling#40): the matching kindling bump, which also carries domainfront#9. domainfront's public API is unchanged, so this is a transparent dependency update. The kindling/* and config consumer packages build under both build tag sets and the kindling tests pass. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (1)
📝 WalkthroughWalkthroughTwo direct Go module dependencies in ChangesDependency Version Bumps
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~2 minutes Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
Contributor
There was a problem hiding this comment.
Pull request overview
Updates Radiance’s dependency chain to pick up the HTTP/2 (ALPN-aware) fronting fix by bumping domainfront and kindling to the referenced June 24, 2026 pseudo-versions.
Changes:
- Bump
github.com/getlantern/domainfronttov0.0.0-20260624004218-93591749d736. - Bump
github.com/getlantern/kindlingtov0.0.0-20260624005117-737fcffe2860. - Refresh
go.sumchecksums accordingly.
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| go.mod | Updates required versions for domainfront and kindling to the new pseudo-versions. |
| go.sum | Updates module and go.mod hashes for the bumped dependencies. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
myleshorton
added a commit
to getlantern/lantern
that referenced
this pull request
Jun 24, 2026
Propagates the HTTP/2 fronting fix down to the client: - radiance -> v0.0.0-20260624010426-955f5cbfe595 (getlantern/radiance#536) - domainfront -> v0.0.0-20260624004218-93591749d736 (getlantern/domainfront#9, indirect) - kindling -> v0.0.0-20260624005117-737fcffe2860 (getlantern/kindling#40, indirect) - lantern-box -> v0.0.95 (transitive; now required by radiance#536) domainfront#9 makes the fronted round trip ALPN-aware — it frames requests as HTTP/2 when the CDN edge negotiates h2 (CloudFront, Aliyun, ...) instead of speaking HTTP/1.1 over the h2 connection and failing with a malformed response. API-compatible. Ran go mod tidy and committed go.mod+go.sum together so gomobile resolves lantern-box v0.0.95 (not a stale pin). Verified: full Go build under the CI tag set (CGO_ENABLED=1, with_gvisor/ with_quic/with_wireguard/with_utls/with_grpc/with_conntrack), go vet, and lantern-core tests all pass. Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Propagates the HTTP/2 fronting fix down the dependency chain (domainfront#9 →
kindling#40 → here).
What
github.com/getlantern/domainfront→v0.0.0-20260624004218-93591749d736(domainfront#9)
github.com/getlantern/kindling→v0.0.0-20260624005117-737fcffe2860(kindling#40)
Why
domainfront#9 makes the fronted round trip ALPN-aware: when a CDN edge
negotiates HTTP/2 (CloudFront, Aliyun, …) the request is now framed as HTTP/2
instead of sending HTTP/1.1 over the h2 connection and failing with
malformed HTTP response "\x00\x00\x12\x04...". radiance fronts through bothdomainfront (directly) and kindling, so this fixes h2 edges across the board.
It also carries domainfront's
utlsv1.7.1 → v1.8.2 bump, already the versionradiance resolves (go 1.26 satisfies its Go-1.24-native ML-KEM requirement).
Compatibility
domainfront's public API (
New,Config,Provider,Masquerade,ParseConfig,WithConfigURL) is unchanged — the h2 work was internal to theround-trip path — so this is a transparent dependency update. The go.mod/go.sum
change is limited to these two modules.
Verified: all packages build (
cmd/lanternvia-tags standalone, everythingelse via
-tags with_clash_api),go vetclean, and thekindlingpackagetests pass.
🤖 Generated with Claude Code
Summary by CodeRabbit