Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from fdf7f43ecf7c1a5c7afe936410233728a8c2d9c2 to 4a13e500e55cf31b7a5d59a38ab2040ab0f42f56.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/fdf7f43ecf7c1a5c7afe936410233728a8c2d9c2...4a13e500e55cf31b7a5d59a38ab2040ab0f42f56

)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/login-action](https://github.com/docker/login-action) from 1f401f745bf57e30b3a2800ad308a87d2ebdf14b to 3d58c274f17dffee475a5520cbe67f0a882c4dbb.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/1f401f745bf57e30b3a2800ad308a87d2ebdf14b...3d58c274f17dffee475a5520cbe67f0a882c4dbb

)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 2.0.0 to 2.1.1.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v2.0.0...v2.1.1

)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [sphinx-rtd-theme](https://github.com/readthedocs/sphinx_rtd_theme) from 1.3.0 to 2.0.0.
- [Changelog](https://github.com/readthedocs/sphinx_rtd_theme/blob/master/docs/changelog.rst)
- [Commits](https://github.com/readthedocs/sphinx_rtd_theme/compare/1.3.0...2.0.0

)

---
updated-dependencies:
- dependency-name: sphinx-rtd-theme
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

modules: update to latest HEAD

df580180d irqbalance: update to 1.9.3
023d6831a irqbalance: add banned_cpulist option
61ae8719f adblock-fast: bugfix: call to missing function
4f99ac645 ddns-scripts: Fix Route53 provider
f7d0beb26 ddns-scripts: add new DDNS provider ipnodns.ru
bf76672ac banip: update 0.9.2-4
e010d9d9f banip: update 0.9.2-3
01fca9e8b https-dns-proxy: fix unintentional call of service_stopped in boot()
183f008a4 sing-box: update to 1.6.6
a241e53ac rust: Update to 1.74.0
709456d06 adblock-fast: bufgix: fix boot()
22a1e22b2 https-dns-proxy: bugfix: prevent erros from boot()
c4315fc5e haproxy: update to v2.8.4
4e152bc41 dhtd: update to 0.2.4
f8918644c acme-acmesh: Update to 3.0.7
0bcd6bbc8 dnsproxy: Update to 0.59.0
f8cd88d0d tailscale: Update to 1.54.0
01bfe4f6b tailscale: Update to 1.52.1
906e4703f tailscale: Update to 1.50.1
625efd967 gummiboot: release bump
f9fa735ed netbird: update to version 0.24.2
481902f4e netbird: update to 0.23.9
91238177f netbird: update to 0.23.6
8d5ab4ca0 dhtd: update to 0.2.1
5ec47c5f1 dhtd: new package
cad16d24f crowdsec: new upstream release version 1.5.5
f9b6c2c5d pymysql: add meta-package for sha256 support
5453ca57c freeradius3: Fix build when pcre is present
413260559 golang: Update to 1.21.4
b2e8a5bdd adblock-fast: bugfix: ensure downloaded block-lists end with newline
11252ef64 banip: update 0.9.2-2
4c197c1a2 banip: release 0.9.2-1
8cf81bccd tang: set the right permissions to keys
660c30cc2 v2raya: Update to 2.2.4.1
98c281532 v2ray-core: Update to 5.11.0
4df5572bb adblock-fast: update to 1.0.1-1
6439078a9 php8: update to 8.2.12
b2cdb8f45 php8: fix linking on riscv64 platform (again)
7519f1ff1 crowdsec-firewall-bouncer: add ujail
d42ced507 perl: add support for riscv64

6264d12ed8 firmware-utils: update to Git HEAD (2023-11-21)
ebdaee7194 ramips: add support for Sercomm CPJ routers
fd277ee490 ramips: mt7620: drop unnecessary trailing tabs
a8f31d2aa1 ramips: sercomm.mk: make common recipe to set a bit in pid
dae399196b scripts: sercomm-pid.py: use uppercase hwid in pid
95ebd609ae kernel: bump 5.15 to 5.15.139
d6b62611b8 firmware-utils: package oseama
40bd2bb3d6 firmware-utils: new package replacing otrx
a39dca7ead kernel: bump 5.15 to 5.15.138
c7b6cfac40 scripts/dump-target-info.pl: add new function to DUMP devices
6cb1cb1b13 OpenWrt v23.05.2: revert to branch defaults
1c26bcb108 OpenWrt v23.05.2: adjust config defaults
842932a63d netifd: fix IPv4 route target masking
51bb178824 treewide: fix shell errors during dump stage
4637ba72b7 scan.mk: do not silence output of dump phase
b38b5c4299 ramips: add support for MeiG SLT866 4G CPE
ce62536aca uboot-envtools: add environment config for MeiG SLT866
03e26f856f kernel: support reading hex MAC address from NVMEM
a00fc406b9 kernel: add support MeigLink SLM828 modem
275f7e07ee ramips: cf-ew72-v2: Add support for COMFAST CF-EW72 V2
65bf66f727 ramips: Add support for ComFast CF-E390AX
ce62c25c08 OpenWrt v23.05.1: revert to branch defaults
a58a86693f OpenWrt v23.05.1: adjust config defaults
101988c61a scripts/getver.sh: prevent asking for negative rev-parse
b7e81d210b iptables: backport patch fixing bug with string module
3d006f95f2 wolfssl: update to 5.6.4
46385eb7f8 netifd: update to the latest version
11a41bc4b2 netifd: update to Git HEAD (2023-11-09)
f6a9f0c57b ipq-wifi: update to Git HEAD (2023-11-10)
2285eb732a ucode: update to Git HEAD (2023-11-07)
f5e9fd624d hostapd: refresh patches
85d1b43be4 hostapd: permit 40MHz in 802.1s only also for 2.4GHz g/n with noscan
1cab0d74b3 hostapd: permit also channel 7 for 2.5GHz to be set to HT40PLUS
c9e8453de7 hostapd: fix broke noscan option for mesh
2ef625e769 mac80211: fix not set noscan option for wpa_supplicant
5106f554bb px5g-wolfssl: Fix permission of private key
6fd16b0d27 px5g-mbedtls: Fix permission of private key
6de0e0d01a hostapd: use rtnl to set up interfaces
bbfb920e99 wifi: fix applying mesh parameters when wpa_supplicant is in use
f780cfb92f netifd: update to the latest version
d3c193525e mediatek: add CMCC RAX3000M support
429715a237 uboot-mediatek: add support for CMCC RAX3000M
b209f45640 arm-trusted-firmware-mediatek: add emmc/spim-nand ddr4 build for mt7981
04cde73d56 treewide: fix MERCUSYS brand spelling
3223f31fd3 mbedtls: Activate secp521r1 curve by default
cfadbc090c image: fix image generation within ImageBuilder

OpenWrt now uses the new mbedTLS implementation for hostapd as well as
wpa_supplicant.

In order to keep as close to upstream as possible, use these
derivations.

Signed-off-by: David Bauer <mail@david-bauer.net>

Remove due to ticket #2939

These devices risk being bricked in a way that can not be recovered
without running full TFTP or serial recovery, as the flash ends up in a
read-only state with no way of upgrading to a fixed version.

Thus, remove the support for the time being. Don't just flag them as
BROKEN, as this would deliberately brick these boards when installating
such an image.

Signed-off-by: David Bauer <mail@david-bauer.net>

lantiq-xrx200: remove BROKEN target-flag

The generated CI changed due to the order in targets.mk.

No functional change.

Signed-off-by: David Bauer <mail@david-bauer.net>

This removes the BROKEN flag from the lantiq-xrx200 target.
The issues with the switch-driver have been resolved upstream

Link: https://github.com/openwrt/openwrt/pull/13638



Signed-off-by: David Bauer <mail@david-bauer.net>

Signed-off-by: David Bauer <mail@david-bauer.net>

There is a new way to flash OpenWrt on the ASUS TUF AX4200 which does
not require to open the device.

Link: https://github.com/blocktrron/openwrt-asus-filogic-factory/releases/tag/filogic-v1



Signed-off-by: David Bauer <mail@david-bauer.net>

ci: dynamically set thread-count 

Collect some basic system information about the runners the CI jobs
run on. This is done iwth the intention to have diagnostics information
in advance in case builds fail spuriously in some instances.

Signed-off-by: David Bauer <mail@david-bauer.net>

Despite what GitHub states in their documentation, the runners feature a
different core count. Automatically set the build thread-count by the
amount of available CPU cores.

Link: https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources



Signed-off-by: David Bauer <mail@david-bauer.net>

Signed-off-by: Florian Maurer <f.maurer@outlook.de>

gluon-mesh-vpn: depend on simple-tc in implementation

treewide: remove stale migrations

modules: update to latest HEAD

gluon-mesh-vpn-core: remove old migration code

This code was added way back in 2017. We don't support updates from
those old versions, so we can remove it.

Signed-off-by: David Bauer <mail@david-bauer.net>

55aef54b7 nmap: backport fix to be able to compile it with OpenSSL 1.1
ea020233c iperf3-mt: new package
9d611efed dnsproxy: new features
542e8dae9 aircrack-ng: backport patch and move package to pcre2
3754fbdd3 aircrack-ng: bump to release 1.7
66774c3b3 pyodbc: Fix segmentation fault
9068bc76c speedtestcpp: update to 1.20.3
3b240b06f wavemon: bump to 9.5.0
4ae738408 libndpi: bump to release 4.8
a1f665fc9 haproxy: move to PCRE2
5a27d7d8b strongswan: Update to 5.9.11
f218d96e1 python3: Fix building C extensions with setuptools
4aaa4844f efibootmgr: Add armsr target support
41f5c318d  efivar: Add armsr target support
78b009fbd dmidecode: Add armsr target support
18061b655 zerotier: fix typo
6ab71e289 aircrack-ng: fix wrong inclusion of libbsd if detected
96e1b50f1 lighttpd: update to lighttpd 1.4.73 release hash
ec2255903 sing-box: update to v1.6.0
69db0bd91 rust: Fix compile error for mipsel_24kc+24kf
ca8eb766a rust: Fix compile error if build dir and DL_DIR on separate filesystems

7c43ced160 libnl: add support for cli
ec54022549 mediatek: add label-mac for GL.iNet GL-MT3000
610ae4d344 odhcpd: Bump to latest commits
8ed934f371 uboot-mediatek: fix global pll clock override on mtk_spim
250ab7b7a5 build: fix pkg-config detection when inside of a nix-shell
592aacc3d9 ci: add workflow for automated GitHub release
65a10c8230 hostapd: fix broken WPS on broadcom-wl and ath11k
21e5db97c4 build: add CycloneDX SBOM JSON support
4ef8899c7a package-dumpinfo,metadata: add ABI version information to package index
fdeb7d6dd0 package-metadata: add CPE information to JSON package manifests
21552a955a package-dumpinfo: add CPE information to package index
40203cdbde firewall4: update to the latest version
f34ccb10dd ucode: update to latest Git HEAD
51b1d5950e ucode: fix build on macos
b549880815 ucode: update to latest Git HEAD
41f27bbb6d bcm53xx: add the latest fix version of brcm_nvram
0dec0e0f19 kernel: fix mtd/NVMEM regression affecting U-Boot env NVMEM driver
20736013e9 kernel: backport nvmem v6.6 fixes and v6.7 changes
066971615f kernel: backport v6.6 nvmem changes
b649b0bf71 kernel: nvmem: fix "fixed-layout" & support "mac-base"
e465592155 urngd: update to version 2023-11-01
1157b8c1f1 uboot-mediatek: fix determine the size of an uImage.FIT using 'imsz' or 'imszb'.
89184b15cf mediatek: add build for MT7981 RFB
25bb84e273 uboot-mediatek: add build for mt7981 rfb
3f6e28e39c arm-trusted-firmware-mediatek: fix copy&paste error in Makefile
958817b1c3 kernel: serial: 8250_mtk: track busclk state to avoid bus error

modules: update to latest HEAD

Package name of mbedtls is not 'mbedtls' but 'libmbedtls'.

Signed-off-by: David Bauer <mail@david-bauer.net>

gluon-core: dont fail on unset interface role

gluon-status-page: html: improve accessibility

OpenWrt does not ship with WolfSSL anymore. Instead mbedTLS is shipped
by default.

We can remove the default removal of WolfSSL packages, as they are not
included by default anymore.

Signed-off-by: David Bauer <mail@david-bauer.net>

In case no interface role was selected for a given interface,
gluon-reconfigure currently fails with

Configuring: 021-interface-roles
/usr/bin/lua: /usr/lib/lua/gluon/util.lua:25: bad argument #1 to 'pairs' (table expected, got nil)
stack traceback:
	[C]: in function '?'
	/usr/lib/lua/simple-uci.lua:22: in function 'foreach'
	./021-interface-roles:47: in main chunk
	[C]: ?

Check we actually have a role set before accessing the table.

Signed-off-by: David Bauer <mail@david-bauer.net>

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>

google-lighthouse:
Warning: Consider avoiding viewport values that prevent users from resizing documents.

Rule ID: meta-viewport
Accessibility:
Ruleset: axe-core 4.4
User Impact: Critical
Guidelines: WCAG 2.1 Best Practice, WCAG 2.0 Best Practice

Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 879dcbb708d40f8b8679d4f7941b938a086e23a7 to 62339db73c56dd749060f65a6ebb93a6e056b755.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/879dcbb708d40f8b8679d4f7941b938a086e23a7...62339db73c56dd749060f65a6ebb93a6e056b755

)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/login-action](https://github.com/docker/login-action) from b4bedf8053341df3b5a9f9e0f2cf4e79e27360c6 to 1f401f745bf57e30b3a2800ad308a87d2ebdf14b.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/b4bedf8053341df3b5a9f9e0f2cf4e79e27360c6...1f401f745bf57e30b3a2800ad308a87d2ebdf14b

)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>