Update

2026-02-19 10:07:43 +00:00
parent 007438e372
commit 6e637ecf77
1763 changed files with 60820 additions and 279516 deletions
--- a/vendor/tailscale.com/util/syspolicy/rsop/change_callbacks.go
+++ b/vendor/tailscale.com/util/syspolicy/rsop/change_callbacks.go
@@ -9,8 +9,12 @@ import (
 	"sync"
 	"time"

+	"tailscale.com/syncs"
 	"tailscale.com/util/set"
 	"tailscale.com/util/syspolicy/internal/loggerx"
+	"tailscale.com/util/syspolicy/pkey"
+	"tailscale.com/util/syspolicy/policyclient"
+	"tailscale.com/util/syspolicy/ptype"
 	"tailscale.com/util/syspolicy/setting"
 )

@@ -20,7 +24,7 @@ type Change[T any] struct {
 }

 // PolicyChangeCallback is a function called whenever a policy changes.
-type PolicyChangeCallback func(*PolicyChange)
+type PolicyChangeCallback func(policyclient.PolicyChange)

 // PolicyChange describes a policy change.
 type PolicyChange struct {
@@ -37,8 +41,8 @@ func (c PolicyChange) Old() *setting.Snapshot {
 	return c.snapshots.Old
 }

-// HasChanged reports whether a policy setting with the specified [setting.Key], has changed.
-func (c PolicyChange) HasChanged(key setting.Key) bool {
+// HasChanged reports whether a policy setting with the specified [pkey.Key], has changed.
+func (c PolicyChange) HasChanged(key pkey.Key) bool {
 	new, newErr := c.snapshots.New.GetErr(key)
 	old, oldErr := c.snapshots.Old.GetErr(key)
 	if newErr != nil && oldErr != nil {
@@ -48,7 +52,7 @@ func (c PolicyChange) HasChanged(key setting.Key) bool {
 		return true
 	}
 	switch newVal := new.(type) {
-	case bool, uint64, string, setting.Visibility, setting.PreferenceOption, time.Duration:
+	case bool, uint64, string, ptype.Visibility, ptype.PreferenceOption, time.Duration:
 		return newVal != old
 	case []string:
 		oldVal, ok := old.([]string)
@@ -59,10 +63,15 @@ func (c PolicyChange) HasChanged(key setting.Key) bool {
 	}
 }

+// HasChangedAnyOf reports whether any of the specified policy settings has changed.
+func (c PolicyChange) HasChangedAnyOf(keys ...pkey.Key) bool {
+	return slices.ContainsFunc(keys, c.HasChanged)
+}
+
 // policyChangeCallbacks are the callbacks to invoke when the effective policy changes.
 // It is safe for concurrent use.
 type policyChangeCallbacks struct {
-	mu  sync.Mutex
+	mu  syncs.Mutex
 	cbs set.HandleSet[PolicyChangeCallback]
 }

--- a/vendor/tailscale.com/util/syspolicy/rsop/resultant_policy.go
+++ b/vendor/tailscale.com/util/syspolicy/rsop/resultant_policy.go
@@ -7,13 +7,13 @@ import (
 	"errors"
 	"fmt"
 	"slices"
-	"sync"
 	"sync/atomic"
 	"time"

-	"tailscale.com/util/syspolicy/internal"
+	"tailscale.com/syncs"
 	"tailscale.com/util/syspolicy/internal/loggerx"
 	"tailscale.com/util/syspolicy/setting"
+	"tailscale.com/util/testenv"

 	"tailscale.com/util/syspolicy/source"
 )
@@ -58,7 +58,7 @@ type Policy struct {

 	changeCallbacks policyChangeCallbacks

-	mu             sync.Mutex
+	mu             syncs.Mutex
 	watcherStarted bool // whether [Policy.watchReload] was started
 	sources        source.ReadableSources
 	closing        bool // whether [Policy.Close] was called (even if we're still closing)
@@ -449,7 +449,7 @@ func (p *Policy) Close() {
 	}
 }

-func setForTest[T any](tb internal.TB, target *T, newValue T) {
+func setForTest[T any](tb testenv.TB, target *T, newValue T) {
 	oldValue := *target
 	tb.Cleanup(func() { *target = oldValue })
 	*target = newValue
--- a/vendor/tailscale.com/util/syspolicy/rsop/rsop.go
+++ b/vendor/tailscale.com/util/syspolicy/rsop/rsop.go
@@ -10,7 +10,6 @@ import (
 	"errors"
 	"fmt"
 	"slices"
-	"sync"

 	"tailscale.com/syncs"
 	"tailscale.com/util/slicesx"
@@ -20,7 +19,7 @@ import (
 )

 var (
-	policyMu          sync.Mutex       // protects [policySources] and [effectivePolicies]
+	policyMu          syncs.Mutex      // protects [policySources] and [effectivePolicies]
 	policySources     []*source.Source // all registered policy sources
 	effectivePolicies []*Policy        // all active (non-closed) effective policies returned by [PolicyFor]

--- a/vendor/tailscale.com/util/syspolicy/rsop/store_registration.go
+++ b/vendor/tailscale.com/util/syspolicy/rsop/store_registration.go
@@ -9,9 +9,9 @@ import (
 	"sync/atomic"
 	"time"

-	"tailscale.com/util/syspolicy/internal"
 	"tailscale.com/util/syspolicy/setting"
 	"tailscale.com/util/syspolicy/source"
+	"tailscale.com/util/testenv"
 )

 // ErrAlreadyConsumed is the error returned when [StoreRegistration.ReplaceStore]
@@ -33,7 +33,7 @@ func RegisterStore(name string, scope setting.PolicyScope, store source.Store) (

 // RegisterStoreForTest is like [RegisterStore], but unregisters the store when
 // tb and all its subtests complete.
-func RegisterStoreForTest(tb internal.TB, name string, scope setting.PolicyScope, store source.Store) (*StoreRegistration, error) {
+func RegisterStoreForTest(tb testenv.TB, name string, scope setting.PolicyScope, store source.Store) (*StoreRegistration, error) {
 	setForTest(tb, &policyReloadMinDelay, 10*time.Millisecond)
 	setForTest(tb, &policyReloadMaxDelay, 500*time.Millisecond)