Bump actions/checkout from 6.0.2 to 7.0.0

Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 7.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](de0fac2e45...9c091bb21b)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/cicd.yml

@@ -62,7 +62,7 @@ jobs:
 
         steps:
             - name: Checkout code
-              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+              uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
 
             - name: Monitor storage space
               run: |
@@ -134,7 +134,7 @@ jobs:
 
         steps:
             - name: Checkout code
-              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+              uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
 
             - name: Monitor storage space
               run: |
@@ -201,7 +201,7 @@ jobs:
         timeout-minutes: 30
         steps:
             - name: Checkout code
-              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+              uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
 
             - name: Log in to Docker Hub
               uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
@@ -256,7 +256,7 @@ jobs:
 
         steps:
             - name: Checkout code
-              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+              uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
 
             - name: Extract tag name
               id: get-tag

.github/workflows/linting.yml

@@ -21,7 +21,7 @@ jobs:
         runs-on: ubuntu-latest
         steps:
             - name: Checkout code
-              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+              uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
 
             - name: Set up Node.js
               uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0

.github/workflows/test.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
 
       - name: Install Node
         uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
@@ -62,7 +62,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
 
       - name: Build Docker image sqlite
         run: make dev-build-sqlite
@@ -71,7 +71,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
 
       - name: Build Docker image pg
         run: make dev-build-pg

server/lib/billing/usageService.ts

@@ -12,7 +12,7 @@ import {
 import { FeatureId, getFeatureMeterId } from "./features";
 import logger from "@server/logger";
 import { build } from "@server/build";
-import { regionalCache as cache } from "#dynamic/lib/cache";
+import cache from "#dynamic/lib/cache";
 
 export function noop() {
     if (build !== "saas") {
@@ -22,6 +22,7 @@ export function noop() {
 }
 
 export class UsageService {
+
     constructor() {
         if (noop()) {
             return;
@@ -56,10 +57,7 @@ export class UsageService {
             try {
                 let usage;
                 if (transaction) {
-                    const orgIdToUse = await this.getBillingOrg(
+                    const orgIdToUse = await this.getBillingOrg(orgId, transaction);
-                        orgId,
-                        transaction
-                    );
                     usage = await this.internalAddUsage(
                         orgIdToUse,
                         featureId,

server/lib/blueprints/applyBlueprint.ts

@@ -48,18 +48,18 @@ export async function applyBlueprint({
     name,
     source = "API"
 }: ApplyBlueprintArgs): Promise<Blueprint> {
+    // Validate the input data
+    const validationResult = ConfigSchema.safeParse(configData);
+    if (!validationResult.success) {
+        throw new Error(fromError(validationResult.error).toString());
+    }
+
+    const config: Config = validationResult.data;
     let blueprintSucceeded: boolean = false;
-    let blueprintMessage = "";
+    let blueprintMessage: string;
     let error: any | null = null;
 
     try {
-        const validationResult = ConfigSchema.safeParse(configData);
-        if (!validationResult.success) {
-            throw new Error(fromError(validationResult.error).toString());
-        }
-
-        const config: Config = validationResult.data;
-
         let proxyResourcesResults: PublicResourcesResults = [];
         let clientResourcesResults: ClientResourcesResults = [];
         await db.transaction(async (trx) => {

server/private/lib/certificates.ts

@@ -17,7 +17,7 @@ import { certificates, db } from "@server/db";
 import { and, eq, isNotNull, or, inArray, sql } from "drizzle-orm";
 import { decrypt } from "@server/lib/crypto";
 import logger from "@server/logger";
-import { regionalCache as cache } from "#private/lib/cache";
+import cache from "#private/lib/cache";
 import { build } from "@server/build";
 
 // Define the return type for clarity and type safety

server/private/routers/remoteExitNode/listRemoteExitNodes.ts

@@ -22,7 +22,7 @@ import createHttpError from "http-errors";
 import logger from "@server/logger";
 import { fromError } from "zod-validation-error";
 import { ListRemoteExitNodesResponse } from "@server/routers/remoteExitNode/types";
-import { regionalCache as cache } from "#private/lib/cache";
+import cache from "#private/lib/cache";
 import semver from "semver";
 
 let stalePangolinNodeVersion: string | null = null;

server/routers/newt/getNewtVersion.ts

@@ -10,7 +10,7 @@ import { verifyPassword } from "@server/auth/password";
 import response from "@server/lib/response";
 import HttpCode from "@server/types/HttpCode";
 import logger from "@server/logger";
-import { regionalCache as cache } from "#dynamic/lib/cache";
+import cache from "#dynamic/lib/cache";
 import config from "@server/lib/config";
 
 // Stale-while-revalidate in-memory fallback for the releases API.

server/routers/newt/handleSocketMessages.ts

@@ -2,7 +2,7 @@ import { MessageHandler } from "@server/routers/ws";
 import logger from "@server/logger";
 import { Newt } from "@server/db";
 import { applyNewtDockerBlueprint } from "@server/lib/blueprints/applyNewtDockerBlueprint";
-import cache from "#dynamic/lib/cache"; // not using regional here because we dont know where the site is
+import cache from "#dynamic/lib/cache";
 
 export const handleDockerStatusMessage: MessageHandler = async (context) => {
     const { message, client, sendToClient } = context;

server/routers/olm/handleOlmRegisterMessage.ts

@@ -20,7 +20,7 @@ import { handleFingerprintInsertion } from "./fingerprintingUtils";
 import { build } from "@server/build";
 import { canCompress } from "@server/lib/clientVersionChecks";
 import config from "@server/lib/config";
-import cache from "#dynamic/lib/cache"; // not using regional here because we need this in the register message handler before we know where the client is
+import cache from "#dynamic/lib/cache";
 
 const HOLEPUNCH_STALE_CHAIN_THRESHOLD = 18;
 const HOLEPUNCH_STALE_CHAIN_TTL_SECONDS = 1800;

server/routers/resource/listUserResourceAliases.ts

@@ -15,7 +15,8 @@ import logger from "@server/logger";
 import { z } from "zod";
 import { fromZodError } from "zod-validation-error";
 import type { PaginatedResponse } from "@server/types/Pagination";
-import { regionalCache as cache } from "#dynamic/lib/cache";
+import { OpenAPITags, registry } from "@server/openApi";
+import { localCache } from "#dynamic/lib/cache";
 
 const USER_RESOURCE_ALIASES_CACHE_TTL_SEC = 60;
 
@@ -152,7 +153,7 @@ export async function listUserResourceAliases(
             pageSize
         );
         const cachedData: ListUserResourceAliasesResponse | undefined =
-            await cache.get(cacheKey);
+            localCache.get(cacheKey);
 
         if (cachedData) {
             return response<ListUserResourceAliasesResponse>(res, {
@@ -210,11 +211,7 @@ export async function listUserResourceAliases(
                     page
                 }
             };
-            await cache.set(
+            localCache.set(cacheKey, data, USER_RESOURCE_ALIASES_CACHE_TTL_SEC);
-                cacheKey,
-                data,
-                USER_RESOURCE_ALIASES_CACHE_TTL_SEC
-            );
             return response<ListUserResourceAliasesResponse>(res, {
                 data,
                 success: true,
@@ -259,7 +256,7 @@ export async function listUserResourceAliases(
                 page
             }
         };
-        await cache.set(cacheKey, data, USER_RESOURCE_ALIASES_CACHE_TTL_SEC);
+        localCache.set(cacheKey, data, USER_RESOURCE_ALIASES_CACHE_TTL_SEC);
 
         return response<ListUserResourceAliasesResponse>(res, {
             data,

server/routers/site/listSites.ts

@@ -14,7 +14,7 @@ import {
     siteLabels,
     type Label
 } from "@server/db";
-import { regionalCache as cache } from "#dynamic/lib/cache";
+import cache from "#dynamic/lib/cache";
 import response from "@server/lib/response";
 import logger from "@server/logger";
 import { OpenAPITags, registry } from "@server/openApi";

src/components/newt-install-commands.tsx

@@ -139,6 +139,7 @@ Restart=always
 RestartSec=2
 UMask=0077
 
+NoNewPrivileges=true
 PrivateTmp=true
 
 [Install]