Bump github.com/fatedier/frp from 0.62.1 to 0.68.1 in /airavata-agent

[dependabot]

Bumps github.com/fatedier/frp from 0.62.1 to 0.68.1.

Release notes

Sourced from github.com/fatedier/frp's releases.

v0.68.1

Fixes

• Fixed a configuration-dependent authentication bypass in type = "http" proxies when routeByHTTPUser is used together with httpUser / httpPassword. This affected proxy-style requests. Proxy-style authentication failures now return 407 Proxy Authentication Required.

v0.68.0

Features

• Added a built-in store capability for frpc, including persisted store source ([store] path = "..."), Store CRUD admin APIs (/api/store/proxies*, /api/store/visitors*) with runtime reload, and Store management pages in the frpc web dashboard.

Improvements

• Kept proxy/visitor names as raw config names during completion; moved user-prefix handling to explicit wire-level naming logic.
• Added noweb build tag to allow compiling without frontend assets. make build now auto-detects missing web/*/dist directories and skips embedding, so a fresh clone can build without running make web first. The dashboard gracefully returns 404 when assets are not embedded.
• Improved config parsing errors: for .toml files, syntax errors now return immediately with parser position details (line/column when available) instead of falling through to YAML/JSON parsing, and TOML type mismatches report field-level errors without misleading line numbers.
• OIDC auth now caches the access token and refreshes it before expiry, avoiding a new token request on every heartbeat. Falls back to per-request fetch when the provider omits expires_in.

v0.67.0

Features

• frpc now supports a clientID option to uniquely identify client instances. The server dashboard displays all connected clients with their online/offline status, connection history, and metadata, making it easier to monitor and manage multiple frpc deployments.
• Redesigned the frp web dashboard with a modern UI, dark mode support, and improved navigation.

Fixes

• Fixed UDP proxy protocol sending header on every packet instead of only the first packet of each session.

v0.66.0

Features

• HTTPS proxies now support load balancing groups. Multiple HTTPS proxies can be configured with the same loadBalancer.group and loadBalancer.groupKey to share the same custom domain and distribute traffic across multiple backend services, similar to the existing TCP and HTTP load balancing capabilities.
• Individual frpc proxies and visitors now accept an enabled flag (defaults to true), letting you disable specific entries without relying on the global start list—disabled blocks are skipped when client configs load.
• OIDC authentication now supports a tokenSource field to dynamically obtain tokens from external sources. You can use type = "file" to read a token from a file, or type = "exec" to run an external command (e.g., a cloud CLI or secrets manager) and capture its stdout as the token. The exec type requires the --allow-unsafe=TokenSourceExec CLI flag for security reasons.

Improvements

• VirtualNet: Implemented intelligent reconnection with exponential backoff. When connection errors occur repeatedly, the reconnect interval increases from 60s to 300s (max), reducing unnecessary reconnection attempts. Normal disconnections still reconnect quickly at 10s intervals.

Fixes

• Fix deadlock issue when TCP connection is closed. Previously, sending messages could block forever if the connection handler had already stopped.

v0.65.0

Features

• Add NAT traversal configuration options for XTCP proxies and visitors. Support disabling assisted addresses to avoid using slow VPN connections during NAT hole punching.
• Enhanced OIDC client configuration with support for custom TLS certificate verification and proxy settings. Added trustedCaFile, insecureSkipVerify, and proxyURL options for OIDC token endpoint connections.
• Added detailed Prometheus metrics with proxy_counts_detailed metric that includes both proxy type and proxy name labels, enabling monitoring of individual proxy connections instead of just aggregate counts.

v0.64.0

... (truncated)

Commits

• 4ec8de9 Merge pull request #5287 from fatedier/dev
• e8dfd6e web/frpc: use static imports for proxy and visitor route components (#5286)
• a9a4416 vhost/http: fix auth bypass when routeByHTTPUser is used with proxy-style req...
• d667be7 update architecture pic (#5270)
• 31c3deb deps: bump golib to v0.6.0 (#5269)
• 31e2719 test/e2e: allocate dynamic ports outside whitelist ranges in server whitelist...
• 061c141 update README.md (#5267)
• 98ee1ad client: close TCP connection when fmux session creation fails (#5262)
• 76abeff ci: remove security vulnerability scan workflow (#5266)
• c694b1f bump pion/stun to v3 to fix vulnerability (#5245)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.