documentation: Bump version

Fail when default DNS server not found
Update gVisor to 20250319.0
2025-06-13 21:54:13 +08:00 · 2025-03-25 10:38:05 +08:00 · 2025-03-25 10:38:05 +08:00 · 2025-03-25 10:38:05 +08:00
5 changed files with 157 additions and 13 deletions
--- a/9
+++ b/9
@ -1,8 +1,6 @@
 NAME = sing-box
 COMMIT = $(shell git rev-parse --short HEAD)
-TAGS_GO120 = with_gvisor,with_dhcp,with_wireguard,with_reality_server,with_clash_api,with_quic,with_utls
+TAGS ?= with_gvisor,with_dhcp,with_wireguard,with_reality_server,with_clash_api,with_quic,with_utls,with_tailscale
 TAGS_GO123 = with_tailscale
 TAGS ?= $(TAGS_GO120),$(TAGS_GO123)
 TAGS_TEST ?= with_gvisor,with_quic,with_wireguard,with_grpc,with_utls,with_reality_server
 GOHOSTOS = $(shell go env GOHOSTOS)
@ -20,11 +18,6 @@ build:
 	export GOTOOLCHAIN=local && \
 	go build $(MAIN_PARAMS) $(MAIN)
 ci_build_go120:
 	export GOTOOLCHAIN=local && \
 	go build $(PARAMS) $(MAIN) && \
 	go build $(PARAMS) -tags "$(TAGS_GO120)" $(MAIN)
 ci_build:
 	export GOTOOLCHAIN=local && \
 	go build $(PARAMS) $(MAIN) && \
--- a/dns/transport_manager.go
+++ b/dns/transport_manager.go
@ -59,6 +59,9 @@ func (m *TransportManager) Start(stage adapter.StartStage) error {
 	transports := m.transports
 	m.access.Unlock()
 	if stage == adapter.StartStateStart {
 		if m.defaultTag != "" && m.defaultTransport == nil {
 			return E.New("default DNS server not found: ", m.defaultTag)
 		}
 		return m.startTransports(m.transports)
 	} else {
 		for _, outbound := range transports {
--- a/docs/changelog.md
+++ b/docs/changelog.md
@ -2,11 +2,39 @@
 icon: material/alert-decagram
 ---
-### 1.11.6
+#### 1.12.0-alpha.19
 * Update gVisor to 20250319.0
 * Fixes and improvements
-_We are temporarily unable to update sing-box apps on the App Store because the reviewer mistakenly found that we violated the rules (TestFlight users are not affected)._
+#### 1.12.0-alpha.18
 * Add wildcard SNI support for ShadowTLS inbound **1**
 * Fixes and improvements
 **1**:
 See [ShadowTLS](/configuration/inbound/shadowtls/#wildcard_sni).
 #### 1.12.0-alpha.17
 * Add NTP sniffer **1**
 * Fixes and improvements
 **1**:
 See [Protocol Sniff](/configuration/route/sniff/).
 #### 1.12.0-alpha.16
 * Update `domain_resolver` behavior **1**
 * Fixes and improvements
 **1**:
 `route.default_domain_resolver` or `outbound.domain_resolver` is now optional when only one DNS server is configured.
 See [Dial Fields](/configuration/shared/dial/#domain_resolver).
 ### 1.11.5
@ -14,20 +42,140 @@ _We are temporarily unable to update sing-box apps on the App Store because the
 _We are temporarily unable to update sing-box apps on the App Store because the reviewer mistakenly found that we violated the rules (TestFlight users are not affected)._
 #### 1.12.0-alpha.13
 * Move `predefined` DNS server to DNS rule action **1**
 * Fixes and improvements
 **1**:
 See [DNS Rule Action](/configuration/dns/rule_action/#predefined).
 ### 1.11.4
 * Fixes and improvements
 #### 1.12.0-alpha.11
 * Fixes and improvements
 #### 1.12.0-alpha.10
 * Add AnyTLS protocol **1**
 * Improve `resolve` route action **2**
 * Migrate to stdlib ECH implementation **3**
 * Fixes and improvements
 **1**:
 The new AnyTLS protocol claims to mitigate TLS proxy traffic characteristics and comes with a new multiplexing scheme.
 See [AnyTLS Inbound](/configuration/inbound/anytls/) and [AnyTLS Outbound](/configuration/outbound/anytls/).
 **2**:
 `resolve` route action now accepts `disable_cache` and other options like in DNS route actions, see [Route Action](/configuration/route/rule_action).
 **3**:
 See [TLS](/configuration/shared/tls).
 The build tag `with_ech` is no longer needed and has been removed.
 #### 1.12.0-alpha.7
 * Add Tailscale DNS server **1**
 * Fixes and improvements
 **1**:
 See [Tailscale](/configuration/dns/server/tailscale/).
 #### 1.12.0-alpha.6
 * Add Tailscale endpoint **1**
 * Drop support for go1.22 **2**
 * Fixes and improvements
 **1**:
 See [Tailscale](/configuration/endpoint/tailscale/).
 **2**:
 Due to maintenance difficulties, sing-box 1.12.0 requires at least Go 1.23 to compile.
 For Windows 7 users, legacy binaries now continue to compile with Go 1.23 and patches from [MetaCubeX/go](https://github.com/MetaCubeX/go).
 ### 1.11.3
 * Fixes and improvements
 _This version overwrites 1.11.2, as incorrect binaries were released due to a bug in the continuous integration process._
 #### 1.12.0-alpha.5
 * Fixes and improvements
 ### 1.11.1
 * Fixes and improvements
 #### 1.12.0-alpha.2
 * Update quic-go to v0.49.0
 * Fixes and improvements
 #### 1.12.0-alpha.1
 * Refactor DNS servers **1**
 * Add domain resolver options**2**
 * Add TLS fragment route options **3**
 * Add certificate options **4**
 **1**:
 DNS servers are refactored for better performance and scalability.
 See [DNS server](/configuration/dns/server/).
 For migration, see [Migrate to new DNS server formats](/migration/#migrate-to-new-dns-servers).
 Compatibility for old formats will be removed in sing-box 1.14.0.
 **2**:
 Legacy `outbound` DNS rules are deprecated
 and can be replaced by the new `domain_resolver` option.
 See [Dial Fields](/configuration/shared/dial/#domain_resolver) and
 [Route](/configuration/route/#default_domain_resolver).
 For migration,
 see [Migrate outbound DNS rule items to domain resolver](/migration/#migrate-outbound-dns-rule-items-to-domain-resolver).
 **3**:
 The new TLS fragment route options allow you to fragment TLS handshakes to bypass firewalls.
 This feature is intended to circumvent simple firewalls based on **plaintext packet matching**, and should not be used
 to circumvent real censorship.
 Since it is not designed for performance, it should not be applied to all connections, but only to server names that are
 known to be blocked.
 See [Route Action](/configuration/route/rule_action/#tls_fragment).
 **4**:
 New certificate options allow you to manage the default list of trusted X509 CA certificates.
 For the system certificate list, fixed Go not reading Android trusted certificates correctly.
 You can also use the Mozilla Included List instead, or add trusted certificates yourself.
 See [Certificate](/configuration/certificate/).
 ### 1.11.0
 Important changes since 1.10:
--- a/go.mod
+++ b/go.mod
@ -23,7 +23,7 @@ require (
 	github.com/sagernet/cors v1.2.1
 	github.com/sagernet/fswatch v0.1.1
 	github.com/sagernet/gomobile v0.1.4
-	github.com/sagernet/gvisor v0.0.0-20241123041152-536d05261cff
+	github.com/sagernet/gvisor v0.0.0-20250325023245-7a9c0f5725fb
 	github.com/sagernet/quic-go v0.49.0-beta.1
 	github.com/sagernet/reality v0.0.0-20230406110435-ee17307e7691
 	github.com/sagernet/sing v0.6.5-0.20250324102321-1ddf4ccbfab8
--- a/go.sum
+++ b/go.sum
@ -167,8 +167,8 @@ github.com/sagernet/fswatch v0.1.1 h1:YqID+93B7VRfqIH3PArW/XpJv5H4OLEVWDfProGoRQ
 github.com/sagernet/fswatch v0.1.1/go.mod h1:nz85laH0mkQqJfaOrqPpkwtU1znMFNVTpT/5oRsVz/o=
 github.com/sagernet/gomobile v0.1.4 h1:WzX9ka+iHdupMgy2Vdich+OAt7TM8C2cZbIbzNjBrJY=
 github.com/sagernet/gomobile v0.1.4/go.mod h1:Pqq2+ZVvs10U7xK+UwJgwYWUykewi8H6vlslAO73n9E=
-github.com/sagernet/gvisor v0.0.0-20241123041152-536d05261cff h1:mlohw3360Wg1BNGook/UHnISXhUx4Gd/3tVLs5T0nSs=
+github.com/sagernet/gvisor v0.0.0-20250325023245-7a9c0f5725fb h1:pprQtDqNgqXkRsXn+0E8ikKOemzmum8bODjSfDene38=
-github.com/sagernet/gvisor v0.0.0-20241123041152-536d05261cff/go.mod h1:ehZwnT2UpmOWAHFL48XdBhnd4Qu4hN2O3Ji0us3ZHMw=
+github.com/sagernet/gvisor v0.0.0-20250325023245-7a9c0f5725fb/go.mod h1:QkkPEJLw59/tfxgapHta14UL5qMUah5NXhO0Kw2Kan4=
 github.com/sagernet/netlink v0.0.0-20240612041022-b9a21c07ac6a h1:ObwtHN2VpqE0ZNjr6sGeT00J8uU7JF4cNUdb44/Duis=
 github.com/sagernet/netlink v0.0.0-20240612041022-b9a21c07ac6a/go.mod h1:xLnfdiJbSp8rNqYEdIW/6eDO4mVoogml14Bh2hSiFpM=
 github.com/sagernet/nftables v0.3.0-beta.4 h1:kbULlAwAC3jvdGAC1P5Fa3GSxVwQJibNenDW2zaXr8I=
Author	SHA1	Message	Date
世界	85ba9c44fb	documentation: Bump version	2025-03-25 10:38:05 +08:00
世界	94c140fd55	Fail when default DNS server not found	2025-03-25 10:38:05 +08:00
世界	c3fe34611a	Update gVisor to 20250319.0	2025-03-25 10:38:05 +08:00