v0.19.1

Security & maintenance release

This is a patch release covering security advisories, the hickory-resolver 0.26 upgrade, CI quality improvements, and a community contribution. No user-facing API changes.

Security

• hickory-proto via hickory-resolver 0.26.1 — RUSTSEC-2026-0119 (O(n²) DNS name compression CPU exhaustion). RUSTSEC-2026-0118 (NSEC3 unbounded loop) also no longer applies; ttl does not validate DNSSEC.
• rustls-webpki 0.103.13 — cumulative fixes for RUSTSEC-2026-0049/0098/0099/0104.
• aws-lc-sys 0.39.0 — RUSTSEC-2026-0044/0045/0046/0047/0048 (CRL/AES-CCM/X.509/PKCS7).
• quinn-proto 0.11.14 — RUSTSEC-2026-0037 (Quinn endpoint DoS — not exploitable in ttl, which only acts as a TLS client).

Added

• Pre-commit hooks (.pre-commit-config.yaml) for cargo fmt / clippy / test. Setup documented in CONTRIBUTING.md (recommends prek).
• CI: cargo clippy --all-targets -- -D warnings now runs on macOS and FreeBSD in addition to Linux.
• README: NetBSD pkgsrc install instructions; replay controls listed in the keybindings table.

Changed

• hickory-resolver upgraded 0.25 → 0.26 (transparent API migration).
• toml upgraded 0.9 → 1.x (no code changes required).
• CI: softprops/action-gh-release upgraded v2 → v3 (Node.js 24 runtime).

Fixed

• DNS resolver fallback (#71): restored Google DNS fallback when the system resolver builder constructs but its build() step fails.
• macOS clippy warnings (#72): unused imports, is_dgram variable, and three needless_return lints in src/probe/socket.rs. Contributed by @SSakutaro.
• FreeBSD/NetBSD: dead-code warnings on DGRAM ICMP socket helpers cfg-gated.
• clippy 1.95: collapsible_match and unnecessary_sort_by.
• FreeBSD CI: install ca_root_nss before fetching crates to avoid SSL verification failures from the FreeBSD VM image.

Dependencies

• libc 0.2.182 → 0.2.186, tokio 1.49 → 1.50, socket2 0.6.2 → 0.6.3, clap 4.5 → 4.6, clap_complete 4.5 → 4.6, proptest 1.10 → 1.11, chrono 0.4.43 → 0.4.44

Full changelog: https://github.com/lance0/ttl/blob/v0.19.1/CHANGELOG.md

v0.19.0

Interactive Replay Controls

v0.19.0 adds full interactive controls to animated session replay (--replay file --animate):

Added

• Progress bar showing play state, timeline position, speed multiplier, and event count
• Seek controls: Left/Right ±0.5s, [/] ±5s, Home/End jump to start/end
• Speed controls: +/- adjust ±0.5x (0.5x–5.0x range)
• Help overlay (?) now shows replay-specific keybindings when in replay mode

Fixed

• Replay timing precision: f64 elapsed time calculations prevent drift on long replays
• Replay seek safety: Saturating arithmetic prevents overflow; Instant::checked_sub prevents underflow on corrupted files

v0.18.2

Fixed

• NetBSD UDP probes: Auto-detect source IP for UDP DGRAM sockets on NetBSD. Fixes "No route to host" (EHOSTUNREACH) when sending UDP probes without --source-ip (#47)
• NetBSD IPv4 PMTUD retry spam: PMTUD now terminates immediately on first DF flag failure instead of retrying every probe round. Prints a single warning when IP_DONTFRAG is unavailable (#47)

Full Changelog: v0.18.1...v0.18.2

v0.18.1

Full Changelog: v0.18.0...v0.18.1

Full Changelog: v0.18.0...v0.18.1

v0.18.0

ECMP Classification & Flow Attribution Hardening

This release fixes how ttl handles ECMP (Equal-Cost Multi-Path) load balancing, particularly per-packet ECMP common on Arista, Juniper, and Cisco switches. Previously, users would see "Paths: 1" in the main table despite 8+ responders visible in the hop detail view.

Added

• ECMP classification — Detects per-flow vs per-packet ECMP using primary concentration heuristics. Paths column now accurately reflects observed responder count for per-packet load balancing (#46)
• E indicator — New ECMP indicator in main table replaces misleading ! (route flap) when ECMP is the actual cause
• Effective flow capability — Runtime detection of protocol flow support. --flows > 1 with ICMP now warns and collapses to single-flow instead of silently doing nothing
• Receiver flow attribution hardening — Out-of-range source ports (NAT/CGNAT) no longer force-attributed to flow 0. Unknown-flow responses only match pending probes when unambiguous
• Hop detail view — Per-packet ECMP section shows responder count and path count; per-flow ECMP section unchanged
• Last RTT semantics documented — Last column tracks primary responder's most recent RTT
• Main table layout guard tests — Header/cell/width count parity verified across display mode x flow mode matrix
• IPv6 RAW payload fallback tests — Echo Reply and Time Exceeded parsing tests for IPv6

Changed

• Flap detection suppressed during ECMP — ! indicator no longer fires when per-packet ECMP is detected at a hop
• Probe engines use per-session config — Each target's engine sees the effective flow count, not the raw CLI value

Full Changelog: v0.17.0...v0.18.0

v0.17.0

Full Changelog: v0.16.1...v0.17.0

v0.16.1

What's Changed

Fix: Hang on exit (#41)

Three targeted fixes for the shutdown hang reported in #41:

• Bounded IPv6 echo drain loop — The poll_ipv6_echo_reply drain loop now caps at 256 packets per batch and checks the cancellation token, preventing starvation when the socket is continuously readable
• Ctrl+C force-exit handler — tokio::signal::ctrl_c() handler works outside crossterm raw mode; first press cancels gracefully, second press force-exits with code 130
• Shutdown tracing — Set TTL_SHUTDOWN_TRACE=1 to see timestamped shutdown progress logs on stderr, useful for diagnosing any remaining hang scenarios

Full Changelog: v0.16.0...v0.16.1

v0.16.0

Full Changelog: v0.15.3...v0.16.0

v0.15.3

Full Changelog: v0.15.2...v0.15.3

v0.15.2

Full Changelog: v0.15.1...v0.15.2