Bump tailscale.com from 1.20.4 to 1.28.0

[dependabot[bot]]

Bumps tailscale.com from 1.20.4 to 1.28.0.

Release notes

Sourced from tailscale.com's releases.

v1.28.0

All Platforms

• MagicDNS recursive resolution now returns SERVFAIL if all upstream resolvers fail
• fix tailscale ping -c N to properly exit after N ping requests even if there are timeouts
• portmapper: send discovery packet for IGD specifically, some routers don't respond to ssdp:all
• add ExitNodeStatus to tailscale status --json

Linux

• implement specific DNS support for AWS, Google Cloud, and Azure to add internal split DNS domain & fallback DNS

Windows

• set registry values to not send DNS changes concerning our interface to AD domain controllers
• update Windows split DNS settings to work alongside other NRPT entries set by group policy
• suppress nonfunctional link-local IPv6 addresses on Tailscale interface, Powershell ping (hostname) now works correctly
• set AllowSameVersionUpgrades attribute on MajorUpgrade tag in Windows MSI script

macOS

• Use one large 100.64.0.0/10 route entry if there are no other interfaces using CGNAT, to avoid Network Changed errors in browsers where possible

iOS

• the minimum iOS version is now iOS 15, which makes substantially more memory available (the App Store will offer Tailscale 1.26.2 for iOS 13 and 14 devices)
• add portmapper support for NAT-PMP, PCP, UPnP
• add MagicDNS support for TCP

Android

• Android can now be an exit node (previously available but hidden)

v1.26.2

All Platforms

• fix tailscaled being able to restart while mosh-server is running from an SSH session
• make tailscale up --operator="" clear a previously set operator

Linux

• fix Tailscale SSH support with Arch Linux

Windows

• make ssh command prefer Windows ssh.exe over PATH

macOS

• limit SSH login to 16 groups

iOS

• try harder to notify for SSH check mode

v1.26.1

Bugfixes.

v1.26.0

All Platforms

• Added tailscale ping --peerapi <peer> to check connectivity to a peer using the PeerAPI.

... (truncated)

Commits

• aabca3a VERSION.txt: this is v1.28.0
• 469c30c ipn/localapi: define a cert dir for Synology DSM6
• c6648db cmd/tailscale/cli: make cert use localClient
• 9fcda1f cmd/tailscale/cli/web: add QNAP NAS_SID authentication
• 0d52674 net/tstun: diagnose /dev/net/tun fd leak, give better failure message
• 931f18b derp: add missing docs on clientInfo.Version
• 4f1374e tka: implement consensus & state computation internals
• af412e8 ssh/tailssh: better handling of signals and exits
• 004f0ca cmd/gitops-pusher: format HuJSON, enabling exact ACL matches (#5061)
• 16c85d0 cmd/gitops-pusher: support GitHub Actions error syntax (#5060)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)