dex
OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
APACHE-2.0 License
Stars
9K
Committers
242
Ecosystems:
Kubernetes
Bot releases are visible (Hide)
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.39.1
Bug Fixes 🐛
-
Update max length of Kubernetes object to fit Kubernetes policy by @RomanenkoDenys in https://github.com/dexidp/dex/pull/3439 (fix regression for Kubernetes storage)
-
Do not escape password for LDAP connectors by @nabokihms in https://github.com/dexidp/dex/pull/3470 (changes introduced in v2.39.0 were reverted)
dex
- v2.39.0
Published by nabokihms 7 months ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.39.0
Know before release
The validation of username and password in the LDAP connector is much more strict now.
As of today, Dex uses the EscapeFilter function to check for special characters in credentials and prevent injections by denying such requests.
the special characters in the set
()*\and those out of the range 0 < c < 0x80, as defined in RFC4515
What's Changed
Enhancements 🚀
- Also set the username in authproxy connector by @ppacher in https://github.com/dexidp/dex/pull/3307
- Log failed login attempt by @i-amelia in https://github.com/dexidp/dex/pull/2454
- Update ent by @sagikazarmark in https://github.com/dexidp/dex/pull/3379
- Add sanitizer to LDAP account and password by @hsinhoyeh in https://github.com/dexidp/dex/pull/3372
- Add headers control to Dex web server by @nabokihms in https://github.com/dexidp/dex/pull/3339
- OIDC connector: Allow specifying empty prompt type by @nabokihms in https://github.com/dexidp/dex/pull/3373
- Set read-only permissions to the check job by @nabokihms in https://github.com/dexidp/dex/pull/3415
Bug Fixes 🐛
- Use the correct token type for userInfo requests while Token Exchange by @MrDeerly in https://github.com/dexidp/dex/pull/3336
- Do not evaluate skipApproval on the approval page by @MM53 in https://github.com/dexidp/dex/pull/3086
Dependency Updates ⬆️
- build(deps): bump anchore/sbom-action from 0.15.5 to 0.15.6 by @dependabot in https://github.com/dexidp/dex/pull/3314
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.19 to 1.14.22 by @dependabot in https://github.com/dexidp/dex/pull/3328
- build(deps): bump github/codeql-action from 3.23.1 to 3.24.0 by @dependabot in https://github.com/dexidp/dex/pull/3327
- build(deps): bump anchore/sbom-action from 0.15.6 to 0.15.8 by @dependabot in https://github.com/dexidp/dex/pull/3325
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.11 to 3.5.12 by @dependabot in https://github.com/dexidp/dex/pull/3323
- build(deps): bump google.golang.org/api from 0.157.0 to 0.161.0 by @dependabot in https://github.com/dexidp/dex/pull/3317
- build(deps): bump alpine from 3.19.0 to 3.19.1 by @dependabot in https://github.com/dexidp/dex/pull/3311
- build(deps): bump golang from
3bd4475to3354c3aby @dependabot in https://github.com/dexidp/dex/pull/3310 - build(deps): bump mheap/github-action-required-labels from 5.1.0 to 5.2.0 by @dependabot in https://github.com/dexidp/dex/pull/3308
- build(deps): bump sigstore/cosign-installer from 3.2.0 to 3.4.0 by @dependabot in https://github.com/dexidp/dex/pull/3324
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.11 to 3.5.12 by @dependabot in https://github.com/dexidp/dex/pull/3321
- build(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3340
- build(deps): bump tonistiigi/xx from 1.3.0 to 1.4.0 by @dependabot in https://github.com/dexidp/dex/pull/3333
- build(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 by @dependabot in https://github.com/dexidp/dex/pull/3341
- build(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3352
- build(deps): bump distroless/static from
9be3fcctoa43abc8by @dependabot in https://github.com/dexidp/dex/pull/3350 - build(deps): bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 by @dependabot in https://github.com/dexidp/dex/pull/3332
- build(deps): bump docker/metadata-action from 5.5.0 to 5.5.1 by @dependabot in https://github.com/dexidp/dex/pull/3330
- build(deps): bump mheap/github-action-required-labels from 5.2.0 to 5.3.0 by @dependabot in https://github.com/dexidp/dex/pull/3347
- build(deps): bump helm/kind-action from 1.8.0 to 1.9.0 by @dependabot in https://github.com/dexidp/dex/pull/3345
- build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @dependabot in https://github.com/dexidp/dex/pull/3360
- build(deps): bump google.golang.org/api from 0.161.0 to 0.165.0 by @dependabot in https://github.com/dexidp/dex/pull/3355
- build(deps): bump actions/dependency-review-action from 4.0.0 to 4.1.0 by @dependabot in https://github.com/dexidp/dex/pull/3359
- build(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 by @dependabot in https://github.com/dexidp/dex/pull/3377
- build(deps): bump google.golang.org/api from 0.165.0 to 0.167.0 by @dependabot in https://github.com/dexidp/dex/pull/3376
- build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in https://github.com/dexidp/dex/pull/3375
- build(deps): bump distroless/static from
a43abc8to072d78bby @dependabot in https://github.com/dexidp/dex/pull/3374 - build(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3368
- build(deps): bump actions/dependency-review-action from 4.1.0 to 4.1.3 by @dependabot in https://github.com/dexidp/dex/pull/3363
- build(deps): bump haya14busa/action-cond from 1.1.1 to 1.2.1 by @dependabot in https://github.com/dexidp/dex/pull/3346
- build(deps): bump golang from 1.21.6-alpine3.18 to 1.22.0-alpine3.18 by @dependabot in https://github.com/dexidp/dex/pull/3334
- build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 by @dependabot in https://github.com/dexidp/dex/pull/3367
- build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/3365
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 by @dependabot in https://github.com/dexidp/dex/pull/3405
- build(deps): bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0 by @dependabot in https://github.com/dexidp/dex/pull/3380
- build(deps): bump golang from 1.22.0-alpine3.18 to 1.22.1-alpine3.18 by @dependabot in https://github.com/dexidp/dex/pull/3398
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3406
- build(deps): bump google.golang.org/api from 0.167.0 to 0.169.0 by @dependabot in https://github.com/dexidp/dex/pull/3407
- Update jose by @nabokihms in https://github.com/dexidp/dex/pull/3409
- build(deps): bump distroless/static from
072d78bto9235ad9by @dependabot in https://github.com/dexidp/dex/pull/3381 - build(deps): bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in https://github.com/dexidp/dex/pull/3382
- build(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 by @dependabot in https://github.com/dexidp/dex/pull/3384
- build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in https://github.com/dexidp/dex/pull/3386
- build(deps): bump anchore/sbom-action from 0.15.8 to 0.15.9 by @dependabot in https://github.com/dexidp/dex/pull/3397
- build(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 by @dependabot in https://github.com/dexidp/dex/pull/3393
- build(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3394
- build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3401
- build(deps): bump github.com/go-sql-driver/mysql from 1.7.1 to 1.8.0 by @dependabot in https://github.com/dexidp/dex/pull/3414
- build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by @dependabot in https://github.com/dexidp/dex/pull/3413
- build(deps): bump distroless/static from
9235ad9to7e5c6a2by @dependabot in https://github.com/dexidp/dex/pull/3410 - build(deps): bump docker/build-push-action from 5.1.0 to 5.2.0 by @dependabot in https://github.com/dexidp/dex/pull/3411
- build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 by @dependabot in https://github.com/dexidp/dex/pull/3412
- build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot in https://github.com/dexidp/dex/pull/3389
- build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in https://github.com/dexidp/dex/pull/3417
- build(deps): bump github/codeql-action from 3.24.6 to 3.24.8 by @dependabot in https://github.com/dexidp/dex/pull/3422
- build(deps): bump google.golang.org/api from 0.169.0 to 0.171.0 by @dependabot in https://github.com/dexidp/dex/pull/3426
- build(deps): bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in https://github.com/dexidp/dex/pull/3418
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3424
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 by @dependabot in https://github.com/dexidp/dex/pull/3425
- build(deps): bump docker/build-push-action from 5.2.0 to 5.3.0 by @dependabot in https://github.com/dexidp/dex/pull/3420
- build(deps): bump golang from
010f3b3toede158fby @dependabot in https://github.com/dexidp/dex/pull/3421 - build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/3399
- build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/3400
New Contributors
- @ppacher made their first contribution in https://github.com/dexidp/dex/pull/3307
- @MrDeerly made their first contribution in https://github.com/dexidp/dex/pull/3336
- @i-amelia made their first contribution in https://github.com/dexidp/dex/pull/2454
- @hsinhoyeh made their first contribution in https://github.com/dexidp/dex/pull/3372
Full Changelog: https://github.com/dexidp/dex/compare/v2.38.0...v2.39.0
dex
- v2.38.0
Published by sagikazarmark 9 months ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.38.0
What's Changed
Exciting New Features 🎉
- RFC 8693 OAuth 2.0 Token Exchange by @seankhliao in https://github.com/dexidp/dex/pull/2806
Enhancements 🚀
- include granttypes in example config by @seankhliao in https://github.com/dexidp/dex/pull/3027
- Add GetClient grpc service by @marcofranssen in https://github.com/dexidp/dex/pull/2972
- feat: Update response_types_supported to allow multiple-valued response type combinations by @Cedric-Magnan in https://github.com/dexidp/dex/pull/2521
- verify access tokens by checking getuserinfo during a token exchange by @seankhliao in https://github.com/dexidp/dex/pull/3031
- Store offline sessions only if they were requested by the user by @MM53 in https://github.com/dexidp/dex/pull/3125
- Minimalistic support for group filtering in oidc connector by @mdpradeep in https://github.com/dexidp/dex/pull/3074
- feat(connector/microsoft): support custom api and graph URLs by @sagikazarmark in https://github.com/dexidp/dex/pull/3084
- Composite claims in OIDC connector by @Oded-B in https://github.com/dexidp/dex/pull/3056
- Add support for extra claims to authproxy connector by @mkjpryor in https://github.com/dexidp/dex/pull/2851
- Add support for linux/s390x by @lysliu in https://github.com/dexidp/dex/pull/3189
- Override OIDC provider discovered claims by @nabokihms in https://github.com/dexidp/dex/pull/3267
- Bump gomplate to v3.11.7 by @nabokihms in https://github.com/dexidp/dex/pull/3293
- Introduce a dedicated pkg for featureflags by @nabokihms in https://github.com/dexidp/dex/pull/3278
- Sign container images by @nabokihms in https://github.com/dexidp/dex/pull/3269
- Add context to storage's Create endpoints by @PumpkinSeed in https://github.com/dexidp/dex/pull/2935
- feat: add TLS versions configuration by @tuminoid in https://github.com/dexidp/dex/pull/3303
Bug Fixes 🐛
- Fix etcd device requests by @MM53 in https://github.com/dexidp/dex/pull/3119
- Fix lint errors after merging AllowedHeaders feature by @nabokihms in https://github.com/dexidp/dex/pull/3247
- Propagate Dex version from build args by @nabokihms in https://github.com/dexidp/dex/pull/3276
Dependency Updates ⬆️
- build(deps): bump golang.org/x/net from 0.11.0 to 0.12.0 by @dependabot in https://github.com/dexidp/dex/pull/3036
- build(deps): bump google.golang.org/api from 0.129.0 to 0.130.0 by @dependabot in https://github.com/dexidp/dex/pull/3034
- build(deps): bump golang.org/x/crypto from 0.10.0 to 0.11.0 by @dependabot in https://github.com/dexidp/dex/pull/3035
- build(deps): bump helm/kind-action from 1.7.0 to 1.8.0 by @dependabot in https://github.com/dexidp/dex/pull/3041
- build(deps): bump google.golang.org/api from 0.130.0 to 0.134.0 by @dependabot in https://github.com/dexidp/dex/pull/3054
- build(deps): bump docker/setup-buildx-action from 2.8.0 to 2.9.1 by @dependabot in https://github.com/dexidp/dex/pull/3043
- build(deps): bump github/codeql-action from 2.20.1 to 2.21.2 by @dependabot in https://github.com/dexidp/dex/pull/3057
- build(deps): bump google.golang.org/grpc from 1.56.1 to 1.57.0 by @dependabot in https://github.com/dexidp/dex/pull/3055
- build(deps): bump google.golang.org/protobuf from 1.30.0 to 1.31.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/3021
- build(deps): bump google.golang.org/grpc from 1.55.0 to 1.57.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/3053
- build(deps): bump golang.org/x/net from 0.12.0 to 0.13.0 by @dependabot in https://github.com/dexidp/dex/pull/3060
- build(deps): bump google.golang.org/api from 0.134.0 to 0.138.0 by @dependabot in https://github.com/dexidp/dex/pull/3079
- build(deps): bump actions/dependency-review-action from 3.0.6 to 3.0.8 by @dependabot in https://github.com/dexidp/dex/pull/3078
- build(deps): bump github/codeql-action from 2.21.2 to 2.21.4 by @dependabot in https://github.com/dexidp/dex/pull/3076
- build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in https://github.com/dexidp/dex/pull/3071
- build(deps): bump alpine from 3.18.2 to 3.18.3 by @dependabot in https://github.com/dexidp/dex/pull/3069
- build(deps): bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 by @dependabot in https://github.com/dexidp/dex/pull/3090
- build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in https://github.com/dexidp/dex/pull/3099
- build(deps): bump docker/setup-buildx-action from 2.9.1 to 3.0.0 by @dependabot in https://github.com/dexidp/dex/pull/3104
- build(deps): bump actions/checkout from 3.5.3 to 4.1.0 by @dependabot in https://github.com/dexidp/dex/pull/3117
- build(deps): bump alpine from 3.18.3 to 3.18.4 by @dependabot in https://github.com/dexidp/dex/pull/3130
- build(deps): bump github/codeql-action from 2.21.4 to 2.21.9 by @dependabot in https://github.com/dexidp/dex/pull/3127
- build(deps): bump google.golang.org/api from 0.138.0 to 0.143.0 by @dependabot in https://github.com/dexidp/dex/pull/3121
- build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 by @dependabot in https://github.com/dexidp/dex/pull/3116
- build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/3115
- build(deps): bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 by @dependabot in https://github.com/dexidp/dex/pull/3132
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.5 to 3.4.6 by @dependabot in https://github.com/dexidp/dex/pull/3133
- build(deps): bump docker/login-action from 2.2.0 to 3.0.0 by @dependabot in https://github.com/dexidp/dex/pull/3134
- build(deps): bump docker/build-push-action from 4.1.1 to 5.0.0 by @dependabot in https://github.com/dexidp/dex/pull/3135
- build(deps): bump docker/metadata-action from 4.6.0 to 5.0.0 by @dependabot in https://github.com/dexidp/dex/pull/3136
- build(deps): bump actions/dependency-review-action from 3.0.8 to 3.1.0 by @dependabot in https://github.com/dexidp/dex/pull/3137
- build(deps): bump docker/setup-qemu-action from 2.2.0 to 3.0.0 by @dependabot in https://github.com/dexidp/dex/pull/3138
- build(deps): bump google.golang.org/api from 0.143.0 to 0.147.0 by @dependabot in https://github.com/dexidp/dex/pull/3152
- build(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot in https://github.com/dexidp/dex/pull/3155
- build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in https://github.com/dexidp/dex/pull/3154
- build(deps): bump github/codeql-action from 2.21.9 to 2.22.3 by @dependabot in https://github.com/dexidp/dex/pull/3153
- build(deps): bump tonistiigi/xx from 1.2.1 to 1.3.0 by @dependabot in https://github.com/dexidp/dex/pull/3161
- build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in https://github.com/dexidp/dex/pull/3159
- build(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @dependabot in https://github.com/dexidp/dex/pull/3157
- build(deps): bump golang.org/x/net from 0.7.0 to 0.17.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3151
- build(deps): bump google.golang.org/api from 0.147.0 to 0.148.0 by @dependabot in https://github.com/dexidp/dex/pull/3163
- build(deps): bump golang.org/x/net from 0.12.0 to 0.17.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/3150
- Bump Go 1.21 by @nabokihms in https://github.com/dexidp/dex/pull/3165
- build(deps): bump google.golang.org/grpc from 1.58.2 to 1.59.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/3158
- Bump ent (v0.12.4) and example app dependencies by @nabokihms in https://github.com/dexidp/dex/pull/3166
- build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0 by @dependabot in https://github.com/dexidp/dex/pull/3167
- build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in https://github.com/dexidp/dex/pull/3168
- build(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 by @dependabot in https://github.com/dexidp/dex/pull/3169
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.9 to 3.5.11 by @dependabot in https://github.com/dexidp/dex/pull/3216
- build(deps): bump golang from 1.21.3-alpine3.18 to 1.21.5-alpine3.18 by @dependabot in https://github.com/dexidp/dex/pull/3213
- build(deps): bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 by @dependabot in https://github.com/dexidp/dex/pull/3181
- build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in https://github.com/dexidp/dex/pull/3182
- build(deps): bump docker/build-push-action from 5.0.0 to 5.1.0 by @dependabot in https://github.com/dexidp/dex/pull/3198
- build(deps): bump anchore/sbom-action from 0.14.3 to 0.15.1 by @dependabot in https://github.com/dexidp/dex/pull/3210
- build(deps): bump aquasecurity/trivy-action from 0.12.0 to 0.16.0 by @dependabot in https://github.com/dexidp/dex/pull/3219
- build(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.4 by @dependabot in https://github.com/dexidp/dex/pull/3206
- Bump golangci-lint 1.55.2 by @nabokihms in https://github.com/dexidp/dex/pull/3232
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.17 to 1.14.19 by @dependabot in https://github.com/dexidp/dex/pull/3226
- build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 by @dependabot in https://github.com/dexidp/dex/pull/3228
- build(deps): bump alpine from 3.18.4 to 3.19.0 by @dependabot in https://github.com/dexidp/dex/pull/3214
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @dependabot in https://github.com/dexidp/dex/pull/3201
- build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3229
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3202
- build(deps): bump github/codeql-action from 2.22.4 to 3.22.12 by @dependabot in https://github.com/dexidp/dex/pull/3231
- build(deps): bump google.golang.org/api from 0.148.0 to 0.154.0 by @dependabot in https://github.com/dexidp/dex/pull/3223
- Patch gomplate to v3.11.6 by @gburton1 in https://github.com/dexidp/dex/pull/3234
- build(deps): bump docker/metadata-action from 5.0.0 to 5.4.0 by @dependabot in https://github.com/dexidp/dex/pull/3235
- build(deps): bump google.golang.org/grpc from 1.59.0 to 1.60.1 by @dependabot in https://github.com/dexidp/dex/pull/3241
- build(deps): bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in https://github.com/dexidp/dex/pull/3236
- build(deps): bump github.com/gorilla/mux from 1.8.0 to 1.8.1 by @dependabot in https://github.com/dexidp/dex/pull/3239
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.7.0 to 3.9.0 by @dependabot in https://github.com/dexidp/dex/pull/3238
- build(deps): bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 by @dependabot in https://github.com/dexidp/dex/pull/3246
- Bump dependencies ent v0.12.5, protobuf v1.32.0 by @nabokihms in https://github.com/dexidp/dex/pull/3249
- build(deps): bump actions/dependency-review-action from 3.1.4 to 3.1.5 by @dependabot in https://github.com/dexidp/dex/pull/3256
- build(deps): bump google.golang.org/api from 0.154.0 to 0.155.0 by @dependabot in https://github.com/dexidp/dex/pull/3257
- build(deps): bump anchore/sbom-action from 0.15.1 to 0.15.3 by @dependabot in https://github.com/dexidp/dex/pull/3265
- build(deps): bump github.com/beevik/etree from 1.2.0 to 1.3.0 by @dependabot in https://github.com/dexidp/dex/pull/3252
- build(deps): bump aquasecurity/trivy-action from 0.16.0 to 0.16.1 by @dependabot in https://github.com/dexidp/dex/pull/3253
- build(deps): bump golang.org/x/crypto from 0.17.0 to 0.18.0 by @dependabot in https://github.com/dexidp/dex/pull/3262
- build(deps): bump docker/metadata-action from 5.4.0 to 5.5.0 by @dependabot in https://github.com/dexidp/dex/pull/3259
- build(deps): bump github/codeql-action from 3.22.12 to 3.23.0 by @dependabot in https://github.com/dexidp/dex/pull/3264
- build(deps): bump golang.org/x/oauth2 from 0.15.0 to 0.16.0 by @dependabot in https://github.com/dexidp/dex/pull/3263
- build(deps): bump golang from 1.21.5-alpine3.18 to 1.21.6-alpine3.18 by @dependabot in https://github.com/dexidp/dex/pull/3266
- build(deps): bump google.golang.org/api from 0.155.0 to 0.156.0 by @dependabot in https://github.com/dexidp/dex/pull/3270
- build(deps): bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in https://github.com/dexidp/dex/pull/3282
- build(deps): bump google.golang.org/api from 0.156.0 to 0.157.0 by @dependabot in https://github.com/dexidp/dex/pull/3285
- build(deps): bump anchore/sbom-action from 0.15.3 to 0.15.4 by @dependabot in https://github.com/dexidp/dex/pull/3286
- build(deps): bump actions/dependency-review-action from 3.1.5 to 4.0.0 by @dependabot in https://github.com/dexidp/dex/pull/3287
- build(deps): bump anchore/sbom-action from 0.15.4 to 0.15.5 by @dependabot in https://github.com/dexidp/dex/pull/3291
- build(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0 by @dependabot in https://github.com/dexidp/dex/pull/3296
- build(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/3294
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.7.0 to 3.9.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3298
- build(deps): bump google.golang.org/grpc from 1.59.0 to 1.61.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3300
- build(deps): bump golang from
869193eto3bd4475by @dependabot in https://github.com/dexidp/dex/pull/3301 - build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3299
- build(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.16.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/3297
Other Changes
- feat: Add configurable CORS Headers by @josiah-lunit in https://github.com/dexidp/dex/pull/3114
New Contributors
- @Cedric-Magnan made their first contribution in https://github.com/dexidp/dex/pull/2521
- @uucloud made their first contribution in https://github.com/dexidp/dex/pull/3087
- @MM53 made their first contribution in https://github.com/dexidp/dex/pull/3125
- @mdpradeep made their first contribution in https://github.com/dexidp/dex/pull/3074
- @Oded-B made their first contribution in https://github.com/dexidp/dex/pull/3056
- @gburton1 made their first contribution in https://github.com/dexidp/dex/pull/3234
- @josiah-lunit made their first contribution in https://github.com/dexidp/dex/pull/3114
- @mkjpryor made their first contribution in https://github.com/dexidp/dex/pull/2851
- @lysliu made their first contribution in https://github.com/dexidp/dex/pull/3189
- @PumpkinSeed made their first contribution in https://github.com/dexidp/dex/pull/2935
- @tuminoid made their first contribution in https://github.com/dexidp/dex/pull/3303
Full Changelog: https://github.com/dexidp/dex/compare/v2.37.0...v2.38.0
dex
- v2.37.0
Published by nabokihms over 1 year ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.37.0
What's Changed
Exciting New Features 🎉
- TLS cert reloader by @seankhliao in https://github.com/dexidp/dex/pull/2964
Enhancements 🚀
- Add xx to cross-compile binaries in Docker by @sagikazarmark in https://github.com/dexidp/dex/pull/2898
- Spelling by @jsoref in https://github.com/dexidp/dex/pull/2919
- LDAP case-insensitive DN attribute by @nabokihms in https://github.com/dexidp/dex/pull/2829
- Utilize native git diff --exit-code by @marcofranssen in https://github.com/dexidp/dex/pull/2981
- Google: Add Support for Multiple Admin Emails to Retrieve Group Lists by @vsychov in https://github.com/dexidp/dex/pull/2911
Bug Fixes 🐛
- Do not skip approval screen by default by @nabokihms in https://github.com/dexidp/dex/pull/2897
- Fail if OIDC config contains hosted domains by @nabokihms in https://github.com/dexidp/dex/pull/2937
Dependency Updates ⬆️
- build(deps): bump alpine from 3.17.2 to 3.17.3 by @dependabot in https://github.com/dexidp/dex/pull/2879
- build(deps): bump mheap/github-action-required-labels from 3 to 4 by @dependabot in https://github.com/dexidp/dex/pull/2881
- build(deps): bump google.golang.org/grpc from 1.53.0 to 1.54.0 by @dependabot in https://github.com/dexidp/dex/pull/2873
- build(deps): bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 by @dependabot in https://github.com/dexidp/dex/pull/2892
- build(deps): bump golang from 1.20.2-alpine3.16 to 1.20.3-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2884
- build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0 by @dependabot in https://github.com/dexidp/dex/pull/2885
- build(deps): bump aquasecurity/trivy-action from 0.9.2 to 0.10.0 by @dependabot in https://github.com/dexidp/dex/pull/2905
- build(deps): bump github.com/prometheus/client_golang from 1.14.0 to 1.15.0 by @dependabot in https://github.com/dexidp/dex/pull/2900
- build(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 by @dependabot in https://github.com/dexidp/dex/pull/2891
- build(deps): bump github.com/russellhaering/goxmldsig from 1.3.0 to 1.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2920
- build(deps): bump golang from 1.20.3-alpine3.16 to 1.20.4-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2924
- build(deps): bump github.com/lib/pq from 1.10.7 to 1.10.9 by @dependabot in https://github.com/dexidp/dex/pull/2922
- build(deps): bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 by @dependabot in https://github.com/dexidp/dex/pull/2929
- build(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 by @dependabot in https://github.com/dexidp/dex/pull/2932
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.7 to 3.5.8 by @dependabot in https://github.com/dexidp/dex/pull/2899
- build(deps): bump github.com/beevik/etree from 1.1.0 to 1.1.4 by @dependabot in https://github.com/dexidp/dex/pull/2939
- build(deps): bump github.com/go-sql-driver/mysql from 1.7.0 to 1.7.1 by @dependabot in https://github.com/dexidp/dex/pull/2938
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.8 to 3.5.9 by @dependabot in https://github.com/dexidp/dex/pull/2946
- build(deps): bump github/codeql-action from 2.3.1 to 2.3.3 by @dependabot in https://github.com/dexidp/dex/pull/2943
- build(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2 by @dependabot in https://github.com/dexidp/dex/pull/2942
- build(deps): bump alpine from 3.17.3 to 3.18.0 by @dependabot in https://github.com/dexidp/dex/pull/2930
- build(deps): bump google.golang.org/grpc from 1.53.0 to 1.55.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2927
- build(deps): bump google.golang.org/api from 0.114.0 to 0.122.0 by @dependabot in https://github.com/dexidp/dex/pull/2931
- build(deps): bump entgo.io/ent from 0.11.10 to 0.12.3 by @dependabot in https://github.com/dexidp/dex/pull/2923
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.7 to 3.5.9 by @dependabot in https://github.com/dexidp/dex/pull/2944
- build(deps): bump github.com/prometheus/client_golang from 1.15.0 to 1.15.1 by @dependabot in https://github.com/dexidp/dex/pull/2945
- build(deps): bump helm/kind-action from 1.5.0 to 1.7.0 by @dependabot in https://github.com/dexidp/dex/pull/2956
- build(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 by @dependabot in https://github.com/dexidp/dex/pull/2957
- build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 by @dependabot in https://github.com/dexidp/dex/pull/2949
- build(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 by @dependabot in https://github.com/dexidp/dex/pull/2948
- build(deps): bump google.golang.org/api from 0.122.0 to 0.123.0 by @dependabot in https://github.com/dexidp/dex/pull/2959
- build(deps): bump github.com/beevik/etree from 1.1.4 to 1.2.0 by @dependabot in https://github.com/dexidp/dex/pull/2947
- build(deps): bump github/codeql-action from 2.3.3 to 2.3.5 by @dependabot in https://github.com/dexidp/dex/pull/2970
- build(deps): bump google.golang.org/api from 0.123.0 to 0.124.0 by @dependabot in https://github.com/dexidp/dex/pull/2968
- build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @dependabot in https://github.com/dexidp/dex/pull/2958
- build(deps): bump aquasecurity/trivy-action from 0.10.0 to 0.11.0 by @dependabot in https://github.com/dexidp/dex/pull/2984
- build(deps): bump github/codeql-action from 2.3.5 to 2.3.6 by @dependabot in https://github.com/dexidp/dex/pull/2982
- build(deps): bump actions/dependency-review-action from 3.0.4 to 3.0.6 by @dependabot in https://github.com/dexidp/dex/pull/2978
- build(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 by @dependabot in https://github.com/dexidp/dex/pull/2983
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.16 to 1.14.17 by @dependabot in https://github.com/dexidp/dex/pull/2979
- build(deps): bump google.golang.org/api from 0.124.0 to 0.125.0 by @dependabot in https://github.com/dexidp/dex/pull/2976
- build(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @dependabot in https://github.com/dexidp/dex/pull/2977
- build(deps): bump docker/login-action from 2.1.0 to 2.2.0 by @dependabot in https://github.com/dexidp/dex/pull/2987
- build(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0 by @dependabot in https://github.com/dexidp/dex/pull/2985
- build(deps): bump docker/metadata-action from 4.4.0 to 4.5.0 by @dependabot in https://github.com/dexidp/dex/pull/2986
- build(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 by @dependabot in https://github.com/dexidp/dex/pull/2988
- build(deps): bump mheap/github-action-required-labels from 4 to 5 by @dependabot in https://github.com/dexidp/dex/pull/2990
- build(deps): bump aquasecurity/trivy-action from 0.11.0 to 0.11.2 by @dependabot in https://github.com/dexidp/dex/pull/2995
- build(deps): bump github/codeql-action from 2.3.6 to 2.20.0 by @dependabot in https://github.com/dexidp/dex/pull/3002
- build(deps): bump google.golang.org/api from 0.125.0 to 0.127.0 by @dependabot in https://github.com/dexidp/dex/pull/2999
- build(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0 by @dependabot in https://github.com/dexidp/dex/pull/3001
- build(deps): bump docker/build-push-action from 4.0.0 to 4.1.1 by @dependabot in https://github.com/dexidp/dex/pull/3003
- build(deps): bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in https://github.com/dexidp/dex/pull/2993
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.5 by @dependabot in https://github.com/dexidp/dex/pull/2997
- build(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 by @dependabot in https://github.com/dexidp/dex/pull/3004
- build(deps): bump alpine from 3.18.0 to 3.18.2 by @dependabot in https://github.com/dexidp/dex/pull/3008
- build(deps): bump docker/metadata-action from 4.5.0 to 4.6.0 by @dependabot in https://github.com/dexidp/dex/pull/3007
- build(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 by @dependabot in https://github.com/dexidp/dex/pull/3005
- build(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 by @dependabot in https://github.com/dexidp/dex/pull/3009
- build(deps): bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 by @dependabot in https://github.com/dexidp/dex/pull/3010
- build(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 by @dependabot in https://github.com/dexidp/dex/pull/3016
- build(deps): bump github/codeql-action from 2.20.0 to 2.20.1 by @dependabot in https://github.com/dexidp/dex/pull/3015
- build(deps): bump anchore/sbom-action from 0.14.2 to 0.14.3 by @dependabot in https://github.com/dexidp/dex/pull/3014
- build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in https://github.com/dexidp/dex/pull/3019
- build(deps): bump google.golang.org/api from 0.127.0 to 0.129.0 by @dependabot in https://github.com/dexidp/dex/pull/3022
- build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 by @dependabot in https://github.com/dexidp/dex/pull/3023
New Contributors
- @marcofranssen made their first contribution in https://github.com/dexidp/dex/pull/2981
- @vsychov made their first contribution in https://github.com/dexidp/dex/pull/2911
Full Changelog: https://github.com/dexidp/dex/compare/v2.36.0...v2.37.0
dex
- v2.36.0
Published by sagikazarmark over 1 year ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.36.0
What's Changed
Enhancements 🚀
- TLS configure for OIDC connector by @xtremerui in https://github.com/dexidp/dex/pull/1632
- Add icon for gitea by @pinpox in https://github.com/dexidp/dex/pull/2733
- fix: Do not use connector data from the refresh token field by @nabokihms in https://github.com/dexidp/dex/pull/2729
- Add preferredEmailDomain config option for GitHub connector by @nobuyo in https://github.com/dexidp/dex/pull/2740
- Move unique functionality into getGroups to reduce calls to google by @snuggie12 in https://github.com/dexidp/dex/pull/2628
- fix: prevent server-side request forgery using Kubernetes storage by @nabokihms in https://github.com/dexidp/dex/pull/2479
- fix: return 401 if password is invalid by @nabokihms in https://github.com/dexidp/dex/pull/2796
- feat: Add default robots.txt by @nabokihms in https://github.com/dexidp/dex/pull/2834
- Skip redirection to approval when it is not required (#2686) by @nobuyo in https://github.com/dexidp/dex/pull/2805
- feat: Bump dependencies and Makefile refactoring by @nabokihms in https://github.com/dexidp/dex/pull/2844
Bug Fixes 🐛
- Make admin email optional when no service account path is configured by @sagikazarmark in https://github.com/dexidp/dex/pull/2695
- Only initialize google admin service if necessary by @sagikazarmark in https://github.com/dexidp/dex/pull/2700
Dependency Updates ⬆️
- build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2697
- fix: Update gomplate version to 3.11.3 fix CVE-2022-27665 by @nabokihms in https://github.com/dexidp/dex/pull/2705
- build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by @dependabot in https://github.com/dexidp/dex/pull/2708
- build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 by @dependabot in https://github.com/dexidp/dex/pull/2715
- build(deps): bump google.golang.org/api from 0.98.0 to 0.101.0 by @dependabot in https://github.com/dexidp/dex/pull/2720
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.15 to 1.14.16 by @dependabot in https://github.com/dexidp/dex/pull/2721
- build(deps): bump aquasecurity/trivy-action from 0.7.1 to 0.8.0 by @dependabot in https://github.com/dexidp/dex/pull/2723
- build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 by @dependabot in https://github.com/dexidp/dex/pull/2718
- build(deps): bump golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2724
- build(deps): bump alpine from 3.16.2 to 3.17.0 by @dependabot in https://github.com/dexidp/dex/pull/2746
- build(deps): bump github.com/prometheus/client_golang from 1.13.0 to 1.14.0 by @dependabot in https://github.com/dexidp/dex/pull/2735
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.5 to 3.5.6 by @dependabot in https://github.com/dexidp/dex/pull/2744
- build(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 by @dependabot in https://github.com/dexidp/dex/pull/2751
- build(deps): bump golang from 1.19.3-alpine3.16 to 1.19.4-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2750
- build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2755
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.5 to 3.5.6 by @dependabot in https://github.com/dexidp/dex/pull/2743
- build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 by @dependabot in https://github.com/dexidp/dex/pull/2754
- build(deps): bump helm/kind-action from 1.4.0 to 1.5.0 by @dependabot in https://github.com/dexidp/dex/pull/2758
- build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0 by @dependabot in https://github.com/dexidp/dex/pull/2741
- build(deps): bump google.golang.org/api from 0.101.0 to 0.104.0 by @dependabot in https://github.com/dexidp/dex/pull/2753
- build(deps): bump google.golang.org/grpc from 1.49.0 to 1.51.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2742
- build(deps): bump golang.org/x/net from 0.3.0 to 0.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2761
- build(deps): bump entgo.io/ent from 0.11.3 to 0.11.4 by @dependabot in https://github.com/dexidp/dex/pull/2725
- build(deps): bump google.golang.org/api from 0.104.0 to 0.105.0 by @dependabot in https://github.com/dexidp/dex/pull/2760
- build(deps): bump golang.org/x/net from 0.4.0 to 0.5.0 by @dependabot in https://github.com/dexidp/dex/pull/2774
- build(deps): bump google.golang.org/api from 0.105.0 to 0.106.0 by @dependabot in https://github.com/dexidp/dex/pull/2772
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.4.0 to 3.5.0 by @dependabot in https://github.com/dexidp/dex/pull/2770
- build(deps): bump golang.org/x/crypto from 0.4.0 to 0.5.0 by @dependabot in https://github.com/dexidp/dex/pull/2773
- build(deps): bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2777
- build(deps): bump entgo.io/ent from 0.11.4 to 0.11.5 by @dependabot in https://github.com/dexidp/dex/pull/2779
- build(deps): bump alpine from 3.17.0 to 3.17.1 by @dependabot in https://github.com/dexidp/dex/pull/2780
- build(deps): bump mheap/github-action-required-labels from 2 to 3 by @dependabot in https://github.com/dexidp/dex/pull/2769
- build(deps): bump google.golang.org/api from 0.106.0 to 0.107.0 by @dependabot in https://github.com/dexidp/dex/pull/2788
- build(deps): bump golang from 1.19.4-alpine3.16 to 1.19.5-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2782
- build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 by @dependabot in https://github.com/dexidp/dex/pull/2783
- build(deps): bump google.golang.org/api from 0.107.0 to 0.108.0 by @dependabot in https://github.com/dexidp/dex/pull/2793
- build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2784
- chore: Upgrade golangci-lint to v1.50.1 from v1.46.0 by @dlipovetsky in https://github.com/dexidp/dex/pull/2790
- ci: Use go 1.19 by @dlipovetsky in https://github.com/dexidp/dex/pull/2791
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.6 to 3.5.7 by @dependabot in https://github.com/dexidp/dex/pull/2798
- build(deps): bump docker/build-push-action from 3 to 4 by @dependabot in https://github.com/dexidp/dex/pull/2807
- build(deps): bump golang from 1.19.5-alpine3.16 to 1.20.0-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2811
- build(deps): bump aquasecurity/trivy-action from 0.8.0 to 0.9.0 by @dependabot in https://github.com/dexidp/dex/pull/2810
- build(deps): bump alpine from 3.17.1 to 3.17.2 by @dependabot in https://github.com/dexidp/dex/pull/2821
- build(deps): bump aquasecurity/trivy-action from 0.9.0 to 0.9.1 by @dependabot in https://github.com/dexidp/dex/pull/2822
- build(deps): bump entgo.io/ent from 0.11.5 to 0.11.8 by @dependabot in https://github.com/dexidp/dex/pull/2823
- build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 by @dependabot in https://github.com/dexidp/dex/pull/2818
- build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 by @dependabot in https://github.com/dexidp/dex/pull/2828
- build(deps): bump golang.org/x/net from 0.4.0 to 0.7.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2832
- build(deps): bump golang.org/x/sys from 0.0.0-20220114195835-da31bd327af9 to 0.1.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/2837
- build(deps): bump golang.org/x/net from 0.0.0-20220114011407-0dd24b26b47d to 0.7.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/2846
- build(deps): bump golang from 1.20.0-alpine3.16 to 1.20.1-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2827
- build(deps): bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 by @dependabot in https://github.com/dexidp/dex/pull/2850
- build(deps): bump golang from 1.20.1-alpine3.16 to 1.20.2-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2849
- feat: Bump gomplate 3.11.4 by @nabokihms in https://github.com/dexidp/dex/pull/2840
- build(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in https://github.com/dexidp/dex/pull/2856
- build(deps): bump golang.org/x/oauth2 from 0.4.0 to 0.6.0 by @dependabot in https://github.com/dexidp/dex/pull/2847
- build(deps): bump google.golang.org/api from 0.108.0 to 0.112.0 by @dependabot in https://github.com/dexidp/dex/pull/2853
- build(deps): bump google.golang.org/api from 0.112.0 to 0.114.0 by @dependabot in https://github.com/dexidp/dex/pull/2869
- build(deps): bump actions/setup-go from 3 to 4 by @dependabot in https://github.com/dexidp/dex/pull/2863
- build(deps): bump github.com/russellhaering/goxmldsig from 1.2.0 to 1.3.0 by @dependabot in https://github.com/dexidp/dex/pull/2862
- build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 by @dependabot in https://github.com/dexidp/dex/pull/2866
- build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2867
- build(deps): bump golang.org/x/crypto from 0.0.0-20220112180741-5e0467b6c7ce to 0.1.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/2845
- build(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2816
- chore: upgrade tools by @sagikazarmark in https://github.com/dexidp/dex/pull/2870
Other Changes
- Bump image in examples/k8s/dex.yaml to v2.32.0 by @stealthybox in https://github.com/dexidp/dex/pull/2569
New Contributors
- @pinpox made their first contribution in https://github.com/dexidp/dex/pull/2733
- @nobuyo made their first contribution in https://github.com/dexidp/dex/pull/2740
- @dlipovetsky made their first contribution in https://github.com/dexidp/dex/pull/2790
- @seankhliao made their first contribution in https://github.com/dexidp/dex/pull/2812
- @stealthybox made their first contribution in https://github.com/dexidp/dex/pull/2569
Full Changelog: https://github.com/dexidp/dex/compare/v2.35.3...v2.36.0
dex
- v2.35.3
Published by sagikazarmark about 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.3
What's Changed
Dependency Updates ⬆️
- Backport #2705 to v2.35.x by @nabokihms in https://github.com/dexidp/dex/pull/2706
Full Changelog: https://github.com/dexidp/dex/compare/v2.35.2...v2.35.3
dex
- v2.35.2
Published by sagikazarmark about 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.2
What's Changed
Bug Fixes 🐛
- Backport #2700 to v2.35.x by @sagikazarmark in https://github.com/dexidp/dex/pull/2702
Dependency Updates ⬆️
- Backport Go update to v2.35.x by @sagikazarmark in https://github.com/dexidp/dex/pull/2698
Full Changelog: https://github.com/dexidp/dex/compare/v2.35.1...v2.35.2
dex
- v2.35.1
Published by sagikazarmark about 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.1
What's Changed
Bug Fixes 🐛
- Backport #2694 to v2.35.x by @sagikazarmark in https://github.com/dexidp/dex/pull/2696
Full Changelog: https://github.com/dexidp/dex/compare/v2.35.0...v2.35.1
dex
- v2.35.0
Published by sagikazarmark about 2 years ago
⚠️ This release fixes a major vulnerability in Dex. We advise everyone to upgrade as soon as possible! ⚠️
If you use the Google connector, please upgrade to 2.35.1 instead.
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.0
What's Changed
Enhancements 🚀
- Reduce HTTP client creations in the Keystone connector by @erwinvaneyk in https://github.com/dexidp/dex/pull/2659
Bug Fixes 🐛
- fix for issue 2670; check for no serviceAccountFilePath and no email by @bobcallaway in https://github.com/dexidp/dex/pull/2679
- supply HMACKey in test case by @bobcallaway in https://github.com/dexidp/dex/pull/2683
- fix: refresh token only once for all concurrent requests by @nabokihms in https://github.com/dexidp/dex/pull/2692
Dependency Updates ⬆️
- build(deps): bump google.golang.org/api from 0.95.0 to 0.97.0 by @dependabot in https://github.com/dexidp/dex/pull/2677
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.4 to 3.5.5 by @dependabot in https://github.com/dexidp/dex/pull/2666
- build(deps): bump google.golang.org/api from 0.97.0 to 0.98.0 by @dependabot in https://github.com/dexidp/dex/pull/2682
- build(deps): bump helm/kind-action from 1.3.0 to 1.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2681
- build(deps): bump entgo.io/ent from 0.11.2 to 0.11.3 by @dependabot in https://github.com/dexidp/dex/pull/2684
- Update golang.org/x packages by @sagikazarmark in https://github.com/dexidp/dex/pull/2688
New Contributors
- @jannfis made their first contribution in https://github.com/dexidp/dex/pull/2691
Full Changelog: https://github.com/dexidp/dex/compare/v2.34.0...v2.35.0
dex
- v2.34.0
Published by nabokihms about 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.34.0
What's Changed
Exciting New Features 🎉
- updated gomplate version and added ppc64le support by @mayurwaghmode in https://github.com/dexidp/dex/pull/2620
Enhancements 🚀
- fix: Fallback when group claim is a string instead of an array of strings by @JoooostB in https://github.com/dexidp/dex/pull/2639
- feat(connector/authproxy): support multiple groups by @mclavel in https://github.com/dexidp/dex/pull/2643
- Implement Application Default Credentials for the google connector by @ichbinfrog in https://github.com/dexidp/dex/pull/2530
- build: bump Go version to 1.19 in Nix by @sagikazarmark in https://github.com/dexidp/dex/pull/2648
Dependency Updates ⬆️
- build(deps): bump alpine from 3.16.1 to 3.16.2 by @dependabot in https://github.com/dexidp/dex/pull/2624
- build(deps): bump github.com/prometheus/client_golang from 1.12.2 to 1.13.0 by @dependabot in https://github.com/dexidp/dex/pull/2623
- build(deps): bump aquasecurity/trivy-action from 0.6.1 to 0.7.0 by @dependabot in https://github.com/dexidp/dex/pull/2632
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.11 to 1.14.15 by @dependabot in https://github.com/dexidp/dex/pull/2634
- build(deps): bump aquasecurity/trivy-action from 0.7.0 to 0.7.1 by @dependabot in https://github.com/dexidp/dex/pull/2635
- build(deps): bump google.golang.org/api from 0.89.0 to 0.93.0 by @dependabot in https://github.com/dexidp/dex/pull/2633
- build(deps): bump google.golang.org/api from 0.93.0 to 0.94.0 by @dependabot in https://github.com/dexidp/dex/pull/2637
- chore: Bump ent to 0.11.2 by @nabokihms in https://github.com/dexidp/dex/pull/2640
- chore: Bump Go to 1.19 by @nabokihms in https://github.com/dexidp/dex/pull/2641
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.2.0 to 3.3.0 by @dependabot in https://github.com/dexidp/dex/pull/2646
- build(deps): bump google.golang.org/grpc from 1.47.0 to 1.49.0 by @dependabot in https://github.com/dexidp/dex/pull/2636
- build(deps): bump google.golang.org/protobuf from 1.28.0 to 1.28.1 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2611
- build(deps): bump golang from 1.19.0-alpine3.15 to 1.19.1-alpine3.15 by @dependabot in https://github.com/dexidp/dex/pull/2650
- chore: update alpine version in Go image by @sagikazarmark in https://github.com/dexidp/dex/pull/2656
- build(deps): bump github.com/lib/pq from 1.10.5 to 1.10.7 by @dependabot in https://github.com/dexidp/dex/pull/2651
- build(deps): bump google.golang.org/api from 0.94.0 to 0.95.0 by @dependabot in https://github.com/dexidp/dex/pull/2652
- build(deps): bump google.golang.org/grpc from 1.47.0 to 1.49.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2638
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.3.0 to 3.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2658
New Contributors
- @mayurwaghmode made their first contribution in https://github.com/dexidp/dex/pull/2620
- @JoooostB made their first contribution in https://github.com/dexidp/dex/pull/2639
- @mclavel made their first contribution in https://github.com/dexidp/dex/pull/2643
- @ichbinfrog made their first contribution in https://github.com/dexidp/dex/pull/2530
Full Changelog: https://github.com/dexidp/dex/compare/v2.33.0...v2.34.0
dex
- v2.33.1
Published by sagikazarmark about 2 years ago
What's Changed
Enhancements 🚀
- chore: upgrade alpine to 3.16.2 by @sagikazarmark in https://github.com/dexidp/dex/pull/2655
Full Changelog: https://github.com/dexidp/dex/compare/v2.33.0...v2.33.1
dex
- v2.33.0
Published by nabokihms about 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.33.0
What's Changed
Exciting New Features 🎉
- add PKCE support to device code flow by @bobcallaway in https://github.com/dexidp/dex/pull/2575
Enhancements 🚀
- Limit the amount of objects we attempt to GC on each cycle by @kellyma2 in https://github.com/dexidp/dex/pull/2524
- Use GitLab's refresh_token during Refresh. by @dhaus67 in https://github.com/dexidp/dex/pull/2352
- Add domainHint parameter to Microsoft Connector by @josephtknight in https://github.com/dexidp/dex/pull/2586
- add config to explicitly set scopes for microsoft connector by @bobcallaway in https://github.com/dexidp/dex/pull/2582
Bug Fixes 🐛
- fix: prevent cross-site scripting for the device flow by @nabokihms in https://github.com/dexidp/dex/pull/2468
- grpc-client: Do not crash on empty response by @bbusse in https://github.com/dexidp/dex/pull/2584
Dependency Updates ⬆️
- build(deps): bump helm/kind-action from 1.2.0 to 1.3.0 by @dependabot in https://github.com/dexidp/dex/pull/2555
- build(deps): bump aquasecurity/trivy-action from 0.3.0 to 0.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2557
- build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.8.0 by @dependabot in https://github.com/dexidp/dex/pull/2577
- build(deps): bump aquasecurity/trivy-action from 0.4.0 to 0.5.1 by @dependabot in https://github.com/dexidp/dex/pull/2576
- build(deps): bump mheap/github-action-required-labels from 1 to 2 by @dependabot in https://github.com/dexidp/dex/pull/2565
- build(deps): bump google.golang.org/api from 0.82.0 to 0.86.0 by @dependabot in https://github.com/dexidp/dex/pull/2574
- build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 by @dependabot in https://github.com/dexidp/dex/pull/2560
- build(deps): bump aquasecurity/trivy-action from 0.5.1 to 0.6.0 by @dependabot in https://github.com/dexidp/dex/pull/2602
- build(deps): bump alpine from 3.16.0 to 3.16.1 by @dependabot in https://github.com/dexidp/dex/pull/2598
- build(deps): bump golang from 1.18.3-alpine3.15 to 1.18.4-alpine3.15 by @dependabot in https://github.com/dexidp/dex/pull/2592
- build(deps): bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 by @dependabot in https://github.com/dexidp/dex/pull/2599
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.2 to 3.4.4 by @dependabot in https://github.com/dexidp/dex/pull/2606
- build(deps): bump google.golang.org/api from 0.86.0 to 0.89.0 by @dependabot in https://github.com/dexidp/dex/pull/2605
- build(deps): bump aquasecurity/trivy-action from 0.6.0 to 0.6.1 by @dependabot in https://github.com/dexidp/dex/pull/2604
New Contributors
- @kellyma2 made their first contribution in https://github.com/dexidp/dex/pull/2524
- @josephtknight made their first contribution in https://github.com/dexidp/dex/pull/2586
- @bbusse made their first contribution in https://github.com/dexidp/dex/pull/2584
Full Changelog: https://github.com/dexidp/dex/compare/v2.32.0...v2.33.0
dex
- v2.32.0
Published by sagikazarmark over 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.32.0
What's Changed
Exciting New Features 🎉
- Publish official distroless images by @sagikazarmark in https://github.com/dexidp/dex/pull/2478
- Feature: groups in Gitea by @techknowlogick in https://github.com/dexidp/dex/pull/1789
Enhancements 🚀
- Add support for RefreshConnector for openshift connector. by @dhaus67 in https://github.com/dexidp/dex/pull/2342
- Allow configuration of returned groups via authproxy connector by @seuf in https://github.com/dexidp/dex/pull/2371
- Add acr_values support for OIDC by @dirien in https://github.com/dexidp/dex/pull/2418
- fix: Implicit Grant discovery by @nabokihms in https://github.com/dexidp/dex/pull/2433
- fix: log only errors on refreshing by @nabokihms in https://github.com/dexidp/dex/pull/2470
- Create setting to allow to trust the system root CAs by @dhaus67 in https://github.com/dexidp/dex/pull/2430
- Add numeric user ID support for oauth connector by @tsl0922 in https://github.com/dexidp/dex/pull/2483
- Remove google specific hd / hosted domain claim config from oidc connector by @Blorpy in https://github.com/dexidp/dex/pull/2511
- OIDC connector: Support cases where there is no id_token when using a refresh_token grant by @Blorpy in https://github.com/dexidp/dex/pull/2522
- feat: add enhancement template by @nabokihms in https://github.com/dexidp/dex/pull/2486
- Release note configuration by @sagikazarmark in https://github.com/dexidp/dex/pull/2463
- fix: add notification about groups access to the Grant Access page by @nabokihms in https://github.com/dexidp/dex/pull/2533
- feat: enable profiling endpoints by @nabokihms in https://github.com/dexidp/dex/pull/2482
Bug Fixes 🐛
- Build multi-platform images in a single build job by @sagikazarmark in https://github.com/dexidp/dex/pull/2487
- Fixes https://github.com/dexidp/dex/issues/2537 by @ShivanshVij in https://github.com/dexidp/dex/pull/2538
- correctly handle path escaping for connector IDs by @bobcallaway in https://github.com/dexidp/dex/pull/2290
Dependency Updates ⬆️
- build(deps): bump golang from 1.17.6-alpine3.14 to 1.17.7-alpine3.14 by @dependabot in https://github.com/dexidp/dex/pull/2411
- build(deps): bump google.golang.org/api from 0.68.0 to 0.69.0 by @dependabot in https://github.com/dexidp/dex/pull/2415
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.1 to 3.4.2 by @dependabot in https://github.com/dexidp/dex/pull/2416
- build(deps): bump google.golang.org/api from 0.69.0 to 0.70.0 by @dependabot in https://github.com/dexidp/dex/pull/2419
- build(deps): bump actions/checkout from 2 to 3 by @dependabot in https://github.com/dexidp/dex/pull/2422
- build(deps): bump github.com/russellhaering/goxmldsig from 1.1.1 to 1.2.0 by @dependabot in https://github.com/dexidp/dex/pull/2424
- build(deps): bump golang from 1.17.7-alpine3.14 to 1.17.8-alpine3.14 by @dependabot in https://github.com/dexidp/dex/pull/2426
- build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2437
- build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 by @dependabot in https://github.com/dexidp/dex/pull/2440
- build(deps): bump alpine from 3.15.0 to 3.15.1 by @dependabot in https://github.com/dexidp/dex/pull/2444
- build(deps): bump alpine from 3.15.1 to 3.15.3 by @dependabot in https://github.com/dexidp/dex/pull/2456
- build(deps): bump alpine from 3.15.3 to 3.15.4 by @dependabot in https://github.com/dexidp/dex/pull/2461
- build(deps): bump google.golang.org/api from 0.70.0 to 0.74.0 by @dependabot in https://github.com/dexidp/dex/pull/2458
- build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0 by @dependabot in https://github.com/dexidp/dex/pull/2451
- Update ent by @sagikazarmark in https://github.com/dexidp/dex/pull/2428
- build(deps): bump aquasecurity/trivy-action from 0.2.2 to 0.2.3 by @dependabot in https://github.com/dexidp/dex/pull/2466
- build(deps): bump actions/setup-go from 2 to 3 by @dependabot in https://github.com/dexidp/dex/pull/2467
- Bump Alpine to latest version by @MattiasGees in https://github.com/dexidp/dex/pull/2471
- build(deps): bump aquasecurity/trivy-action from 0.2.4 to 0.2.5 by @dependabot in https://github.com/dexidp/dex/pull/2481
- build(deps): bump github/codeql-action from 1 to 2 by @dependabot in https://github.com/dexidp/dex/pull/2494
- build(deps): bump docker/build-push-action from 2 to 3 by @dependabot in https://github.com/dexidp/dex/pull/2510
- build(deps): bump docker/metadata-action from 3 to 4 by @dependabot in https://github.com/dexidp/dex/pull/2509
- build(deps): bump docker/login-action from 1 to 2 by @dependabot in https://github.com/dexidp/dex/pull/2507
- build(deps): bump docker/setup-qemu-action from 1 to 2 by @dependabot in https://github.com/dexidp/dex/pull/2508
- build(deps): bump docker/setup-buildx-action from 1 to 2 by @dependabot in https://github.com/dexidp/dex/pull/2506
- build(deps): bump aquasecurity/trivy-action from 0.2.5 to 0.3.0 by @dependabot in https://github.com/dexidp/dex/pull/2525
- chore: Go mod update 1.17 by @nabokihms in https://github.com/dexidp/dex/pull/2532
- build(deps): bump alpine from 3.15.4 to 3.16.0 by @dependabot in https://github.com/dexidp/dex/pull/2531
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.2 to 3.5.4 by @dependabot in https://github.com/dexidp/dex/pull/2491
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.1.0 to 3.2.0 by @dependabot in https://github.com/dexidp/dex/pull/2528
- build(deps): bump google.golang.org/grpc from 1.45.0 to 1.46.2 by @dependabot in https://github.com/dexidp/dex/pull/2526
- build(deps): bump github.com/prometheus/client_golang from 1.12.1 to 1.12.2 by @dependabot in https://github.com/dexidp/dex/pull/2529
- build(deps): bump github.com/felixge/httpsnoop from 1.0.2 to 1.0.3 by @dependabot in https://github.com/dexidp/dex/pull/2527
- build(deps): bump google.golang.org/api from 0.74.0 to 0.81.0 by @dependabot in https://github.com/dexidp/dex/pull/2534
- build(deps): bump google.golang.org/grpc from 1.44.0 to 1.46.2 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2517
- build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2452
- feat: upgrade Go to 1.18 by @sagikazarmark in https://github.com/dexidp/dex/pull/2441
- build(deps): bump golang from 1.18.0-alpine3.15 to 1.18.2-alpine3.15 by @dependabot in https://github.com/dexidp/dex/pull/2535
- build(deps): bump google.golang.org/api from 0.81.0 to 0.82.0 by @dependabot in https://github.com/dexidp/dex/pull/2549
- build(deps): bump google.golang.org/grpc from 1.46.2 to 1.47.0 by @dependabot in https://github.com/dexidp/dex/pull/2543
- build(deps): bump golang from 1.18.2-alpine3.15 to 1.18.3-alpine3.15 by @dependabot in https://github.com/dexidp/dex/pull/2548
- build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 by @dependabot in https://github.com/dexidp/dex/pull/2550
- chore(deps): update grpc by @sagikazarmark in https://github.com/dexidp/dex/pull/2551
Other Changes
- Update alpine version by @sagikazarmark in https://github.com/dexidp/dex/pull/2446
- New docker image build by @sagikazarmark in https://github.com/dexidp/dex/pull/2474
- Qemu tweaks by @sagikazarmark in https://github.com/dexidp/dex/pull/2480
- Add docker metadata action by @sagikazarmark in https://github.com/dexidp/dex/pull/2488
- ci: use docker metadata for build input by @sagikazarmark in https://github.com/dexidp/dex/pull/2489
- chore: do not use caching for docker build by @nabokihms in https://github.com/dexidp/dex/pull/2516
- Bump lint timeout to reduce the number of failed executions by @nabokihms in https://github.com/dexidp/dex/pull/2523
New Contributors
- @dhaus67 made their first contribution in https://github.com/dexidp/dex/pull/2342
- @dirien made their first contribution in https://github.com/dexidp/dex/pull/2418
- @MattiasGees made their first contribution in https://github.com/dexidp/dex/pull/2471
- @tsl0922 made their first contribution in https://github.com/dexidp/dex/pull/2483
- @Blorpy made their first contribution in https://github.com/dexidp/dex/pull/2511
- @ShivanshVij made their first contribution in https://github.com/dexidp/dex/pull/2538
Full Changelog: https://github.com/dexidp/dex/compare/v2.31.0...v2.32.0
dex
- v2.31.2
Published by sagikazarmark over 2 years ago
This is a maintenance release upgrading Go to apply some security patches.
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.31.2
What's Changed
- Update go to 1.17.10 by @sagikazarmark in https://github.com/dexidp/dex/pull/2536
Full Changelog: https://github.com/dexidp/dex/compare/v2.31.1...v2.31.2
dex
- v2.31.1
Published by sagikazarmark over 2 years ago
This is a maintenance release upgrading Go to apply some security patches.
What's Changed
- Update golang image by @sagikazarmark in https://github.com/dexidp/dex/pull/2447
Full Changelog: https://github.com/dexidp/dex/compare/v2.31.0...v2.31.1
dex
- v2.31.0
Published by sagikazarmark over 2 years ago
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.31.0
What's Changed
- Bump Dex image to v2.30.0 for Kubernetes deployment example by @rdimitrov in https://github.com/dexidp/dex/pull/2232
- Update Go to 1.17 by @sagikazarmark in https://github.com/dexidp/dex/pull/2247
- refactor: move from io/ioutil to io and os package by @Juneezee in https://github.com/dexidp/dex/pull/2278
- feat: Add MySQL ent-based storage driver by @nabokihms in https://github.com/dexidp/dex/pull/2272
- chore: fix ioutil lint error after merging MySQL ent storage by @nabokihms in https://github.com/dexidp/dex/pull/2282
- Add parametrization of grant type supported in discovery endpoint by @ariary in https://github.com/dexidp/dex/pull/2265
- Resolves #2111 Option to fetch transitive group membership by @snuggie12 in https://github.com/dexidp/dex/pull/2268
- Return valid JWT access token from password grant by @enj in https://github.com/dexidp/dex/pull/2234
- fix: do not update offlinesession lastUsed field if refresh token was not updated by @nabokihms in https://github.com/dexidp/dex/pull/2300
- fix web static file path slash error for win platform by @copperyp in https://github.com/dexidp/dex/pull/2305
- Update grpc by @sagikazarmark in https://github.com/dexidp/dex/pull/2321
- ci: fix container image permissions by @sagikazarmark in https://github.com/dexidp/dex/pull/2329
- feat: print dex version in the logs by @iam-veeramalla in https://github.com/dexidp/dex/pull/2337
- OAuth connector by @xtremerui in https://github.com/dexidp/dex/pull/1630
- fix: return invalid_grant error on claiming token of another client by @nabokihms in https://github.com/dexidp/dex/pull/2344
- chore: warning about deprecated LDAP groupSearch fields by @nabokihms in https://github.com/dexidp/dex/pull/2026
- Add Nix environment by @sagikazarmark in https://github.com/dexidp/dex/pull/2324
- Update dependencies in the examples package by @sagikazarmark in https://github.com/dexidp/dex/pull/2372
- add sigstore to ADOPTERS.md by @bobcallaway in https://github.com/dexidp/dex/pull/2374
- Add claimMapping enforcement by @Happy2C0de in https://github.com/dexidp/dex/pull/2233
- ci: run trivy scan on container image by @sagikazarmark in https://github.com/dexidp/dex/pull/2387
- chore: update gomplate by @sagikazarmark in https://github.com/dexidp/dex/pull/2388
- chore: update golangci-lint download script by @nabokihms in https://github.com/dexidp/dex/pull/2394
- [fix] Replace /teams API w/ /workspaces endpoints by @rahulchheda in https://github.com/dexidp/dex/pull/2390
- ci: add Docker cache to speed builds up by @sagikazarmark in https://github.com/dexidp/dex/pull/2400
- distroless: Dockerfile works with distroless base image by @ankeesler in https://github.com/dexidp/dex/pull/2378
- Update dependencies by @sagikazarmark in https://github.com/dexidp/dex/pull/2404
- Update API package by @sagikazarmark in https://github.com/dexidp/dex/pull/2405
Dependency updates
- build(deps): bump entgo.io/ent from 0.8.0 to 0.9.0 by @dependabot in https://github.com/dexidp/dex/pull/2226
- build(deps): bump golang from 1.16.6-alpine3.13 to 1.16.7-alpine3.13 by @dependabot in https://github.com/dexidp/dex/pull/2225
- build(deps): bump google.golang.org/grpc from 1.39.0 to 1.39.1 by @dependabot in https://github.com/dexidp/dex/pull/2227
- build(deps): bump google.golang.org/api from 0.52.0 to 0.53.0 by @dependabot in https://github.com/dexidp/dex/pull/2235
- build(deps): bump google.golang.org/grpc from 1.39.1 to 1.40.0 by @dependabot in https://github.com/dexidp/dex/pull/2236
- build(deps): bump alpine from 3.14.0 to 3.14.1 by @dependabot in https://github.com/dexidp/dex/pull/2229
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.3.0 to 3.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2239
- build(deps): bump google.golang.org/api from 0.53.0 to 0.54.0 by @dependabot in https://github.com/dexidp/dex/pull/2241
- build(deps): bump github.com/AppsFlyer/go-sundheit from 0.4.0 to 0.5.0 by @dependabot in https://github.com/dexidp/dex/pull/2240
- build(deps): bump google.golang.org/protobuf from 1.26.0 to 1.27.1 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2243
- build(deps): bump google.golang.org/grpc from 1.36.1 to 1.40.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2242
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.0 to 3.4.1 by @dependabot in https://github.com/dexidp/dex/pull/2246
- build(deps): bump entgo.io/ent from 0.9.0 to 0.9.1 by @dependabot in https://github.com/dexidp/dex/pull/2249
- build(deps): bump alpine from 3.14.1 to 3.14.2 by @dependabot in https://github.com/dexidp/dex/pull/2258
- build(deps): bump google.golang.org/api from 0.54.0 to 0.55.0 by @dependabot in https://github.com/dexidp/dex/pull/2259
- build(deps): bump google.golang.org/api from 0.55.0 to 0.56.0 by @dependabot in https://github.com/dexidp/dex/pull/2262
- build(deps): bump github.com/lib/pq from 1.10.2 to 1.10.3 by @dependabot in https://github.com/dexidp/dex/pull/2263
- build(deps): bump github.com/russellhaering/goxmldsig from 1.1.0 to 1.1.1 by @dependabot in https://github.com/dexidp/dex/pull/2270
- build(deps): bump golang from 1.17.0-alpine3.14 to 1.17.1-alpine3.14 by @dependabot in https://github.com/dexidp/dex/pull/2269
- build(deps): bump google.golang.org/api from 0.56.0 to 0.57.0 by @dependabot in https://github.com/dexidp/dex/pull/2277
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.1.0 by @dependabot in https://github.com/dexidp/dex/pull/2279
- build(deps): bump golang from 1.17.1-alpine3.14 to 1.17.2-alpine3.14 by @dependabot in https://github.com/dexidp/dex/pull/2292
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.0 to 3.5.1 by @dependabot in https://github.com/dexidp/dex/pull/2298
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.0 to 3.5.1 by @dependabot in https://github.com/dexidp/dex/pull/2299
- build(deps): bump google.golang.org/grpc from 1.40.0 to 1.41.0 by @dependabot in https://github.com/dexidp/dex/pull/2285
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.8 to 1.14.9 by @dependabot in https://github.com/dexidp/dex/pull/2302
- build(deps): bump google.golang.org/grpc from 1.40.0 to 1.41.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2286
- build(deps): bump google.golang.org/api from 0.57.0 to 0.58.0 by @dependabot in https://github.com/dexidp/dex/pull/2287
- build(deps): bump google.golang.org/api from 0.58.0 to 0.59.0 by @dependabot in https://github.com/dexidp/dex/pull/2303
- build(deps): bump google.golang.org/api from 0.59.0 to 0.60.0 by @dependabot in https://github.com/dexidp/dex/pull/2308
- build(deps): bump golang from 1.17.2-alpine3.14 to 1.17.3-alpine3.14 by @dependabot in https://github.com/dexidp/dex/pull/2317
- build(deps): bump github.com/lib/pq from 1.10.3 to 1.10.4 by @dependabot in https://github.com/dexidp/dex/pull/2320
- build(deps): bump alpine from 3.14.2 to 3.14.3 by @dependabot in https://github.com/dexidp/dex/pull/2325
- build(deps): bump alpine from 3.14.3 to 3.15.0 by @dependabot in https://github.com/dexidp/dex/pull/2336
- build(deps): bump google.golang.org/api from 0.60.0 to 0.61.0 by @dependabot in https://github.com/dexidp/dex/pull/2341
- build(deps): bump golang from 1.17.3-alpine3.14 to 1.17.4-alpine3.14 by @dependabot in https://github.com/dexidp/dex/pull/2345
- build(deps): bump google.golang.org/api from 0.61.0 to 0.62.0 by @dependabot in https://github.com/dexidp/dex/pull/2348
- build(deps): bump golang from 1.17.4-alpine3.14 to 1.17.5-alpine3.14 by @dependabot in https://github.com/dexidp/dex/pull/2349
- build(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0 by @dependabot in https://github.com/dexidp/dex/pull/2354
- build(deps): bump google.golang.org/api from 0.62.0 to 0.63.0 by @dependabot in https://github.com/dexidp/dex/pull/2353
- build(deps): bump google.golang.org/grpc from 1.42.0 to 1.43.0 by @dependabot in https://github.com/dexidp/dex/pull/2355
- build(deps): bump google.golang.org/grpc from 1.42.0 to 1.43.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2356
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.9 to 1.14.10 by @dependabot in https://github.com/dexidp/dex/pull/2362
- build(deps): bump golang from 1.17.5-alpine3.14 to 1.17.6-alpine3.14 by @dependabot in https://github.com/dexidp/dex/pull/2363
- build(deps): bump google.golang.org/api from 0.63.0 to 0.64.0 by @dependabot in https://github.com/dexidp/dex/pull/2364
- build(deps): bump google.golang.org/api from 0.64.0 to 0.65.0 by @dependabot in https://github.com/dexidp/dex/pull/2368
- build(deps): bump github.com/prometheus/client_golang from 1.11.0 to 1.12.0 by @dependabot in https://github.com/dexidp/dex/pull/2380
- build(deps): bump google.golang.org/grpc from 1.43.0 to 1.44.0 by @dependabot in https://github.com/dexidp/dex/pull/2384
- build(deps): bump google.golang.org/grpc from 1.43.0 to 1.44.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2385
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.1 to 3.5.2 by @dependabot in https://github.com/dexidp/dex/pull/2395
- build(deps): bump aquasecurity/trivy-action from 0.2.1 to 0.2.2 by @dependabot in https://github.com/dexidp/dex/pull/2398
- build(deps): bump google.golang.org/api from 0.65.0 to 0.67.0 by @dependabot in https://github.com/dexidp/dex/pull/2399
- build(deps): bump github.com/prometheus/client_golang from 1.12.0 to 1.12.1 by @dependabot in https://github.com/dexidp/dex/pull/2393
New Contributors
- @rdimitrov made their first contribution in https://github.com/dexidp/dex/pull/2232
- @Juneezee made their first contribution in https://github.com/dexidp/dex/pull/2278
- @ariary made their first contribution in https://github.com/dexidp/dex/pull/2265
- @snuggie12 made their first contribution in https://github.com/dexidp/dex/pull/2268
- @enj made their first contribution in https://github.com/dexidp/dex/pull/2234
- @copperyp made their first contribution in https://github.com/dexidp/dex/pull/2305
- @iam-veeramalla made their first contribution in https://github.com/dexidp/dex/pull/2337
- @bobcallaway made their first contribution in https://github.com/dexidp/dex/pull/2374
- @Happy2C0de made their first contribution in https://github.com/dexidp/dex/pull/2233
- @rahulchheda made their first contribution in https://github.com/dexidp/dex/pull/2390
- @ankeesler made their first contribution in https://github.com/dexidp/dex/pull/2378
Full Changelog: https://github.com/dexidp/dex/compare/v2.30.0...v2.31.0
dex
- v2.30.3
Published by nabokihms over 2 years ago
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.3
Bugfixes:
-
Bitbucket Cloud connector: replace
/teamsAPI w//workspaces
(#2390, @rahulchheda)Note: Deprecated
/teamsendpoints were deleted by Atlassian, which broke the Bitbucket Cloud connector. Thus anyone using authentication through Bitbucket Cloud should upgrade Dex to the>= v2.30.3version.
dex
- v2.30.2
Published by sagikazarmark almost 3 years ago
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.2
This version is identical to v2.30.1.
We had some issues with CI when tagging v2.30.1 and tried tagging one more time. Ultimately, it turned out to be a permission issue. After fixing that both builds completed successfully.
dex
- v2.30.1
Published by sagikazarmark almost 3 years ago
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.1
Security:
- Upgrade alpine (#2327, @sagikazarmark)
dex
- v2.30.0
Published by nabokihms about 3 years ago
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.0
Features:
- Improve auth flow error handling (#1862, @tkleczek)
- Create CRDs as
apiextensions.k8s.io/v1(#2025, @nabokihms) - Read a namespace from the file for the Kubernetes storage client (#2092, @nabokihms)
- Update token periodically if Dex is running in a Kubernetes cluster (#2112, @nabokihms)
Bugfixes:
- Fix refreshing tokens that obtained with the password grant type (#2199, @hensur)
- Use only one sqlite3 connection to avoid the "database is locked" error (#2212, @salmanisd)
Minor changes:
- Add the ent-based postgres storage (#2121, @nabokihms)
- Demonstrate use of the
htpasswdfor the bCrypt hashing in static passwords (#2218, @jglick)
Dependencies:
- github.com/spf13/cobra 1.1.3 -> 1.2.1
- google.golang.org/grpc 1.38.0 -> 1.39.0
- google.golang.org/api 0.49.0 -> 0.52.0
- Build
golangdocker image 1.16.5-alpine3.13 -> 1.16.6-alpine3.13
Package Rankings
Top 0.64% on Proxy.golang.org
Badges
Extracted from project README
