Releases: dexidp/dex
Releases · dexidp/dex
v2.38.0
v2.38.0
This tag was signed with the committer’s verified signature.
sagikazarmark
Márk Sági-Kazár
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.38.0
What's Changed
Exciting New Features 🎉
- RFC 8693 OAuth 2.0 Token Exchange by @seankhliao in #2806
Enhancements 🚀
- include granttypes in example config by @seankhliao in #3027
- Add GetClient grpc service by @marcofranssen in #2972
- feat: Update response_types_supported to allow multiple-valued response type combinations by @Cedric-Magnan in #2521
- verify access tokens by checking getuserinfo during a token exchange by @seankhliao in #3031
- Store offline sessions only if they were requested by the user by @MM53 in #3125
- Minimalistic support for group filtering in oidc connector by @mdpradeep in #3074
- feat(connector/microsoft): support custom api and graph URLs by @sagikazarmark in #3084
- Composite claims in OIDC connector by @Oded-B in #3056
- Add support for extra claims to authproxy connector by @mkjpryor in #2851
- Add support for linux/s390x by @lysliu in #3189
- Override OIDC provider discovered claims by @nabokihms in #3267
- Bump gomplate to v3.11.7 by @nabokihms in #3293
- Introduce a dedicated pkg for featureflags by @nabokihms in #3278
- Sign container images by @nabokihms in #3269
- Add context to storage's Create endpoints by @PumpkinSeed in #2935
- feat: add TLS versions configuration by @tuminoid in #3303
Bug Fixes 🐛
- Fix etcd device requests by @MM53 in #3119
- Fix lint errors after merging AllowedHeaders feature by @nabokihms in #3247
- Propagate Dex version from build args by @nabokihms in #3276
Dependency Updates ⬆️
- build(deps): bump golang.org/x/net from 0.11.0 to 0.12.0 by @dependabot in #3036
- build(deps): bump google.golang.org/api from 0.129.0 to 0.130.0 by @dependabot in #3034
- build(deps): bump golang.org/x/crypto from 0.10.0 to 0.11.0 by @dependabot in #3035
- build(deps): bump helm/kind-action from 1.7.0 to 1.8.0 by @dependabot in #3041
- build(deps): bump google.golang.org/api from 0.130.0 to 0.134.0 by @dependabot in #3054
- build(deps): bump docker/setup-buildx-action from 2.8.0 to 2.9.1 by @dependabot in #3043
- build(deps): bump github/codeql-action from 2.20.1 to 2.21.2 by @dependabot in #3057
- build(deps): bump google.golang.org/grpc from 1.56.1 to 1.57.0 by @dependabot in #3055
- build(deps): bump google.golang.org/protobuf from 1.30.0 to 1.31.0 in /api/v2 by @dependabot in #3021
- build(deps): bump google.golang.org/grpc from 1.55.0 to 1.57.0 in /api/v2 by @dependabot in #3053
- build(deps): bump golang.org/x/net from 0.12.0 to 0.13.0 by @dependabot in #3060
- build(deps): bump google.golang.org/api from 0.134.0 to 0.138.0 by @dependabot in #3079
- build(deps): bump actions/dependency-review-action from 3.0.6 to 3.0.8 by @dependabot in #3078
- build(deps): bump github/codeql-action from 2.21.2 to 2.21.4 by @dependabot in #3076
- build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in #3071
- build(deps): bump alpine from 3.18.2 to 3.18.3 by @dependabot in #3069
- build(deps): bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 by @dependabot in #3090
- build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #3099
- build(deps): bump docker/setup-buildx-action from 2.9.1 to 3.0.0 by @dependabot in #3104
- build(deps): bump actions/checkout from 3.5.3 to 4.1.0 by @dependabot in #3117
- build(deps): bump alpine from 3.18.3 to 3.18.4 by @dependabot in #3130
- build(deps): bump github/codeql-action from 2.21.4 to 2.21.9 by @dependabot in #3127
- build(deps): bump google.golang.org/api from 0.138.0 to 0.143.0 by @dependabot in #3121
- build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 by @dependabot in #3116
- build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 in /api/v2 by @dependabot in #3115
- build(deps): bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 by @dependabot in #3132
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.5 to 3.4.6 by @dependabot in #3133
- build(deps): bump docker/login-action from 2.2.0 to 3.0.0 by @dependabot in #3134
- build(deps): bump docker/build-push-action from 4.1.1 to 5.0.0 by @dependabot in #3135
- build(deps): bump docker/metadata-action from 4.6.0 to 5.0.0 by @dependabot in #3136
- build(deps): bump actions/dependency-review-action from 3.0.8 to 3.1.0 by @dependabot in #3137
- build(deps): bump docker/setup-qemu-action from 2.2.0 to 3.0.0 by @dependabot in #3138
- build(deps): bump google.golang.org/api from 0.143.0 to 0.147.0 by @dependabot in #3152
- build(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot in #3155
- build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in #3154
- build(deps): bump github/codeql-action from 2.21.9 to 2.22.3 by @dependabot in #3153
- build(deps): bump tonistiigi/xx from 1.2.1 to 1.3.0 by @dependabot in #3161
- build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #3159
- build(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @dependabot in #3157
- build(deps): bump golang.org/x/net from 0.7.0 to 0.17.0 in /examples by @dependabot in #3151
- build(deps): bump google.golang.org/api from 0.147.0 to 0.148.0 by @dependabot in #3163
- build(deps): bump golang.org/x/net from 0.12.0 to 0.17.0 in /api/v2 by @dependabot in #3150
- Bump Go 1.21 by @nabokihms in #3165
- build(deps): bump google.golang.org/grpc from 1.58.2 to 1.59.0 in /api/v2 by @dependabot in #3158
- Bump ent (v0.12.4) and example app dependencies by @nabokihms in #3166
- build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0 by @dependabot in #3167
- build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in #3168
- build(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 by @dependabot in #3169
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.9 to 3.5.11 by @dependabot in #3216
- build(deps): bump golang from 1.21.3-alpine3.18 to 1.21.5-alpine3.18 by @dependabot in #3213
- build(deps): bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 by @dependabot in #3181
- build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #3182
- build(deps): bump docker/build-push-action from 5.0.0 to 5.1.0 by @dependabot in #3198
- build(deps): bump anchore/sbom-action from 0.14.3 to 0.15.1 by @dependabot in #3210
- build(deps): bump aquasecurity/trivy-action from 0.12.0 to 0.16.0 by @dependabot in #3219
- build(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.4 by @dependabot in #3206
- Bump golangci-lint 1.55.2 by @nabokihms in #3232
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.17 to 1.14.19 by @dependabot in #3226
- build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 by @dependabot in #3228
- build(deps): bump alpine from 3.18.4 to 3.19.0 by @dependabot in #3214
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @dependabot in #3201
- build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /examples by @dependabot in #3229
- build(deps)...
Contributors
mkjpryor, marcofranssen, and 14 other contributors
Assets 2
v2.37.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.37.0
What's Changed
Exciting New Features 🎉
- TLS cert reloader by @seankhliao in #2964
Enhancements 🚀
- Add xx to cross-compile binaries in Docker by @sagikazarmark in #2898
- Spelling by @jsoref in #2919
- LDAP case-insensitive DN attribute by @nabokihms in #2829
- Utilize native git diff --exit-code by @marcofranssen in #2981
- Google: Add Support for Multiple Admin Emails to Retrieve Group Lists by @vsychov in #2911
Bug Fixes 🐛
- Do not skip approval screen by default by @nabokihms in #2897
- Fail if OIDC config contains hosted domains by @nabokihms in #2937
Dependency Updates ⬆️
- build(deps): bump alpine from 3.17.2 to 3.17.3 by @dependabot in #2879
- build(deps): bump mheap/github-action-required-labels from 3 to 4 by @dependabot in #2881
- build(deps): bump google.golang.org/grpc from 1.53.0 to 1.54.0 by @dependabot in #2873
- build(deps): bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 by @dependabot in #2892
- build(deps): bump golang from 1.20.2-alpine3.16 to 1.20.3-alpine3.16 by @dependabot in #2884
- build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0 by @dependabot in #2885
- build(deps): bump aquasecurity/trivy-action from 0.9.2 to 0.10.0 by @dependabot in #2905
- build(deps): bump github.com/prometheus/client_golang from 1.14.0 to 1.15.0 by @dependabot in #2900
- build(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 by @dependabot in #2891
- build(deps): bump github.com/russellhaering/goxmldsig from 1.3.0 to 1.4.0 by @dependabot in #2920
- build(deps): bump golang from 1.20.3-alpine3.16 to 1.20.4-alpine3.16 by @dependabot in #2924
- build(deps): bump github.com/lib/pq from 1.10.7 to 1.10.9 by @dependabot in #2922
- build(deps): bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 by @dependabot in #2929
- build(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 by @dependabot in #2932
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.7 to 3.5.8 by @dependabot in #2899
- build(deps): bump github.com/beevik/etree from 1.1.0 to 1.1.4 by @dependabot in #2939
- build(deps): bump github.com/go-sql-driver/mysql from 1.7.0 to 1.7.1 by @dependabot in #2938
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.8 to 3.5.9 by @dependabot in #2946
- build(deps): bump github/codeql-action from 2.3.1 to 2.3.3 by @dependabot in #2943
- build(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2 by @dependabot in #2942
- build(deps): bump alpine from 3.17.3 to 3.18.0 by @dependabot in #2930
- build(deps): bump google.golang.org/grpc from 1.53.0 to 1.55.0 in /api/v2 by @dependabot in #2927
- build(deps): bump google.golang.org/api from 0.114.0 to 0.122.0 by @dependabot in #2931
- build(deps): bump entgo.io/ent from 0.11.10 to 0.12.3 by @dependabot in #2923
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.7 to 3.5.9 by @dependabot in #2944
- build(deps): bump github.com/prometheus/client_golang from 1.15.0 to 1.15.1 by @dependabot in #2945
- build(deps): bump helm/kind-action from 1.5.0 to 1.7.0 by @dependabot in #2956
- build(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 by @dependabot in #2957
- build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 by @dependabot in #2949
- build(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 by @dependabot in #2948
- build(deps): bump google.golang.org/api from 0.122.0 to 0.123.0 by @dependabot in #2959
- build(deps): bump github.com/beevik/etree from 1.1.4 to 1.2.0 by @dependabot in #2947
- build(deps): bump github/codeql-action from 2.3.3 to 2.3.5 by @dependabot in #2970
- build(deps): bump google.golang.org/api from 0.123.0 to 0.124.0 by @dependabot in #2968
- build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @dependabot in #2958
- build(deps): bump aquasecurity/trivy-action from 0.10.0 to 0.11.0 by @dependabot in #2984
- build(deps): bump github/codeql-action from 2.3.5 to 2.3.6 by @dependabot in #2982
- build(deps): bump actions/dependency-review-action from 3.0.4 to 3.0.6 by @dependabot in #2978
- build(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 by @dependabot in #2983
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.16 to 1.14.17 by @dependabot in #2979
- build(deps): bump google.golang.org/api from 0.124.0 to 0.125.0 by @dependabot in #2976
- build(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @dependabot in #2977
- build(deps): bump docker/login-action from 2.1.0 to 2.2.0 by @dependabot in #2987
- build(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0 by @dependabot in #2985
- build(deps): bump docker/metadata-action from 4.4.0 to 4.5.0 by @dependabot in #2986
- build(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 by @dependabot in #2988
- build(deps): bump mheap/github-action-required-labels from 4 to 5 by @dependabot in #2990
- build(deps): bump aquasecurity/trivy-action from 0.11.0 to 0.11.2 by @dependabot in #2995
- build(deps): bump github/codeql-action from 2.3.6 to 2.20.0 by @dependabot in #3002
- build(deps): bump google.golang.org/api from 0.125.0 to 0.127.0 by @dependabot in #2999
- build(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0 by @dependabot in #3001
- build(deps): bump docker/build-push-action from 4.0.0 to 4.1.1 by @dependabot in #3003
- build(deps): bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #2993
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.5 by @dependabot in #2997
- build(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 by @dependabot in #3004
- build(deps): bump alpine from 3.18.0 to 3.18.2 by @dependabot in #3008
- build(deps): bump docker/metadata-action from 4.5.0 to 4.6.0 by @dependabot in #3007
- build(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 by @dependabot in #3005
- build(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 by @dependabot in #3009
- build(deps): bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 by @dependabot in #3010
- build(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 by @dependabot in #3016
- build(deps): bump github/codeql-action from 2.20.0 to 2.20.1 by @dependabot in #3015
- build(deps): bump anchore/sbom-action from 0.14.2 to 0.14.3 by @dependabot in #3014
- build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in #3019
- build(deps): bump google.golang.org/api from 0.127.0 to 0.129.0 by @dependabot in #3022
- build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 by @dependabot in #3023
New Contributors
- @marcofranssen made their first contribution in #2981
- @vsychov made their first contribution in #2911
Full Changelog: v2.36.0...v2.37.0
Contributors
marcofranssen, sagikazarmark, and 5 other contributors
Assets 2
v2.36.0
v2.36.0
This tag was signed with the committer’s verified signature.
sagikazarmark
Márk Sági-Kazár
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.36.0
What's Changed
Enhancements 🚀
- TLS configure for OIDC connector by @xtremerui in #1632
- Add icon for gitea by @pinpox in #2733
- fix: Do not use connector data from the refresh token field by @nabokihms in #2729
- Add preferredEmailDomain config option for GitHub connector by @nobuyo in #2740
- Move unique functionality into getGroups to reduce calls to google by @snuggie12 in #2628
- fix: prevent server-side request forgery using Kubernetes storage by @nabokihms in #2479
- fix: return 401 if password is invalid by @nabokihms in #2796
- feat: Add default robots.txt by @nabokihms in #2834
- Skip redirection to approval when it is not required (#2686) by @nobuyo in #2805
- feat: Bump dependencies and Makefile refactoring by @nabokihms in #2844
Bug Fixes 🐛
- Make admin email optional when no service account path is configured by @sagikazarmark in #2695
- Only initialize google admin service if necessary by @sagikazarmark in #2700
Dependency Updates ⬆️
- build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16 by @dependabot in #2697
- fix: Update gomplate version to 3.11.3 fix CVE-2022-27665 by @nabokihms in #2705
- build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by @dependabot in #2708
- build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 by @dependabot in #2715
- build(deps): bump google.golang.org/api from 0.98.0 to 0.101.0 by @dependabot in #2720
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.15 to 1.14.16 by @dependabot in #2721
- build(deps): bump aquasecurity/trivy-action from 0.7.1 to 0.8.0 by @dependabot in #2723
- build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 by @dependabot in #2718
- build(deps): bump golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16 by @dependabot in #2724
- build(deps): bump alpine from 3.16.2 to 3.17.0 by @dependabot in #2746
- build(deps): bump github.com/prometheus/client_golang from 1.13.0 to 1.14.0 by @dependabot in #2735
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.5 to 3.5.6 by @dependabot in #2744
- build(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 by @dependabot in #2751
- build(deps): bump golang from 1.19.3-alpine3.16 to 1.19.4-alpine3.16 by @dependabot in #2750
- build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 by @dependabot in #2755
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.5 to 3.5.6 by @dependabot in #2743
- build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 by @dependabot in #2754
- build(deps): bump helm/kind-action from 1.4.0 to 1.5.0 by @dependabot in #2758
- build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0 by @dependabot in #2741
- build(deps): bump google.golang.org/api from 0.101.0 to 0.104.0 by @dependabot in #2753
- build(deps): bump google.golang.org/grpc from 1.49.0 to 1.51.0 in /api/v2 by @dependabot in #2742
- build(deps): bump golang.org/x/net from 0.3.0 to 0.4.0 by @dependabot in #2761
- build(deps): bump entgo.io/ent from 0.11.3 to 0.11.4 by @dependabot in #2725
- build(deps): bump google.golang.org/api from 0.104.0 to 0.105.0 by @dependabot in #2760
- build(deps): bump golang.org/x/net from 0.4.0 to 0.5.0 by @dependabot in #2774
- build(deps): bump google.golang.org/api from 0.105.0 to 0.106.0 by @dependabot in #2772
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.4.0 to 3.5.0 by @dependabot in #2770
- build(deps): bump golang.org/x/crypto from 0.4.0 to 0.5.0 by @dependabot in #2773
- build(deps): bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 by @dependabot in #2777
- build(deps): bump entgo.io/ent from 0.11.4 to 0.11.5 by @dependabot in #2779
- build(deps): bump alpine from 3.17.0 to 3.17.1 by @dependabot in #2780
- build(deps): bump mheap/github-action-required-labels from 2 to 3 by @dependabot in #2769
- build(deps): bump google.golang.org/api from 0.106.0 to 0.107.0 by @dependabot in #2788
- build(deps): bump golang from 1.19.4-alpine3.16 to 1.19.5-alpine3.16 by @dependabot in #2782
- build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 by @dependabot in #2783
- build(deps): bump google.golang.org/api from 0.107.0 to 0.108.0 by @dependabot in #2793
- build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 in /api/v2 by @dependabot in #2784
- chore: Upgrade golangci-lint to v1.50.1 from v1.46.0 by @dlipovetsky in #2790
- ci: Use go 1.19 by @dlipovetsky in #2791
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.6 to 3.5.7 by @dependabot in #2798
- build(deps): bump docker/build-push-action from 3 to 4 by @dependabot in #2807
- build(deps): bump golang from 1.19.5-alpine3.16 to 1.20.0-alpine3.16 by @dependabot in #2811
- build(deps): bump aquasecurity/trivy-action from 0.8.0 to 0.9.0 by @dependabot in #2810
- build(deps): bump alpine from 3.17.1 to 3.17.2 by @dependabot in #2821
- build(deps): bump aquasecurity/trivy-action from 0.9.0 to 0.9.1 by @dependabot in #2822
- build(deps): bump entgo.io/ent from 0.11.5 to 0.11.8 by @dependabot in #2823
- build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 by @dependabot in #2818
- build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 by @dependabot in #2828
- build(deps): bump golang.org/x/net from 0.4.0 to 0.7.0 in /api/v2 by @dependabot in #2832
- build(deps): bump golang.org/x/sys from 0.0.0-20220114195835-da31bd327af9 to 0.1.0 in /examples by @dependabot in #2837
- build(deps): bump golang.org/x/net from 0.0.0-20220114011407-0dd24b26b47d to 0.7.0 in /examples by @dependabot in #2846
- build(deps): bump golang from 1.20.0-alpine3.16 to 1.20.1-alpine3.16 by @dependabot in #2827
- build(deps): bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 by @dependabot in #2850
- build(deps): bump golang from 1.20.1-alpine3.16 to 1.20.2-alpine3.16 by @dependabot in #2849
- feat: Bump gomplate 3.11.4 by @nabokihms in #2840
- build(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in #2856
- build(deps): bump golang.org/x/oauth2 from 0.4.0 to 0.6.0 by @dependabot in #2847
- build(deps): bump google.golang.org/api from 0.108.0 to 0.112.0 by @dependabot in #2853
- build(deps): bump google.golang.org/api from 0.112.0 to 0.114.0 by @dependabot in #2869
- build(deps): bump actions/setup-go from 3 to 4 by @dependabot in #2863
- build(deps): bump github.com/russellhaering/goxmldsig from 1.2.0 to 1.3.0 by @dependabot in #2862
- build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 by @dependabot in #2866
- build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 in /api/v2 by @dependabot in #2867
- build(deps): bump golang.org/x/crypto from 0.0.0-20220112180741-5e0467b6c7ce to 0.1.0 in /examples by @dependabot in #2845
- build(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 in /api/v2 by @dependabot in #2816
- chore: upgrade tools by @sagikazarmark in #2870
Other Changes
- Bump image in examples/k8s/dex.yaml to v2.32.0 by @stealthybox in #2569
New Contributors
Contributors
sagikazarmark, xtremerui, and 8 other contributors
Assets 2
v2.35.3
v2.35.3
This tag was signed with the committer’s verified signature.
sagikazarmark
Márk Sági-Kazár
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.3
What's Changed
Dependency Updates ⬆️
- Backport #2705 to v2.35.x by @nabokihms in #2706
Full Changelog: v2.35.2...v2.35.3
Contributors
nabokihms
Assets 2
v2.35.2
v2.35.2
This tag was signed with the committer’s verified signature.
sagikazarmark
Márk Sági-Kazár
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.2
What's Changed
Bug Fixes 🐛
- Backport #2700 to v2.35.x by @sagikazarmark in #2702
Dependency Updates ⬆️
- Backport Go update to v2.35.x by @sagikazarmark in #2698
Full Changelog: v2.35.1...v2.35.2
Contributors
sagikazarmark
Assets 2
v2.35.1
v2.35.1
This tag was signed with the committer’s verified signature.
sagikazarmark
Márk Sági-Kazár
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.1
What's Changed
Bug Fixes 🐛
- Backport #2694 to v2.35.x by @sagikazarmark in #2696
Full Changelog: v2.35.0...v2.35.1
Contributors
sagikazarmark
Assets 2
v2.35.0
v2.35.0
This tag was signed with the committer’s verified signature.
sagikazarmark
Márk Sági-Kazár
If you use the Google connector, please upgrade to 2.35.1 instead.
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.0
What's Changed
Enhancements 🚀
- Reduce HTTP client creations in the Keystone connector by @erwinvaneyk in #2659
Bug Fixes 🐛
- fix for issue 2670; check for no serviceAccountFilePath and no email by @bobcallaway in #2679
- supply HMACKey in test case by @bobcallaway in #2683
- fix: refresh token only once for all concurrent requests by @nabokihms in #2692
Dependency Updates ⬆️
- build(deps): bump google.golang.org/api from 0.95.0 to 0.97.0 by @dependabot in #2677
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.4 to 3.5.5 by @dependabot in #2666
- build(deps): bump google.golang.org/api from 0.97.0 to 0.98.0 by @dependabot in #2682
- build(deps): bump helm/kind-action from 1.3.0 to 1.4.0 by @dependabot in #2681
- build(deps): bump entgo.io/ent from 0.11.2 to 0.11.3 by @dependabot in #2684
- Update golang.org/x packages by @sagikazarmark in #2688
New Contributors
Full Changelog: v2.34.0...v2.35.0
Contributors
sagikazarmark, erwinvaneyk, and 4 other contributors
Assets 2
v2.34.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.34.0
What's Changed
Exciting New Features 🎉
- updated gomplate version and added ppc64le support by @mayurwaghmode in #2620
Enhancements 🚀
- fix: Fallback when group claim is a string instead of an array of strings by @JoooostB in #2639
- feat(connector/authproxy): support multiple groups by @mclavel in #2643
- Implement Application Default Credentials for the google connector by @ichbinfrog in #2530
- build: bump Go version to 1.19 in Nix by @sagikazarmark in #2648
Dependency Updates ⬆️
- build(deps): bump alpine from 3.16.1 to 3.16.2 by @dependabot in #2624
- build(deps): bump github.com/prometheus/client_golang from 1.12.2 to 1.13.0 by @dependabot in #2623
- build(deps): bump aquasecurity/trivy-action from 0.6.1 to 0.7.0 by @dependabot in #2632
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.11 to 1.14.15 by @dependabot in #2634
- build(deps): bump aquasecurity/trivy-action from 0.7.0 to 0.7.1 by @dependabot in #2635
- build(deps): bump google.golang.org/api from 0.89.0 to 0.93.0 by @dependabot in #2633
- build(deps): bump google.golang.org/api from 0.93.0 to 0.94.0 by @dependabot in #2637
- chore: Bump ent to 0.11.2 by @nabokihms in #2640
- chore: Bump Go to 1.19 by @nabokihms in #2641
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.2.0 to 3.3.0 by @dependabot in #2646
- build(deps): bump google.golang.org/grpc from 1.47.0 to 1.49.0 by @dependabot in #2636
- build(deps): bump google.golang.org/protobuf from 1.28.0 to 1.28.1 in /api/v2 by @dependabot in #2611
- build(deps): bump golang from 1.19.0-alpine3.15 to 1.19.1-alpine3.15 by @dependabot in #2650
- chore: update alpine version in Go image by @sagikazarmark in #2656
- build(deps): bump github.com/lib/pq from 1.10.5 to 1.10.7 by @dependabot in #2651
- build(deps): bump google.golang.org/api from 0.94.0 to 0.95.0 by @dependabot in #2652
- build(deps): bump google.golang.org/grpc from 1.47.0 to 1.49.0 in /api/v2 by @dependabot in #2638
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.3.0 to 3.4.0 by @dependabot in #2658
New Contributors
- @mayurwaghmode made their first contribution in #2620
- @JoooostB made their first contribution in #2639
- @mclavel made their first contribution in #2643
- @ichbinfrog made their first contribution in #2530
Full Changelog: v2.33.0...v2.34.0
Contributors
mclavel, sagikazarmark, and 5 other contributors
Assets 2
v2.33.1
v2.33.1
This tag was signed with the committer’s verified signature.
sagikazarmark
Márk Sági-Kazár
What's Changed
Enhancements 🚀
- chore: upgrade alpine to 3.16.2 by @sagikazarmark in #2655
Full Changelog: v2.33.0...v2.33.1
Contributors
sagikazarmark
Assets 2
v2.33.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.33.0
What's Changed
Exciting New Features 🎉
- add PKCE support to device code flow by @bobcallaway in #2575
Enhancements 🚀
- Limit the amount of objects we attempt to GC on each cycle by @kellyma2 in #2524
- Use GitLab's refresh_token during Refresh. by @dhaus67 in #2352
- Add domainHint parameter to Microsoft Connector by @josephtknight in #2586
- add config to explicitly set scopes for microsoft connector by @bobcallaway in #2582
Bug Fixes 🐛
- fix: prevent cross-site scripting for the device flow by @nabokihms in #2468
- grpc-client: Do not crash on empty response by @bbusse in #2584
Dependency Updates ⬆️
- build(deps): bump helm/kind-action from 1.2.0 to 1.3.0 by @dependabot in #2555
- build(deps): bump aquasecurity/trivy-action from 0.3.0 to 0.4.0 by @dependabot in #2557
- build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.8.0 by @dependabot in #2577
- build(deps): bump aquasecurity/trivy-action from 0.4.0 to 0.5.1 by @dependabot in #2576
- build(deps): bump mheap/github-action-required-labels from 1 to 2 by @dependabot in #2565
- build(deps): bump google.golang.org/api from 0.82.0 to 0.86.0 by @dependabot in #2574
- build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 by @dependabot in #2560
- build(deps): bump aquasecurity/trivy-action from 0.5.1 to 0.6.0 by @dependabot in #2602
- build(deps): bump alpine from 3.16.0 to 3.16.1 by @dependabot in #2598
- build(deps): bump golang from 1.18.3-alpine3.15 to 1.18.4-alpine3.15 by @dependabot in #2592
- build(deps): bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 by @dependabot in #2599
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.2 to 3.4.4 by @dependabot in #2606
- build(deps): bump google.golang.org/api from 0.86.0 to 0.89.0 by @dependabot in #2605
- build(deps): bump aquasecurity/trivy-action from 0.6.0 to 0.6.1 by @dependabot in #2604
New Contributors
- @kellyma2 made their first contribution in #2524
- @josephtknight made their first contribution in #2586
- @bbusse made their first contribution in #2584
Full Changelog: v2.32.0...v2.33.0
Contributors
bobcallaway, bbusse, and 5 other contributors