v2.36.0
·
686 commits
to master
since this release
v2.36.0
sagikazarmark
Márk Sági-Kazár
This tag was signed with the committer’s verified signature.
sagikazarmark
Márk Sági-Kazár
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.36.0
What's Changed
Enhancements 🚀
- TLS configure for OIDC connector by @xtremerui in #1632
- Add icon for gitea by @pinpox in #2733
- fix: Do not use connector data from the refresh token field by @nabokihms in #2729
- Add preferredEmailDomain config option for GitHub connector by @nobuyo in #2740
- Move unique functionality into getGroups to reduce calls to google by @snuggie12 in #2628
- fix: prevent server-side request forgery using Kubernetes storage by @nabokihms in #2479
- fix: return 401 if password is invalid by @nabokihms in #2796
- feat: Add default robots.txt by @nabokihms in #2834
- Skip redirection to approval when it is not required (#2686) by @nobuyo in #2805
- feat: Bump dependencies and Makefile refactoring by @nabokihms in #2844
Bug Fixes 🐛
- Make admin email optional when no service account path is configured by @sagikazarmark in #2695
- Only initialize google admin service if necessary by @sagikazarmark in #2700
Dependency Updates ⬆️
- build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16 by @dependabot in #2697
- fix: Update gomplate version to 3.11.3 fix CVE-2022-27665 by @nabokihms in #2705
- build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by @dependabot in #2708
- build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 by @dependabot in #2715
- build(deps): bump google.golang.org/api from 0.98.0 to 0.101.0 by @dependabot in #2720
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.15 to 1.14.16 by @dependabot in #2721
- build(deps): bump aquasecurity/trivy-action from 0.7.1 to 0.8.0 by @dependabot in #2723
- build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 by @dependabot in #2718
- build(deps): bump golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16 by @dependabot in #2724
- build(deps): bump alpine from 3.16.2 to 3.17.0 by @dependabot in #2746
- build(deps): bump github.com/prometheus/client_golang from 1.13.0 to 1.14.0 by @dependabot in #2735
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.5 to 3.5.6 by @dependabot in #2744
- build(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 by @dependabot in #2751
- build(deps): bump golang from 1.19.3-alpine3.16 to 1.19.4-alpine3.16 by @dependabot in #2750
- build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 by @dependabot in #2755
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.5 to 3.5.6 by @dependabot in #2743
- build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 by @dependabot in #2754
- build(deps): bump helm/kind-action from 1.4.0 to 1.5.0 by @dependabot in #2758
- build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0 by @dependabot in #2741
- build(deps): bump google.golang.org/api from 0.101.0 to 0.104.0 by @dependabot in #2753
- build(deps): bump google.golang.org/grpc from 1.49.0 to 1.51.0 in /api/v2 by @dependabot in #2742
- build(deps): bump golang.org/x/net from 0.3.0 to 0.4.0 by @dependabot in #2761
- build(deps): bump entgo.io/ent from 0.11.3 to 0.11.4 by @dependabot in #2725
- build(deps): bump google.golang.org/api from 0.104.0 to 0.105.0 by @dependabot in #2760
- build(deps): bump golang.org/x/net from 0.4.0 to 0.5.0 by @dependabot in #2774
- build(deps): bump google.golang.org/api from 0.105.0 to 0.106.0 by @dependabot in #2772
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.4.0 to 3.5.0 by @dependabot in #2770
- build(deps): bump golang.org/x/crypto from 0.4.0 to 0.5.0 by @dependabot in #2773
- build(deps): bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 by @dependabot in #2777
- build(deps): bump entgo.io/ent from 0.11.4 to 0.11.5 by @dependabot in #2779
- build(deps): bump alpine from 3.17.0 to 3.17.1 by @dependabot in #2780
- build(deps): bump mheap/github-action-required-labels from 2 to 3 by @dependabot in #2769
- build(deps): bump google.golang.org/api from 0.106.0 to 0.107.0 by @dependabot in #2788
- build(deps): bump golang from 1.19.4-alpine3.16 to 1.19.5-alpine3.16 by @dependabot in #2782
- build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 by @dependabot in #2783
- build(deps): bump google.golang.org/api from 0.107.0 to 0.108.0 by @dependabot in #2793
- build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 in /api/v2 by @dependabot in #2784
- chore: Upgrade golangci-lint to v1.50.1 from v1.46.0 by @dlipovetsky in #2790
- ci: Use go 1.19 by @dlipovetsky in #2791
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.6 to 3.5.7 by @dependabot in #2798
- build(deps): bump docker/build-push-action from 3 to 4 by @dependabot in #2807
- build(deps): bump golang from 1.19.5-alpine3.16 to 1.20.0-alpine3.16 by @dependabot in #2811
- build(deps): bump aquasecurity/trivy-action from 0.8.0 to 0.9.0 by @dependabot in #2810
- build(deps): bump alpine from 3.17.1 to 3.17.2 by @dependabot in #2821
- build(deps): bump aquasecurity/trivy-action from 0.9.0 to 0.9.1 by @dependabot in #2822
- build(deps): bump entgo.io/ent from 0.11.5 to 0.11.8 by @dependabot in #2823
- build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 by @dependabot in #2818
- build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 by @dependabot in #2828
- build(deps): bump golang.org/x/net from 0.4.0 to 0.7.0 in /api/v2 by @dependabot in #2832
- build(deps): bump golang.org/x/sys from 0.0.0-20220114195835-da31bd327af9 to 0.1.0 in /examples by @dependabot in #2837
- build(deps): bump golang.org/x/net from 0.0.0-20220114011407-0dd24b26b47d to 0.7.0 in /examples by @dependabot in #2846
- build(deps): bump golang from 1.20.0-alpine3.16 to 1.20.1-alpine3.16 by @dependabot in #2827
- build(deps): bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 by @dependabot in #2850
- build(deps): bump golang from 1.20.1-alpine3.16 to 1.20.2-alpine3.16 by @dependabot in #2849
- feat: Bump gomplate 3.11.4 by @nabokihms in #2840
- build(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in #2856
- build(deps): bump golang.org/x/oauth2 from 0.4.0 to 0.6.0 by @dependabot in #2847
- build(deps): bump google.golang.org/api from 0.108.0 to 0.112.0 by @dependabot in #2853
- build(deps): bump google.golang.org/api from 0.112.0 to 0.114.0 by @dependabot in #2869
- build(deps): bump actions/setup-go from 3 to 4 by @dependabot in #2863
- build(deps): bump github.com/russellhaering/goxmldsig from 1.2.0 to 1.3.0 by @dependabot in #2862
- build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 by @dependabot in #2866
- build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 in /api/v2 by @dependabot in #2867
- build(deps): bump golang.org/x/crypto from 0.0.0-20220112180741-5e0467b6c7ce to 0.1.0 in /examples by @dependabot in #2845
- build(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 in /api/v2 by @dependabot in #2816
- chore: upgrade tools by @sagikazarmark in #2870
Other Changes
- Bump image in examples/k8s/dex.yaml to v2.32.0 by @stealthybox in #2569
New Contributors
- @pinpox made their first contribution in #2733
- @nobuyo made their first contribution in #2740
- @dlipovetsky made their first contribution in #2790
- @seankhliao made their first contribution in #2812
- @stealthybox made their first contribution in #2569
Full Changelog: v2.35.3...v2.36.0
Contributors
sagikazarmark, xtremerui, and 8 other contributors
Assets 2
1
Join discussion