Releases: dexidp/dex
v2.33.1
What's Changed
Enhancements 🚀
- chore: upgrade alpine to 3.16.2 by @sagikazarmark in #2655
Full Changelog: v2.33.0...v2.33.1
v2.33.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.33.0
What's Changed
Exciting New Features 🎉
- add PKCE support to device code flow by @bobcallaway in #2575
Enhancements 🚀
- Limit the amount of objects we attempt to GC on each cycle by @kellyma2 in #2524
- Use GitLab's refresh_token during Refresh. by @dhaus67 in #2352
- Add domainHint parameter to Microsoft Connector by @josephtknight in #2586
- add config to explicitly set scopes for microsoft connector by @bobcallaway in #2582
Bug Fixes 🐛
- fix: prevent cross-site scripting for the device flow by @nabokihms in #2468
- grpc-client: Do not crash on empty response by @bbusse in #2584
Dependency Updates ⬆️
- build(deps): bump helm/kind-action from 1.2.0 to 1.3.0 by @dependabot in #2555
- build(deps): bump aquasecurity/trivy-action from 0.3.0 to 0.4.0 by @dependabot in #2557
- build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.8.0 by @dependabot in #2577
- build(deps): bump aquasecurity/trivy-action from 0.4.0 to 0.5.1 by @dependabot in #2576
- build(deps): bump mheap/github-action-required-labels from 1 to 2 by @dependabot in #2565
- build(deps): bump google.golang.org/api from 0.82.0 to 0.86.0 by @dependabot in #2574
- build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 by @dependabot in #2560
- build(deps): bump aquasecurity/trivy-action from 0.5.1 to 0.6.0 by @dependabot in #2602
- build(deps): bump alpine from 3.16.0 to 3.16.1 by @dependabot in #2598
- build(deps): bump golang from 1.18.3-alpine3.15 to 1.18.4-alpine3.15 by @dependabot in #2592
- build(deps): bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 by @dependabot in #2599
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.2 to 3.4.4 by @dependabot in #2606
- build(deps): bump google.golang.org/api from 0.86.0 to 0.89.0 by @dependabot in #2605
- build(deps): bump aquasecurity/trivy-action from 0.6.0 to 0.6.1 by @dependabot in #2604
New Contributors
- @kellyma2 made their first contribution in #2524
- @josephtknight made their first contribution in #2586
- @bbusse made their first contribution in #2584
Full Changelog: v2.32.0...v2.33.0
v2.32.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.32.0
What's Changed
Exciting New Features 🎉
- Publish official distroless images by @sagikazarmark in #2478
- Feature: groups in Gitea by @techknowlogick in #1789
Enhancements 🚀
- Add support for RefreshConnector for openshift connector. by @dhaus67 in #2342
- Allow configuration of returned groups via authproxy connector by @seuf in #2371
- Add acr_values support for OIDC by @dirien in #2418
- fix: Implicit Grant discovery by @nabokihms in #2433
- fix: log only errors on refreshing by @nabokihms in #2470
- Create setting to allow to trust the system root CAs by @dhaus67 in #2430
- Add numeric user ID support for oauth connector by @tsl0922 in #2483
- Remove google specific hd / hosted domain claim config from oidc connector by @Blorpy in #2511
- OIDC connector: Support cases where there is no id_token when using a refresh_token grant by @Blorpy in #2522
- feat: add enhancement template by @nabokihms in #2486
- Release note configuration by @sagikazarmark in #2463
- fix: add notification about groups access to the Grant Access page by @nabokihms in #2533
- feat: enable profiling endpoints by @nabokihms in #2482
Bug Fixes 🐛
- Build multi-platform images in a single build job by @sagikazarmark in #2487
- Fixes #2537 by @ShivanshVij in #2538
- correctly handle path escaping for connector IDs by @bobcallaway in #2290
Dependency Updates ⬆️
- build(deps): bump golang from 1.17.6-alpine3.14 to 1.17.7-alpine3.14 by @dependabot in #2411
- build(deps): bump google.golang.org/api from 0.68.0 to 0.69.0 by @dependabot in #2415
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.1 to 3.4.2 by @dependabot in #2416
- build(deps): bump google.golang.org/api from 0.69.0 to 0.70.0 by @dependabot in #2419
- build(deps): bump actions/checkout from 2 to 3 by @dependabot in #2422
- build(deps): bump github.com/russellhaering/goxmldsig from 1.1.1 to 1.2.0 by @dependabot in #2424
- build(deps): bump golang from 1.17.7-alpine3.14 to 1.17.8-alpine3.14 by @dependabot in #2426
- build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 by @dependabot in #2437
- build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 by @dependabot in #2440
- build(deps): bump alpine from 3.15.0 to 3.15.1 by @dependabot in #2444
- build(deps): bump alpine from 3.15.1 to 3.15.3 by @dependabot in #2456
- build(deps): bump alpine from 3.15.3 to 3.15.4 by @dependabot in #2461
- build(deps): bump google.golang.org/api from 0.70.0 to 0.74.0 by @dependabot in #2458
- build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0 by @dependabot in #2451
- Update ent by @sagikazarmark in #2428
- build(deps): bump aquasecurity/trivy-action from 0.2.2 to 0.2.3 by @dependabot in #2466
- build(deps): bump actions/setup-go from 2 to 3 by @dependabot in #2467
- Bump Alpine to latest version by @MattiasGees in #2471
- build(deps): bump aquasecurity/trivy-action from 0.2.4 to 0.2.5 by @dependabot in #2481
- build(deps): bump github/codeql-action from 1 to 2 by @dependabot in #2494
- build(deps): bump docker/build-push-action from 2 to 3 by @dependabot in #2510
- build(deps): bump docker/metadata-action from 3 to 4 by @dependabot in #2509
- build(deps): bump docker/login-action from 1 to 2 by @dependabot in #2507
- build(deps): bump docker/setup-qemu-action from 1 to 2 by @dependabot in #2508
- build(deps): bump docker/setup-buildx-action from 1 to 2 by @dependabot in #2506
- build(deps): bump aquasecurity/trivy-action from 0.2.5 to 0.3.0 by @dependabot in #2525
- chore: Go mod update 1.17 by @nabokihms in #2532
- build(deps): bump alpine from 3.15.4 to 3.16.0 by @dependabot in #2531
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.2 to 3.5.4 by @dependabot in #2491
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.1.0 to 3.2.0 by @dependabot in #2528
- build(deps): bump google.golang.org/grpc from 1.45.0 to 1.46.2 by @dependabot in #2526
- build(deps): bump github.com/prometheus/client_golang from 1.12.1 to 1.12.2 by @dependabot in #2529
- build(deps): bump github.com/felixge/httpsnoop from 1.0.2 to 1.0.3 by @dependabot in #2527
- build(deps): bump google.golang.org/api from 0.74.0 to 0.81.0 by @dependabot in #2534
- build(deps): bump google.golang.org/grpc from 1.44.0 to 1.46.2 in /api/v2 by @dependabot in #2517
- build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0 in /api/v2 by @dependabot in #2452
- feat: upgrade Go to 1.18 by @sagikazarmark in #2441
- build(deps): bump golang from 1.18.0-alpine3.15 to 1.18.2-alpine3.15 by @dependabot in #2535
- build(deps): bump google.golang.org/api from 0.81.0 to 0.82.0 by @dependabot in #2549
- build(deps): bump google.golang.org/grpc from 1.46.2 to 1.47.0 by @dependabot in #2543
- build(deps): bump golang from 1.18.2-alpine3.15 to 1.18.3-alpine3.15 by @dependabot in #2548
- build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 by @dependabot in #2550
- chore(deps): update grpc by @sagikazarmark in #2551
Other Changes
- Update alpine version by @sagikazarmark in #2446
- New docker image build by @sagikazarmark in #2474
- Qemu tweaks by @sagikazarmark in #2480
- Add docker metadata action by @sagikazarmark in #2488
- ci: use docker metadata for build input by @sagikazarmark in #2489
- chore: do not use caching for docker build by @nabokihms in #2516
- Bump lint timeout to reduce the number of failed executions by @nabokihms in #2523
New Contributors
- @dhaus67 made their first contribution in #2342
- @dirien made their first contribution in #2418
- @MattiasGees made their first contribution in #2471
- @tsl0922 made their first contribution in #2483
- @Blorpy made their first contribution in #2511
- @ShivanshVij made their first contribution in #2538
Full Changelog: v2.31.0...v2.32.0
v2.31.2
This is a maintenance release upgrading Go to apply some security patches.
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.31.2
What's Changed
- Update go to 1.17.10 by @sagikazarmark in #2536
Full Changelog: v2.31.1...v2.31.2
v2.31.1
This is a maintenance release upgrading Go to apply some security patches.
What's Changed
- Update golang image by @sagikazarmark in #2447
Full Changelog: v2.31.0...v2.31.1
v2.31.0
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.31.0
What's Changed
- Bump Dex image to v2.30.0 for Kubernetes deployment example by @rdimitrov in #2232
- Update Go to 1.17 by @sagikazarmark in #2247
- refactor: move from io/ioutil to io and os package by @Juneezee in #2278
- feat: Add MySQL ent-based storage driver by @nabokihms in #2272
- chore: fix ioutil lint error after merging MySQL ent storage by @nabokihms in #2282
- Add parametrization of grant type supported in discovery endpoint by @ariary in #2265
- Resolves #2111 Option to fetch transitive group membership by @snuggie12 in #2268
- Return valid JWT access token from password grant by @enj in #2234
- fix: do not update offlinesession lastUsed field if refresh token was not updated by @nabokihms in #2300
- fix web static file path slash error for win platform by @copperyp in #2305
- Update grpc by @sagikazarmark in #2321
- ci: fix container image permissions by @sagikazarmark in #2329
- feat: print dex version in the logs by @iam-veeramalla in #2337
- OAuth connector by @xtremerui in #1630
- fix: return invalid_grant error on claiming token of another client by @nabokihms in #2344
- chore: warning about deprecated LDAP groupSearch fields by @nabokihms in #2026
- Add Nix environment by @sagikazarmark in #2324
- Update dependencies in the examples package by @sagikazarmark in #2372
- add sigstore to ADOPTERS.md by @bobcallaway in #2374
- Add claimMapping enforcement by @Happy2C0de in #2233
- ci: run trivy scan on container image by @sagikazarmark in #2387
- chore: update gomplate by @sagikazarmark in #2388
- chore: update golangci-lint download script by @nabokihms in #2394
- [fix] Replace /teams API w/ /workspaces endpoints by @rahulchheda in #2390
- ci: add Docker cache to speed builds up by @sagikazarmark in #2400
- distroless: Dockerfile works with distroless base image by @ankeesler in #2378
- Update dependencies by @sagikazarmark in #2404
- Update API package by @sagikazarmark in #2405
Dependency updates
- build(deps): bump entgo.io/ent from 0.8.0 to 0.9.0 by @dependabot in #2226
- build(deps): bump golang from 1.16.6-alpine3.13 to 1.16.7-alpine3.13 by @dependabot in #2225
- build(deps): bump google.golang.org/grpc from 1.39.0 to 1.39.1 by @dependabot in #2227
- build(deps): bump google.golang.org/api from 0.52.0 to 0.53.0 by @dependabot in #2235
- build(deps): bump google.golang.org/grpc from 1.39.1 to 1.40.0 by @dependabot in #2236
- build(deps): bump alpine from 3.14.0 to 3.14.1 by @dependabot in #2229
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.3.0 to 3.4.0 by @dependabot in #2239
- build(deps): bump google.golang.org/api from 0.53.0 to 0.54.0 by @dependabot in #2241
- build(deps): bump github.com/AppsFlyer/go-sundheit from 0.4.0 to 0.5.0 by @dependabot in #2240
- build(deps): bump google.golang.org/protobuf from 1.26.0 to 1.27.1 in /api/v2 by @dependabot in #2243
- build(deps): bump google.golang.org/grpc from 1.36.1 to 1.40.0 in /api/v2 by @dependabot in #2242
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.0 to 3.4.1 by @dependabot in #2246
- build(deps): bump entgo.io/ent from 0.9.0 to 0.9.1 by @dependabot in #2249
- build(deps): bump alpine from 3.14.1 to 3.14.2 by @dependabot in #2258
- build(deps): bump google.golang.org/api from 0.54.0 to 0.55.0 by @dependabot in #2259
- build(deps): bump google.golang.org/api from 0.55.0 to 0.56.0 by @dependabot in #2262
- build(deps): bump github.com/lib/pq from 1.10.2 to 1.10.3 by @dependabot in #2263
- build(deps): bump github.com/russellhaering/goxmldsig from 1.1.0 to 1.1.1 by @dependabot in #2270
- build(deps): bump golang from 1.17.0-alpine3.14 to 1.17.1-alpine3.14 by @dependabot in #2269
- build(deps): bump google.golang.org/api from 0.56.0 to 0.57.0 by @dependabot in #2277
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.1.0 by @dependabot in #2279
- build(deps): bump golang from 1.17.1-alpine3.14 to 1.17.2-alpine3.14 by @dependabot in #2292
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.0 to 3.5.1 by @dependabot in #2298
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.0 to 3.5.1 by @dependabot in #2299
- build(deps): bump google.golang.org/grpc from 1.40.0 to 1.41.0 by @dependabot in #2285
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.8 to 1.14.9 by @dependabot in #2302
- build(deps): bump google.golang.org/grpc from 1.40.0 to 1.41.0 in /api/v2 by @dependabot in #2286
- build(deps): bump google.golang.org/api from 0.57.0 to 0.58.0 by @dependabot in #2287
- build(deps): bump google.golang.org/api from 0.58.0 to 0.59.0 by @dependabot in #2303
- build(deps): bump google.golang.org/api from 0.59.0 to 0.60.0 by @dependabot in #2308
- build(deps): bump golang from 1.17.2-alpine3.14 to 1.17.3-alpine3.14 by @dependabot in #2317
- build(deps): bump github.com/lib/pq from 1.10.3 to 1.10.4 by @dependabot in #2320
- build(deps): bump alpine from 3.14.2 to 3.14.3 by @dependabot in #2325
- build(deps): bump alpine from 3.14.3 to 3.15.0 by @dependabot in #2336
- build(deps): bump google.golang.org/api from 0.60.0 to 0.61.0 by @dependabot in #2341
- build(deps): bump golang from 1.17.3-alpine3.14 to 1.17.4-alpine3.14 by @dependabot in #2345
- build(deps): bump google.golang.org/api from 0.61.0 to 0.62.0 by @dependabot in #2348
- build(deps): bump golang from 1.17.4-alpine3.14 to 1.17.5-alpine3.14 by @dependabot in #2349
- build(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0 by @dependabot in #2354
- build(deps): bump google.golang.org/api from 0.62.0 to 0.63.0 by @dependabot in #2353
- build(deps): bump google.golang.org/grpc from 1.42.0 to 1.43.0 by @dependabot in #2355
- build(deps): bump google.golang.org/grpc from 1.42.0 to 1.43.0 in /api/v2 by @dependabot in #2356
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.9 to 1.14.10 by @dependabot in #2362
- build(deps): bump golang from 1.17.5-alpine3.14 to 1.17.6-alpine3.14 by @dependabot in #2363
- build(deps): bump google.golang.org/api from 0.63.0 to 0.64.0 by @dependabot in #2364
- build(deps): bump google.golang.org/api from 0.64.0 to 0.65.0 by @dependabot in #2368
- build(deps): bump github.com/prometheus/client_golang from 1.11.0 to 1.12.0 by @dependabot in #2380
- build(deps): bump google.golang.org/grpc from 1.43.0 to 1.44.0 by @dependabot in #2384
- build(deps): bump google.golang.org/grpc from 1.43.0 to 1.44.0 in /api/v2 by @dependabot in #2385
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.1 to 3.5.2 by @dependabot in #2395
- build(deps): bump aquasecurity/trivy-action from 0.2.1 to 0.2.2 by @dependabot in #2398
- build(deps): bump google.golang.org/api from 0.65.0 to 0.67.0 by @dependabot in #2399
- build(deps): bump github.com/prometheus/client_golang from 1.12.0 to 1.12.1 by @dependabot in #2393
New Contributors
- @rdimitrov made their first contribution in #2232
- @Juneezee made their first contribution in #2278
- @ariary made their first contribution in #2265
- @snuggie12 made their first contrib...
v2.30.3
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.3
Bugfixes:
-
Bitbucket Cloud connector: replace
/teams
API w//workspaces
(#2390, @rahulchheda)Note: Deprecated
/teams
endpoints were deleted by Atlassian, which broke the Bitbucket Cloud connector. Thus anyone using authentication through Bitbucket Cloud should upgrade Dex to the>= v2.30.3
version.
v2.30.2
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.2
This version is identical to v2.30.1.
We had some issues with CI when tagging v2.30.1 and tried tagging one more time. Ultimately, it turned out to be a permission issue. After fixing that both builds completed successfully.
v2.30.1
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.1
Security:
- Upgrade alpine (#2327, @sagikazarmark)
v2.30.0
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.0
Features:
- Improve auth flow error handling (#1862, @tkleczek)
- Create CRDs as
apiextensions.k8s.io/v1
(#2025, @nabokihms) - Read a namespace from the file for the Kubernetes storage client (#2092, @nabokihms)
- Update token periodically if Dex is running in a Kubernetes cluster (#2112, @nabokihms)
Bugfixes:
- Fix refreshing tokens that obtained with the password grant type (#2199, @hensur)
- Use only one sqlite3 connection to avoid the "database is locked" error (#2212, @salmanisd)
Minor changes:
- Add the ent-based postgres storage (#2121, @nabokihms)
- Demonstrate use of the
htpasswd
for the bCrypt hashing in static passwords (#2218, @jglick)
Dependencies:
- github.com/spf13/cobra 1.1.3 -> 1.2.1
- google.golang.org/grpc 1.38.0 -> 1.39.0
- google.golang.org/api 0.49.0 -> 0.52.0
- Build
golang
docker image 1.16.5-alpine3.13 -> 1.16.6-alpine3.13