v2.44.0

What's Changed

Enhancements 🚀

• Allow server startup with partial connector failures by @manojVivek in #4159
• Add recursive LDAP parent group search (AD-style hierarchy across all LDAPs) by @EthanDieterich in #4113
• feat: Add ModifyGroupNames claimMutation to oidc connector by @peschmae in #4144
• authproxy connector: add support for specifying group header separator by @a-buck in #3745
• fix: join issuer URL with discovery path without extra slash after issuer URL by @vizv in #4263
• feat: grpc api list clients by @daemonfire300 in #4202

Bug Fixes 🐛

• 🐛 remove extra method="get" from device-code template by @tuminoid in #4145
• [oidc] pass httpClient to the TokenIdentity context by @marriva in #4223
• Resolve CVE by updating gomplate to 4.3.3 by @philBrown in #4224
• fix: device code should not require scope by @cardoe in #4203
• fix: device code pending HTTP response by @cardoe in #4204
• Allow compilation without CGO by @nabokihms in #4266

Dependency Updates ⬆️

• Resolve CVE by updating gomplate to 4.3.2 by @nathanlaceyraft in #4146
• build(deps): bump actions/attest-build-provenance from 2.3.0 to 2.4.0 by @dependabot[bot] in #4180
• build(deps): bump golang.org/x/net from 0.40.0 to 0.41.0 by @dependabot[bot] in #4171
• build(deps): bump google.golang.org/grpc from 1.72.1 to 1.73.0 in /examples by @dependabot[bot] in #4174
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.0 by @dependabot[bot] in #4179
• build(deps): bump aquasecurity/trivy-action from 0.30.0 to 0.31.0 by @dependabot[bot] in #4167
• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot[bot] in #4162
• build(deps): bump docker/build-push-action from 6.17.0 to 6.18.0 by @dependabot[bot] in #4155
• build(deps): bump distroless/static-debian12 from 188ddfb to 627d6c5 by @dependabot[bot] in #4181
• build(deps): bump sigstore/cosign-installer from 3.8.2 to 3.9.0 by @dependabot[bot] in #4187
• build(deps): bump google.golang.org/api from 0.233.0 to 0.238.0 by @dependabot[bot] in #4186
• build(deps): bump docker/setup-buildx-action from 3.10.0 to 3.11.0 by @dependabot[bot] in #4185
• build(deps): bump anchore/sbom-action from 0.20.0 to 0.20.1 by @dependabot[bot] in #4184
• build(deps): bump github.com/go-sql-driver/mysql from 1.9.2 to 1.9.3 by @dependabot[bot] in #4183
• build(deps): bump the etcd group with 2 updates by @dependabot[bot] in #4175
• build(deps): bump alpine from 3.21.3 to 3.22.0 by @dependabot[bot] in #4163
• build(deps): bump google.golang.org/grpc from 1.72.1 to 1.73.0 in /api/v2 by @dependabot[bot] in #4170
• build(deps): bump docker/setup-buildx-action from 3.11.0 to 3.11.1 by @dependabot[bot] in #4189
• build(deps): bump mheap/github-action-required-labels from 5.5.0 to 5.5.1 by @dependabot[bot] in #4190
• build(deps): bump google.golang.org/grpc from 1.73.0 to 1.74.0 in /examples by @dependabot[bot] in #4219
• build(deps): bump anchore/sbom-action from 0.20.1 to 0.20.2 by @dependabot[bot] in #4205
• build(deps): bump sigstore/cosign-installer from 3.9.0 to 3.9.2 by @dependabot[bot] in #4225
• build(deps): bump aquasecurity/trivy-action from 0.31.0 to 0.32.0 by @dependabot[bot] in #4210
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.0 to 4.1.1 by @dependabot[bot] in #4196
• build(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 by @dependabot[bot] in #4214
• build(deps): bump alpine from 3.22.0 to 3.22.1 by @dependabot[bot] in #4217
• build(deps): bump the etcd group with 2 updates by @dependabot[bot] in #4213
• build(deps): bump github.com/oklog/run from 1.1.0 to 1.2.0 by @dependabot[bot] in #4199
• build(deps): bump github.com/mattn/go-sqlite3 from 1.14.28 to 1.14.29 by @dependabot[bot] in #4239
• build(deps): bump github/codeql-action from 3.29.0 to 3.29.4 by @dependabot[bot] in #4238
• build(deps): bump google.golang.org/grpc from 1.73.0 to 1.74.2 by @dependabot[bot] in #4235
• build(deps): bump the etcd group with 2 updates by @dependabot[bot] in #4233
• build(deps): bump google.golang.org/grpc from 1.74.0 to 1.74.2 in /examples by @dependabot[bot] in #4232
• build(deps): bump anchore/sbom-action from 0.20.2 to 0.20.4 by @dependabot[bot] in #4229
• build(deps): bump google.golang.org/api from 0.238.0 to 0.243.0 by @dependabot[bot] in #4234
• build(deps): bump golang.org/x/net from 0.41.0 to 0.42.0 by @dependabot[bot] in #4227
• build(deps): bump github.com/coreos/go-oidc/v3 from 3.14.1 to 3.15.0 in /examples by @dependabot[bot] in #4246
• build(deps): bump the etcd group with 2 updates by @dependabot[bot] in #4243
• build(deps): bump distroless/static-debian12 from 627d6c5 to cdf4daa by @dependabot[bot] in #4253
• build(deps): bump docker/metadata-action from 5.7.0 to 5.8.0 by @dependabot[bot] in #4252
• build(deps): bump github.com/mattn/go-sqlite3 from 1.14.29 to 1.14.30 by @dependabot[bot] in #4249
• build(deps): bump github/codeql-action from 3.29.4 to 3.29.5 by @dependabot[bot] in #4244
• build(deps): bump google.golang.org/api from 0.243.0 to 0.244.0 by @dependabot[bot] in #4247
• build(deps): bump docker/login-action from 3.4.0 to 3.5.0 by @dependabot[bot] in #4254
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.1 to 4.1.2 by @dependabot[bot] in #4255
• build(deps): bump github.com/prometheus/client_golang from 1.22.0 to 1.23.0 by @dependabot[bot] in #4257
• build(deps): bump google.golang.org/api from 0.244.0 to 0.246.0 by @dependabot[bot] in #4258
• build(deps): bump anchore/sbom-action from 0.20.4 to 0.20.5 by @dependabot[bot] in #4272
• build(deps): bump github.com/mattn/go-sqlite3 from 1.14.30 to 1.14.32 by @dependabot[bot] in #4271
• build(deps): bump github/codeql-action from 3.29.7 to 3.29.9 by @dependabot[bot] in #4269
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #4267
• build(deps): bump golang.org/x/net from 0.42.0 to 0.43.0 by @dependabot[bot] in #4262
• build(deps): bump actions/cache from 4.2.3 to 4.2.4 by @dependabot[bot] in #4261
• build(deps): bump cloud.google.com/go/compute/metadata from 0.7.0 to 0.8.0 by @dependabot[bot] in #4259
• build(deps): bump google.golang.org/protobuf from 1.36.6 to 1.36.7 by @dependabot[bot] in #4275
• build(deps): bump google.golang.org/api from 0.246.0 to 0.247.0 by @dependabot[bot] in #4274
• chore: update ent generated code by @sagikazarmark in #4276
• feat: update Go to 1.25 by @sagikazarmark in #4277
• build(deps): bump google.golang.org/grpc from 1.73.0 to 1.74.2 in /api/v2 by @dependabot[bot] in #4236
• build(deps): bump google.golang.org/protobuf from 1.36.6 to 1.36.7 in /api/v2 by @dependabot[bot] in #4260
• build(deps): bump actions/dependency-review-action from 4.7.1 to 4.7.2 by @dependabot[bot] in #4278
• build(deps): bump distroless/static-debian12 from cdf4daa to a9f88e0 by @dependabot[bot] in #4291
• build(deps): bump github.com/beevik/etree from 1.5.1 to 1.6.0 by @dependabot[bot] in #4288
• build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @dependabot[bot] in #4287
• build(deps): bump google.golang.org/grpc from 1.74.2 to 1.75.0 in /examples by @dependabot[bot] in #4282
• build(deps): bump google.golang.org/grpc from 1.74.2 to 1.75.0 by @dependabot[bot] in https://github.com...

v2.43.1

What's Changed

Dependency Updates ⬆️

• Backport #4146 to 2.43.x by @sagikazarmark in #4148

Full Changelog: v2.43.0...v2.43.1

v2.43.0

What's Changed

Enhancements 🚀

• Generate access tokens for implicit & hybrid flows only when needed by @mfila in #3857
• k8s storage: Request only one object to check if API exists by @nabokihms in #4027
• refactor: simplify tests by using slog.DiscardHandler by @alexandear in #4058

Bug Fixes 🐛

• Fix Makefile to Support Spaces in Paths by @EthanDieterich in #4000
• fix: remove version controlled files from dockerignore by @sagikazarmark in #4087
• fix Incorrect Group Handling in RequestContextHandler logger.go by @alihasan070707 in #4082

Dependency Updates ⬆️

• build(deps): bump actions/cache from 4.2.0 to 4.2.1 by @dependabot in #3998
• build(deps): bump docker/build-push-action from 6.13.0 to 6.14.0 by @dependabot in #3997
• build(deps): bump github.com/dexidp/dex/api/v2 from 2.2.0 to 2.3.0 in /examples by @dependabot in #3996
• build(deps): bump github.com/prometheus/client_golang from 1.20.5 to 1.21.0 by @dependabot in #3995
• build(deps): bump google.golang.org/api from 0.221.0 to 0.222.0 by @dependabot in #3994
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 in the go_modules group by @dependabot in #4008
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.5 in /examples in the go_modules group by @dependabot in #4007
• build(deps): bump golang from 1.24.0-alpine3.20 to 1.24.1-alpine3.20 by @dependabot in #4021
• build(deps): bump sigstore/cosign-installer from 3.8.0 to 3.8.1 by @dependabot in #4001
• build(deps): bump github/codeql-action from 3.28.9 to 3.28.11 by @dependabot in #4038
• build(deps): bump golang.org/x/net from 0.35.0 to 0.36.0 in the go_modules group by @dependabot in #4043
• build(deps): bump distroless/static-debian12 from 6ec5aa9 to b35229a by @dependabot in #4052
• build(deps): bump google.golang.org/api from 0.222.0 to 0.228.0 by @dependabot in #4059
• build(deps): bump distroless/static-debian12 from b35229a to c0f429e by @dependabot in #4062
• build(deps): bump golang.org/x/net from 0.36.0 to 0.38.0 by @dependabot in #4060
• build(deps): bump actions/upload-artifact from 4.6.0 to 4.6.2 by @dependabot in #4053
• build(deps): bump docker/build-push-action from 6.14.0 to 6.15.0 by @dependabot in #4039
• build(deps): bump google.golang.org/grpc from 1.70.0 to 1.71.1 by @dependabot in #4064
• build(deps): bump docker/setup-qemu-action from 3.4.0 to 3.6.0 by @dependabot in #4031
• build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 by @dependabot in #4005
• build(deps): bump docker/setup-buildx-action from 3.9.0 to 3.10.0 by @dependabot in #4014
• build(deps): bump github.com/prometheus/client_golang from 1.21.0 to 1.22.0 by @dependabot in #4083
• build(deps): bump github.com/go-sql-driver/mysql from 1.9.0 to 1.9.2 by @dependabot in #4080
• build(deps): bump golang from 1.24.1-alpine3.20 to 1.24.2-alpine3.20 by @dependabot in #4079
• build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.18 to 3.5.21 by @dependabot in #4074
• build(deps): bump actions/cache from 4.2.1 to 4.2.3 by @dependabot in #4072
• build(deps): bump actions/attest-build-provenance from 2.2.0 to 2.2.3 by @dependabot in #4071
• build(deps): bump docker/login-action from 3.3.0 to 3.4.0 by @dependabot in #4070
• build(deps): bump actions/setup-go from 5.3.0 to 5.4.0 by @dependabot in #4069
• build(deps): bump docker/metadata-action from 5.6.1 to 5.7.0 by @dependabot in #4068
• build(deps): bump github.com/russellhaering/goxmldsig from 1.4.0 to 1.5.0 by @dependabot in #4073
• build(deps): bump github.com/beevik/etree from 1.5.0 to 1.5.1 by @dependabot in #4096
• build(deps): bump golang.org/x/oauth2 from 0.28.0 to 0.29.0 by @dependabot in #4095
• build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.10 to 3.4.11 by @dependabot in #4093
• build(deps): bump actions/dependency-review-action from 4.5.0 to 4.6.0 by @dependabot in #4092
• build(deps): bump github/codeql-action from 3.28.11 to 3.28.15 by @dependabot in #4091
• build(deps): bump aquasecurity/trivy-action from 0.29.0 to 0.30.0 by @dependabot in #4090
• build(deps): bump golang.org/x/net from 0.38.0 to 0.39.0 by @dependabot in #4094
• build(deps): bump github/codeql-action from 3.28.15 to 3.28.17 by @dependabot in #4116
• build(deps): bump google.golang.org/api from 0.228.0 to 0.231.0 by @dependabot in #4114
• build(deps): bump actions/attest-build-provenance from 2.2.3 to 2.3.0 by @dependabot in #4111
• build(deps): bump anchore/sbom-action from 0.18.0 to 0.19.0 by @dependabot in #4109
• build(deps): bump docker/build-push-action from 6.15.0 to 6.16.0 by @dependabot in #4108
• build(deps): bump github.com/fsnotify/fsnotify from 1.8.0 to 1.9.0 by @dependabot in #4101
• build(deps): bump sigstore/cosign-installer from 3.8.1 to 3.8.2 by @dependabot in #4105
• build(deps): bump github.com/coreos/go-oidc/v3 from 3.12.0 to 3.14.1 by @dependabot in #4099
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.5 to 4.1.0 by @dependabot in #4100
• build(deps): bump google.golang.org/protobuf from 1.36.5 to 1.36.6 in /api/v2 by @dependabot in #4057
• build(deps): bump golang from 1.24.2-alpine3.20 to 1.24.3-alpine3.20 by @dependabot in #4124
• build(deps): bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 by @dependabot in #4122
• build(deps): bump oras-project/setup-oras from 1.2.2 to 1.2.3 by @dependabot in #4119
• build(deps): bump google.golang.org/api from 0.231.0 to 0.232.0 by @dependabot in #4120
• build(deps): bump github.com/mattn/go-sqlite3 from 1.14.24 to 1.14.28 by @dependabot in #4123
• build(deps): bump golang.org/x/net from 0.39.0 to 0.40.0 by @dependabot in #4121
• build(deps): bump actions/dependency-review-action from 4.6.0 to 4.7.0 by @dependabot in #4127
• build(deps): bump actions/setup-go from 5.4.0 to 5.5.0 by @dependabot in #4126
• build(deps): bump anchore/sbom-action from 0.19.0 to 0.20.0 by @dependabot in #4132
• build(deps): bump google.golang.org/grpc from 1.72.0 to 1.72.1 by @dependabot in #4131
• build(deps): bump cloud.google.com/go/compute/metadata from 0.6.0 to 0.7.0 by @dependabot in #4130
• build(deps): bump actions/dependency-review-action from 4.7.0 to 4.7.1 by @dependabot in #4128
• build(deps): bump google.golang.org/api from 0.232.0 to 0.233.0 by @dependabot in #4129
• build(deps): bump distroless/static-debian12 from c0f429e to 188ddfb by @dependabot in #4140
• build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @dependabot in #4139
• build(deps): bump docker/build-push-action from 6.16.0 to 6.17.0 by @dependabot in #4135
• build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.21 to 3.6.0 by @dependabot in #4136
• chore: update dependencies by @sagikazarmark in #4141

New Contributors

• @mfila made their first contribution in #3857
• @EthanDieterich made their first contribution in #4000
• @alexandear made their first contribution in #4058
• @shurup made their first contribution in #4097
• @alihasan070707 made their first contribution in #4082

Full Changelog: v2.42.0...v2.43.0

v2.42.1

What's Changed

Bug Fixes 🐛

• fix: remove version controlled files from dockerignore by @sagikazarmark in #4089

Full Changelog: v2.42.0...v2.42.1

v2.42.0

What's Changed

Exciting New Features 🎉

• feat: also allow localhost equivalent IP addresses by @dsonck92 in #3778

Enhancements 🚀

• Added Discovery to grpc by @koendelaat in #3598
• feat(metrics): add response_size, request_duration histograms by @IvoGoman in #3748
• Handle root path better (than nothing) by @nabokihms in #3747
• Support base64 encoded and PEM encoded certs by @nabokihms in #3751
• GitLab connector: add GitLab additional group with role by @zvlb in #2941
• OIDC Connector: Support for IssuerAlias and group claims with maps instead of strings by @meldsza in #3676
• Add CSS for example app to make it prettier by @nabokihms in #3886
• feat: set resource revision for connectors by @nrwiersma in #3868
• Add authproxy preferred_username header by @kotx in #3950
• Passing context storage by @bobmaertz in #3941

Bug Fixes 🐛

• Fix scheme for DialURL ldap connection by @nabokihms in #3677
• Change workdir for gomplate by @nabokihms in #3684
• fix unmarshaling of expanded environment variables with special characters by @tuminoid in #3770
• saml connector: fix nil pointer PANIC on validate saml by @siarhei-haurylau in #3793
• fix: update enhancement proposal link by @emmanuel-ferdman in #3755
• Create offline sessions if approval is skipped by @nabokihms in #3828

Dependency Updates ⬆️

• build(deps): bump golang from 1.22.5-alpine3.20 to 1.23.1-alpine3.20 by @dependabot in #3728
• build(deps): bump alpine from 3.20.2 to 3.20.3 by @dependabot in #3729
• build(deps): bump golang.org/x/net from 0.27.0 to 0.29.0 by @dependabot in #3726
• build(deps): bump golang.org/x/oauth2 from 0.21.0 to 0.23.0 in /examples by @dependabot in #3722
• build(deps): bump actions/attest-build-provenance from 1.4.0 to 1.4.3 by @dependabot in #3727
• build(deps): bump google.golang.org/grpc from 1.65.0 to 1.66.1 in /examples by @dependabot in #3731
• build(deps): bump distroless/static-debian12 from 8dd8d3c to 42d15c6 by @dependabot in #3724
• build(deps): bump tonistiigi/xx from 1.4.0 to 1.5.0 by @dependabot in #3705
• build(deps): bump google.golang.org/api from 0.190.0 to 0.196.0 by @dependabot in #3721
• build(deps): bump docker/build-push-action from 6.5.0 to 6.7.0 by @dependabot in #3696
• build(deps): bump golang.org/x/oauth2 from 0.21.0 to 0.23.0 by @dependabot in #3723
• build(deps): bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by @dependabot in #3685
• build(deps): bump actions/upload-artifact from 4.3.4 to 4.4.0 by @dependabot in #3720
• build(deps): bump github.com/dexidp/dex/api/v2 from 2.1.0 to 2.2.0 in /examples by @dependabot in #3734
• build(deps): bump mheap/github-action-required-labels from 5.4.1 to 5.4.2 by @dependabot in #3735
• build(deps): bump github.com/mattn/go-sqlite3 from 1.14.22 to 1.14.23 by @dependabot in #3738
• build(deps): bump google.golang.org/grpc from 1.66.0 to 1.66.2 by @dependabot in #3742
• build(deps): bump distroless/static-debian12 from 42d15c6 to dcd3f1f by @dependabot in #3754
• build(deps): bump anchore/sbom-action from 0.17.0 to 0.17.2 by @dependabot in #3746
• build(deps): bump github.com/Masterminds/sprig/v3 from 3.2.3 to 3.3.0 by @dependabot in #3753
• build(deps): bump aquasecurity/trivy-action from 0.24.0 to 0.28.0 by @dependabot in #3797
• build(deps): bump github/codeql-action from 3.25.15 to 3.26.13 by @dependabot in #3795
• build(deps): bump golang from 1.23.1-alpine3.20 to 1.23.2-alpine3.20 by @dependabot in #3775
• build(deps): bump distroless/static-debian12 from dcd3f1f to 26f9b99 by @dependabot in #3766
• build(deps): bump cloud.google.com/go/compute/metadata from 0.5.0 to 0.5.2 by @dependabot in #3764
• build(deps): bump docker/setup-buildx-action from 3.6.1 to 3.7.1 by @dependabot in #3781
• build(deps): bump google.golang.org/grpc from 1.66.1 to 1.67.1 in /examples by @dependabot in #3774
• build(deps): bump docker/build-push-action from 6.7.0 to 6.9.0 by @dependabot in #3772
• build(deps): bump anchore/sbom-action from 0.17.2 to 0.17.4 by @dependabot in #3801
• build(deps): bump github.com/prometheus/client_golang from 1.19.1 to 1.20.5 by @dependabot in #3799
• build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0 by @dependabot in #3802
• build(deps): bump actions/dependency-review-action from 4.3.4 to 4.3.5 by @dependabot in #3804
• build(deps): bump anchore/sbom-action from 0.17.4 to 0.17.5 by @dependabot in #3803
• build(deps): bump sigstore/cosign-installer from 3.6.0 to 3.7.0 by @dependabot in #3800
• build(deps): bump github.com/mattn/go-sqlite3 from 1.14.23 to 1.14.24 by @dependabot in #3805
• build(deps): bump github/codeql-action from 3.26.13 to 3.27.0 by @dependabot in #3806
• build(deps): bump actions/checkout from 4.1.7 to 4.2.1 by @dependabot in #3785
• build(deps): bump google.golang.org/api from 0.196.0 to 0.203.0 by @dependabot in #3807
• build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by @dependabot in #3808
• build(deps): bump actions/dependency-review-action from 4.3.5 to 4.4.0 by @dependabot in #3814
• build(deps): bump distroless/static-debian12 from 26f9b99 to 3a03fc0 by @dependabot in #3812
• build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 by @dependabot in #3809
• build(deps): bump anchore/sbom-action from 0.17.5 to 0.17.6 by @dependabot in #3817
• build(deps): bump github.com/fsnotify/fsnotify from 1.7.0 to 1.8.0 by @dependabot in #3822
• build(deps): bump alpine from beefdbd to 1e42bbe by @dependabot in #3840
• build(deps): bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 in /examples by @dependabot in #3832
• build(deps): bump golang from 1.23.2-alpine3.20 to 1.23.3-alpine3.20 by @dependabot in #3834
• build(deps): bump anchore/sbom-action from 0.17.6 to 0.17.8 by @dependabot in #3858
• build(deps): bump distroless/static-debian12 from 3a03fc0 to d71f4b2 by @dependabot in #3839
• build(deps): bump golang from 0974259 to c694a4d by @dependabot in #3863
• build(deps): bump tonistiigi/xx from 1.5.0 to 1.6.1 by @dependabot in #3879
• build(deps): bump golang.org/x/crypto from 0.28.0 to 0.31.0 in the go_modules group by @dependabot in #3893
• build(deps): bump golang.org/x/crypto from 0.26.0 to 0.31.0 in /examples in the go_modules group by @dependabot in #3892
• build(deps): bump github/codeql-action from 3.27.0 to 3.28.0 by @dependabot in #3898
• build(deps): bump actions/upload-artifact from 4.4.0 to 4.5.0 by @dependabot in #3890
• build(deps): bump actions/attest-build-provenance from 1.4.3 to 2.1.0 by @dependabot in #3878
• build(deps): bump golang from 1.23.3-alpine3.20 to 1.23.4-alpine3.20 by @dependabot in #3866
• build(deps): bump distroless/static-debian12 from d71f4b2 to 6cd937e by @dependabot in #3864
• build(deps): bump actions/dependency-review-action from 4.4.0 to 4.5.0 by @dependabot in #3862
• build(deps): bump docker/metadata-action from 5.5.1 to 5.6.1 by @dependabot in #3861
• build(deps): bump aquasecurity/trivy-action from 0.28.0 to 0.29.0 by @dependabot in #3851
• build(deps): bump gomplate from 4.0.1 to 4.3.0 by @MoeBensu in #3856
• build: update Go version by @sagikazarmark in #3913
• build(deps): bump githu...

v2.2.0 Dex API release

https://pkg.go.dev/github.com/dexidp/dex/api/[email protected]

v2.41.1

What's Changed

Bug Fixes 🐛

• Fix ldap connection error: network unreachable @nabokihms in #3677
• Fix gomplate fork/exec error for distroless images by @nabokihms in #3684

Full Changelog: v2.41.0...v2.41.1

v2.41.0

What's Changed

Exciting New Features 🎉

• Enrich Dex logs with real IP and request ID by @nabokihms in #3661
• gRPC Connectors API by @twoojoo in #3245

Important

Connectors API is disabled by default. Set the DEX_API_CONNECTORS_CRUD=true env variable to enable the feature.

Enhancements 🚀

• Prevent double clicking of the submit button on login by @pcorliss in #3554
• Gracefully handle no args being passed to entrypoint by @rgmz in #3589
• New Prometheus metrics build_info by @nlamirault in #3558
• Always retrieve github emails when preferredEmailDomain is set by @thesuperzapper in #3584
• Propagate http.Client to JWT verifier for OIDC connector by @jack-r-warren in #3641
• Fix the broken link to v2 page by @tuladhar in #3648
• Add regex for oidc group matching by @jacksonargo in #3063

Bug Fixes 🐛

• Remove additional features and add a feature flag instead by @nabokihms in #3663

Dependency Updates ⬆️

• build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 in /examples by @dependabot in #3582
• build(deps): bump actions/attest-build-provenance from 1.1.2 to 1.3.1 by @dependabot in #3580
• build(deps): bump github/codeql-action from 3.25.7 to 3.25.12 by @dependabot in #3619
• build(deps): bump actions/dependency-review-action from 4.3.2 to 4.3.4 by @dependabot in #3618
• build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 by @dependabot in #3617
• build(deps): bump aquasecurity/trivy-action from 0.21.0 to 0.24.0 by @dependabot in #3615
• build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /examples in the go_modules group by @dependabot in #3612
• build(deps): bump distroless/static-debian12 from e9ac71e to 8dd8d3c by @dependabot in #3604
• build(deps): bump docker/build-push-action from 5.3.0 to 6.3.0 by @dependabot in #3603
• build(deps): bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0 in /examples by @dependabot in #3609
• build(deps): bump golang.org/x/net from 0.25.0 to 0.27.0 by @dependabot in #3606
• build(deps): bump golang.org/x/crypto from 0.23.0 to 0.25.0 by @dependabot in #3605
• build(deps): bump alpine from 3.20.0 to 3.20.1 by @dependabot in #3591
• build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 in /examples by @dependabot in #3600
• build(deps): bump golang.org/x/oauth2 from 0.20.0 to 0.21.0 by @dependabot in #3567
• build(deps): bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0 by @dependabot in #3627
• build(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #3621
• build(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0 by @dependabot in #3625
• build(deps): bump actions/attest-build-provenance from 1.3.1 to 1.3.3 by @dependabot in #3624
• build(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2 by @dependabot in #3631
• build(deps): bump anchore/sbom-action from 0.16.0 to 0.17.0 by @dependabot in #3630
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.3 by @dependabot in #3626
• build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in #3622
• build(deps): bump docker/build-push-action from 6.3.0 to 6.4.0 by @dependabot in #3623
• build(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by @dependabot in #3629
• build(deps): bump github.com/AppsFlyer/go-sundheit from 0.5.0 to 0.5.1 by @dependabot in #3635
• build(deps): bump docker/build-push-action from 6.4.0 to 6.4.1 by @dependabot in #3633
• build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 by @dependabot in #3634
• Update dependencies before Dex v2.41 by @nabokihms in #3637
• build(deps): bump alpine from 3.20.1 to 3.20.2 by @dependabot in #3647
• build(deps): bump google.golang.org/api from 0.182.0 to 0.189.0 by @dependabot in #3646
• build(deps): bump github/codeql-action from 3.25.12 to 3.25.14 by @dependabot in #3651
• build(deps): bump actions/upload-artifact from 3.1.3 to 4.3.4 by @dependabot in #3607
• build(deps): bump golang from 8c9183f to 0d3653d by @dependabot in #3657
• FIx CVE before Dex v2.41 by @nabokihms in #3653
• Bump gomplate 4.0.1 by @MoeBensu in #3652
• build(deps): bump github.com/AppsFlyer/go-sundheit from 0.5.1 to 0.6.0 by @dependabot in #3655
• build(deps): bump docker/setup-buildx-action from 3.4.0 to 3.6.1 by @dependabot in #3658
• build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.14 to 3.5.15 by @dependabot in #3639
• build(deps): bump docker/setup-qemu-action from 3.1.0 to 3.2.0 by @dependabot in #3645
• build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #3656
• build(deps): bump docker/build-push-action from 6.4.1 to 6.5.0 by @dependabot in #3643
• build(deps): bump docker/login-action from 3.2.0 to 3.3.0 by @dependabot in #3644
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.3 to 4.0.4 by @dependabot in #3666
• build(deps): bump google.golang.org/api from 0.189.0 to 0.190.0 by @dependabot in #3667
• build(deps): bump actions/attest-build-provenance from 1.3.3 to 1.4.0 by @dependabot in #3665
• Bump ent v0.14.0 by @nabokihms in #3670
• build(deps): bump github/codeql-action from 3.25.14 to 3.25.15 by @dependabot in #3664

New Contributors

• @pcorliss made their first contribution in #3554
• @rgmz made their first contribution in #3589
• @nlamirault made their first contribution in #3558
• @thesuperzapper made their first contribution in #3584
• @twoojoo made their first contribution in #3245
• @jack-r-warren made their first contribution in #3641
• @tuladhar made their first contribution in #3648
• @MoeBensu made their first contribution in #3652
• @jacksonargo made their first contribution in #3063

Full Changelog: v2.40.0...v2.41.0

v2.40.0

The official container image for this release can be pulled from

ghcr.io/dexidp/dex:v2.40.0

Know before update

Important

Dex migrated to the log/slog for logging. Both text and json log format outputs changed.

The change can affect users, that import Dex as a library in their projects.

What's Changed

Exciting New Features 🎉

• Add introspect endpoint to introspect access & refresh token by @supercairos in #3404
• Use log/slog for structured logging by @seankhliao in #3502

Enhancements 🚀

• Add support for configurable prompt type for Google connector by @abhisek in #3475
• Google: Implement groups fetch by default service account from metadata (support for GKE workload identity) by @vsychov in #2989
• OIDC connector option to override jwksURI by @sohgaura in #3543
• Allow domain names or IDs in keystone connector by @cardoe in #3506

Bug Fixes 🐛

• Fix function names in comment by @mountcount in #3464
• Fix slight grammar errors. by @adeinega in #3538

Dependency Updates ⬆️

• build(deps): bump google.golang.org/api from 0.172.0 to 0.179.0 by @dependabot in #3516
• build(deps): bump golang from 1.22.2-alpine3.18 to 1.22.3-alpine3.18 by @dependabot in #3514
• build(deps): bump aquasecurity/trivy-action from 0.18.0 to 0.20.0 by @dependabot in #3512
• build(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 in /examples by @dependabot in #3508
• build(deps): bump anchore/sbom-action from 0.15.9 to 0.15.11 by @dependabot in #3497
• build(deps): bump golang.org/x/net from 0.20.0 to 0.23.0 in /api/v2 in the go_modules group by @dependabot in #3483
• build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @dependabot in #3472
• build(deps): bump distroless/static-debian12 from 42c8865 to e9ac71e by @dependabot in #3469
• build(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #3462
• build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.1 in /api/v2 by @dependabot in #3510
• build(deps): bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 by @dependabot in #3526
• build(deps): bump google.golang.org/api from 0.179.0 to 0.180.0 by @dependabot in #3525
• build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.2 by @dependabot in #3524
• build(deps): bump helm/kind-action from 1.9.0 to 1.10.0 by @dependabot in #3523
• build(deps): bump github/codeql-action from 3.24.10 to 3.25.4 by @dependabot in #3522
• build(deps): bump mheap/github-action-required-labels from 5.4.0 to 5.4.1 by @dependabot in #3521
• build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #3520
• build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /api/v2 by @dependabot in #3465
• build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /examples by @dependabot in #3460
• build(deps): bump alpine from 3.19.1 to 3.20.0 by @dependabot in #3547
• build(deps): bump anchore/sbom-action from 0.15.11 to 0.16.0 by @dependabot in #3545
• build(deps): bump github/codeql-action from 3.25.4 to 3.25.6 by @dependabot in #3544
• build(deps): bump actions/checkout from 4.1.2 to 4.1.6 by @dependabot in #3542
• build(deps): bump google.golang.org/api from 0.180.0 to 0.181.0 by @dependabot in #3541
• build(deps): bump golang from 4531927 to ff6ab2b by @dependabot in #3536
• build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #3534
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.1 to 4.0.2 by @dependabot in #3531
• build(deps): bump github.com/beevik/etree from 1.3.0 to 1.4.0 by @dependabot in #3530
• build(deps): bump google.golang.org/grpc from 1.63.2 to 1.64.0 in /examples by @dependabot in #3535
• build(deps): bump docker/login-action from 3.1.0 to 3.2.0 by @dependabot in #3551
• build(deps): bump golang from ff6ab2b to d1a601b by @dependabot in #3550
• build(deps): bump aquasecurity/trivy-action from 0.20.0 to 0.21.0 by @dependabot in #3552
• Bump google.golang.org/grpc to v1.64.0 by @nabokihms in #3553
• build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.13 to 3.5.14 by @dependabot in #3555
• build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.13 to 3.5.14 by @dependabot in #3556
• build(deps): bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #3561
• Bump gomplate 3.11.8 by @nabokihms in #3565

New Contributors

• @elehcim made their first contribution in #3474
• @abhisek made their first contribution in #3475
• @mountcount made their first contribution in #3464
• @adeinega made their first contribution in #3538
• @sohgaura made their first contribution in #3543
• @cardoe made their first contribution in #3506

Full Changelog: v2.39.1...v2.40.0

v2.39.1

The official container image for this release can be pulled from

ghcr.io/dexidp/dex:v2.39.1

Bug Fixes 🐛

• Update max length of Kubernetes object to fit Kubernetes policy by @RomanenkoDenys in #3439 (fix regression for Kubernetes storage)

• Do not escape password for LDAP connectors by @nabokihms in #3470 (changes introduced in v2.39.0 were reverted)