Releases: dexidp/dex
v2.40.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.40.0
Know before update
Important
Dex migrated to the log/slog for logging. Both text and json log format outputs changed.
The change can affect users, that import Dex as a library in their projects.
What's Changed
Exciting New Features 🎉
- Use log/slog for structured logging by @seankhliao in #3502
Enhancements 🚀
- Add support for configurable prompt type for Google connector by @abhisek in #3475
- Google: Implement groups fetch by default service account from metadata (support for GKE workload identity) by @vsychov in #2989
- OIDC connector option to override jwksURI by @sohgaura in #3543
- Allow domain names or IDs in keystone connector by @cardoe in #3506
Bug Fixes 🐛
- Fix function names in comment by @mountcount in #3464
- Fix slight grammar errors. by @adeinega in #3538
Dependency Updates ⬆️
- build(deps): bump google.golang.org/api from 0.172.0 to 0.179.0 by @dependabot in #3516
- build(deps): bump golang from 1.22.2-alpine3.18 to 1.22.3-alpine3.18 by @dependabot in #3514
- build(deps): bump aquasecurity/trivy-action from 0.18.0 to 0.20.0 by @dependabot in #3512
- build(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 in /examples by @dependabot in #3508
- build(deps): bump anchore/sbom-action from 0.15.9 to 0.15.11 by @dependabot in #3497
- build(deps): bump golang.org/x/net from 0.20.0 to 0.23.0 in /api/v2 in the go_modules group by @dependabot in #3483
- build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @dependabot in #3472
- build(deps): bump distroless/static-debian12 from
42c8865
toe9ac71e
by @dependabot in #3469 - build(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #3462
- build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.1 in /api/v2 by @dependabot in #3510
- build(deps): bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 by @dependabot in #3526
- build(deps): bump google.golang.org/api from 0.179.0 to 0.180.0 by @dependabot in #3525
- build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.2 by @dependabot in #3524
- build(deps): bump helm/kind-action from 1.9.0 to 1.10.0 by @dependabot in #3523
- build(deps): bump github/codeql-action from 3.24.10 to 3.25.4 by @dependabot in #3522
- build(deps): bump mheap/github-action-required-labels from 5.4.0 to 5.4.1 by @dependabot in #3521
- build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #3520
- build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /api/v2 by @dependabot in #3465
- build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /examples by @dependabot in #3460
- build(deps): bump alpine from 3.19.1 to 3.20.0 by @dependabot in #3547
- build(deps): bump anchore/sbom-action from 0.15.11 to 0.16.0 by @dependabot in #3545
- build(deps): bump github/codeql-action from 3.25.4 to 3.25.6 by @dependabot in #3544
- build(deps): bump actions/checkout from 4.1.2 to 4.1.6 by @dependabot in #3542
- build(deps): bump google.golang.org/api from 0.180.0 to 0.181.0 by @dependabot in #3541
- build(deps): bump golang from
4531927
toff6ab2b
by @dependabot in #3536 - build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #3534
- build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.1 to 4.0.2 by @dependabot in #3531
- build(deps): bump github.com/beevik/etree from 1.3.0 to 1.4.0 by @dependabot in #3530
- build(deps): bump google.golang.org/grpc from 1.63.2 to 1.64.0 in /examples by @dependabot in #3535
- build(deps): bump docker/login-action from 3.1.0 to 3.2.0 by @dependabot in #3551
- build(deps): bump golang from
ff6ab2b
tod1a601b
by @dependabot in #3550 - build(deps): bump aquasecurity/trivy-action from 0.20.0 to 0.21.0 by @dependabot in #3552
- Bump google.golang.org/grpc to v1.64.0 by @nabokihms in #3553
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.13 to 3.5.14 by @dependabot in #3555
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.13 to 3.5.14 by @dependabot in #3556
- build(deps): bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #3561
- Bump gomplate 3.11.8 by @nabokihms in #3565
New Contributors
- @elehcim made their first contribution in #3474
- @abhisek made their first contribution in #3475
- @mountcount made their first contribution in #3464
- @adeinega made their first contribution in #3538
- @sohgaura made their first contribution in #3543
- @cardoe made their first contribution in #3506
Full Changelog: v2.39.1...v2.40.0
v2.39.1
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.39.1
Bug Fixes 🐛
-
Update max length of Kubernetes object to fit Kubernetes policy by @RomanenkoDenys in #3439 (fix regression for Kubernetes storage)
-
Do not escape password for LDAP connectors by @nabokihms in #3470 (changes introduced in v2.39.0 were reverted)
v2.39.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.39.0
Know before update
Warning
The validation of username and password in the LDAP connector is much more strict now.
As of today, Dex uses the EscapeFilter
function to check for special characters in credentials and prevent injections by denying such requests.
the special characters in the set
()*\
and those out of the range 0 < c < 0x80, as defined in RFC4515
What's Changed
Enhancements 🚀
- Also set the username in authproxy connector by @ppacher in #3307
- Log failed login attempt by @i-amelia in #2454
- Update ent by @sagikazarmark in #3379
- Add sanitizer to LDAP account and password by @hsinhoyeh in #3372
- Add headers control to Dex web server by @nabokihms in #3339
- OIDC connector: Allow specifying empty prompt type by @nabokihms in #3373
- Set read-only permissions to the check job by @nabokihms in #3415
Bug Fixes 🐛
- Use the correct token type for userInfo requests while Token Exchange by @MrDeerly in #3336
- Do not evaluate skipApproval on the approval page by @MM53 in #3086
Dependency Updates ⬆️
- build(deps): bump anchore/sbom-action from 0.15.5 to 0.15.6 by @dependabot in #3314
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.19 to 1.14.22 by @dependabot in #3328
- build(deps): bump github/codeql-action from 3.23.1 to 3.24.0 by @dependabot in #3327
- build(deps): bump anchore/sbom-action from 0.15.6 to 0.15.8 by @dependabot in #3325
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.11 to 3.5.12 by @dependabot in #3323
- build(deps): bump google.golang.org/api from 0.157.0 to 0.161.0 by @dependabot in #3317
- build(deps): bump alpine from 3.19.0 to 3.19.1 by @dependabot in #3311
- build(deps): bump golang from
3bd4475
to3354c3a
by @dependabot in #3310 - build(deps): bump mheap/github-action-required-labels from 5.1.0 to 5.2.0 by @dependabot in #3308
- build(deps): bump sigstore/cosign-installer from 3.2.0 to 3.4.0 by @dependabot in #3324
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.11 to 3.5.12 by @dependabot in #3321
- build(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 in /examples by @dependabot in #3340
- build(deps): bump tonistiigi/xx from 1.3.0 to 1.4.0 by @dependabot in #3333
- build(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 by @dependabot in #3341
- build(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 in /examples by @dependabot in #3352
- build(deps): bump distroless/static from
9be3fcc
toa43abc8
by @dependabot in #3350 - build(deps): bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 by @dependabot in #3332
- build(deps): bump docker/metadata-action from 5.5.0 to 5.5.1 by @dependabot in #3330
- build(deps): bump mheap/github-action-required-labels from 5.2.0 to 5.3.0 by @dependabot in #3347
- build(deps): bump helm/kind-action from 1.8.0 to 1.9.0 by @dependabot in #3345
- build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @dependabot in #3360
- build(deps): bump google.golang.org/api from 0.161.0 to 0.165.0 by @dependabot in #3355
- build(deps): bump actions/dependency-review-action from 4.0.0 to 4.1.0 by @dependabot in #3359
- build(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 by @dependabot in #3377
- build(deps): bump google.golang.org/api from 0.165.0 to 0.167.0 by @dependabot in #3376
- build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in #3375
- build(deps): bump distroless/static from
a43abc8
to072d78b
by @dependabot in #3374 - build(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 in /examples by @dependabot in #3368
- build(deps): bump actions/dependency-review-action from 4.1.0 to 4.1.3 by @dependabot in #3363
- build(deps): bump haya14busa/action-cond from 1.1.1 to 1.2.1 by @dependabot in #3346
- build(deps): bump golang from 1.21.6-alpine3.18 to 1.22.0-alpine3.18 by @dependabot in #3334
- build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 by @dependabot in #3367
- build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 in /api/v2 by @dependabot in #3365
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 by @dependabot in #3405
- build(deps): bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0 by @dependabot in #3380
- build(deps): bump golang from 1.22.0-alpine3.18 to 1.22.1-alpine3.18 by @dependabot in #3398
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 in /examples by @dependabot in #3406
- build(deps): bump google.golang.org/api from 0.167.0 to 0.169.0 by @dependabot in #3407
- Update jose by @nabokihms in #3409
- build(deps): bump distroless/static from
072d78b
to9235ad9
by @dependabot in #3381 - build(deps): bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in #3382
- build(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 by @dependabot in #3384
- build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in #3386
- build(deps): bump anchore/sbom-action from 0.15.8 to 0.15.9 by @dependabot in #3397
- build(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 by @dependabot in #3393
- build(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 in /examples by @dependabot in #3394
- build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 in /examples by @dependabot in #3401
- build(deps): bump github.com/go-sql-driver/mysql from 1.7.1 to 1.8.0 by @dependabot in #3414
- build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by @dependabot in #3413
- build(deps): bump distroless/static from
9235ad9
to7e5c6a2
by @dependabot in #3410 - build(deps): bump docker/build-push-action from 5.1.0 to 5.2.0 by @dependabot in #3411
- build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 by @dependabot in #3412
- build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot in #3389
- build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #3417
- build(deps): bump github/codeql-action from 3.24.6 to 3.24.8 by @dependabot in #3422
- build(deps): bump google.golang.org/api from 0.169.0 to 0.171.0 by @dependabot in #3426
- build(deps): bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #3418
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 in /examples by @dependabot in #3424
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 by @dependabot in #3425
- build(deps): bump docker/build-push-action from 5.2.0 to 5.3.0 by @dependabot in #3420
- build(deps): bump golang from
010f3b3
toede158f
by @dependabot in #3421 - build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 in /api/v2 by @dependabot in #3399
- build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 in /api/v2 by @dependabot in #3400
New Contributors
- @ppacher made their first contribution in #3307
- @MrDeerly made their first contribution in #3336
- @i-amelia made their first contribution in #2454
- @hsinhoyeh made their first contribution in #3372
Full Changelog: v2.38.0...v2.39.0
v2.38.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.38.0
What's Changed
Exciting New Features 🎉
- RFC 8693 OAuth 2.0 Token Exchange by @seankhliao in #2806
Enhancements 🚀
- include granttypes in example config by @seankhliao in #3027
- Add GetClient grpc service by @marcofranssen in #2972
- feat: Update response_types_supported to allow multiple-valued response type combinations by @Cedric-Magnan in #2521
- verify access tokens by checking getuserinfo during a token exchange by @seankhliao in #3031
- Store offline sessions only if they were requested by the user by @MM53 in #3125
- Minimalistic support for group filtering in oidc connector by @mdpradeep in #3074
- feat(connector/microsoft): support custom api and graph URLs by @sagikazarmark in #3084
- Composite claims in OIDC connector by @Oded-B in #3056
- Add support for extra claims to authproxy connector by @mkjpryor in #2851
- Add support for linux/s390x by @lysliu in #3189
- Override OIDC provider discovered claims by @nabokihms in #3267
- Bump gomplate to v3.11.7 by @nabokihms in #3293
- Introduce a dedicated pkg for featureflags by @nabokihms in #3278
- Sign container images by @nabokihms in #3269
- Add context to storage's Create endpoints by @PumpkinSeed in #2935
- feat: add TLS versions configuration by @tuminoid in #3303
Bug Fixes 🐛
- Fix etcd device requests by @MM53 in #3119
- Fix lint errors after merging AllowedHeaders feature by @nabokihms in #3247
- Propagate Dex version from build args by @nabokihms in #3276
Dependency Updates ⬆️
- build(deps): bump golang.org/x/net from 0.11.0 to 0.12.0 by @dependabot in #3036
- build(deps): bump google.golang.org/api from 0.129.0 to 0.130.0 by @dependabot in #3034
- build(deps): bump golang.org/x/crypto from 0.10.0 to 0.11.0 by @dependabot in #3035
- build(deps): bump helm/kind-action from 1.7.0 to 1.8.0 by @dependabot in #3041
- build(deps): bump google.golang.org/api from 0.130.0 to 0.134.0 by @dependabot in #3054
- build(deps): bump docker/setup-buildx-action from 2.8.0 to 2.9.1 by @dependabot in #3043
- build(deps): bump github/codeql-action from 2.20.1 to 2.21.2 by @dependabot in #3057
- build(deps): bump google.golang.org/grpc from 1.56.1 to 1.57.0 by @dependabot in #3055
- build(deps): bump google.golang.org/protobuf from 1.30.0 to 1.31.0 in /api/v2 by @dependabot in #3021
- build(deps): bump google.golang.org/grpc from 1.55.0 to 1.57.0 in /api/v2 by @dependabot in #3053
- build(deps): bump golang.org/x/net from 0.12.0 to 0.13.0 by @dependabot in #3060
- build(deps): bump google.golang.org/api from 0.134.0 to 0.138.0 by @dependabot in #3079
- build(deps): bump actions/dependency-review-action from 3.0.6 to 3.0.8 by @dependabot in #3078
- build(deps): bump github/codeql-action from 2.21.2 to 2.21.4 by @dependabot in #3076
- build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in #3071
- build(deps): bump alpine from 3.18.2 to 3.18.3 by @dependabot in #3069
- build(deps): bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 by @dependabot in #3090
- build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #3099
- build(deps): bump docker/setup-buildx-action from 2.9.1 to 3.0.0 by @dependabot in #3104
- build(deps): bump actions/checkout from 3.5.3 to 4.1.0 by @dependabot in #3117
- build(deps): bump alpine from 3.18.3 to 3.18.4 by @dependabot in #3130
- build(deps): bump github/codeql-action from 2.21.4 to 2.21.9 by @dependabot in #3127
- build(deps): bump google.golang.org/api from 0.138.0 to 0.143.0 by @dependabot in #3121
- build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 by @dependabot in #3116
- build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 in /api/v2 by @dependabot in #3115
- build(deps): bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 by @dependabot in #3132
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.5 to 3.4.6 by @dependabot in #3133
- build(deps): bump docker/login-action from 2.2.0 to 3.0.0 by @dependabot in #3134
- build(deps): bump docker/build-push-action from 4.1.1 to 5.0.0 by @dependabot in #3135
- build(deps): bump docker/metadata-action from 4.6.0 to 5.0.0 by @dependabot in #3136
- build(deps): bump actions/dependency-review-action from 3.0.8 to 3.1.0 by @dependabot in #3137
- build(deps): bump docker/setup-qemu-action from 2.2.0 to 3.0.0 by @dependabot in #3138
- build(deps): bump google.golang.org/api from 0.143.0 to 0.147.0 by @dependabot in #3152
- build(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot in #3155
- build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in #3154
- build(deps): bump github/codeql-action from 2.21.9 to 2.22.3 by @dependabot in #3153
- build(deps): bump tonistiigi/xx from 1.2.1 to 1.3.0 by @dependabot in #3161
- build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #3159
- build(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @dependabot in #3157
- build(deps): bump golang.org/x/net from 0.7.0 to 0.17.0 in /examples by @dependabot in #3151
- build(deps): bump google.golang.org/api from 0.147.0 to 0.148.0 by @dependabot in #3163
- build(deps): bump golang.org/x/net from 0.12.0 to 0.17.0 in /api/v2 by @dependabot in #3150
- Bump Go 1.21 by @nabokihms in #3165
- build(deps): bump google.golang.org/grpc from 1.58.2 to 1.59.0 in /api/v2 by @dependabot in #3158
- Bump ent (v0.12.4) and example app dependencies by @nabokihms in #3166
- build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0 by @dependabot in #3167
- build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in #3168
- build(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 by @dependabot in #3169
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.9 to 3.5.11 by @dependabot in #3216
- build(deps): bump golang from 1.21.3-alpine3.18 to 1.21.5-alpine3.18 by @dependabot in #3213
- build(deps): bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 by @dependabot in #3181
- build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #3182
- build(deps): bump docker/build-push-action from 5.0.0 to 5.1.0 by @dependabot in #3198
- build(deps): bump anchore/sbom-action from 0.14.3 to 0.15.1 by @dependabot in #3210
- build(deps): bump aquasecurity/trivy-action from 0.12.0 to 0.16.0 by @dependabot in #3219
- build(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.4 by @dependabot in #3206
- Bump golangci-lint 1.55.2 by @nabokihms in #3232
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.17 to 1.14.19 by @dependabot in #3226
- build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 by @dependabot in #3228
- build(deps): bump alpine from 3.18.4 to 3.19.0 by @dependabot in #3214
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @dependabot in #3201
- build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /examples by @dependabot in #3229
- build(deps)...
v2.37.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.37.0
What's Changed
Exciting New Features 🎉
- TLS cert reloader by @seankhliao in #2964
Enhancements 🚀
- Add xx to cross-compile binaries in Docker by @sagikazarmark in #2898
- Spelling by @jsoref in #2919
- LDAP case-insensitive DN attribute by @nabokihms in #2829
- Utilize native git diff --exit-code by @marcofranssen in #2981
- Google: Add Support for Multiple Admin Emails to Retrieve Group Lists by @vsychov in #2911
Bug Fixes 🐛
- Do not skip approval screen by default by @nabokihms in #2897
- Fail if OIDC config contains hosted domains by @nabokihms in #2937
Dependency Updates ⬆️
- build(deps): bump alpine from 3.17.2 to 3.17.3 by @dependabot in #2879
- build(deps): bump mheap/github-action-required-labels from 3 to 4 by @dependabot in #2881
- build(deps): bump google.golang.org/grpc from 1.53.0 to 1.54.0 by @dependabot in #2873
- build(deps): bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 by @dependabot in #2892
- build(deps): bump golang from 1.20.2-alpine3.16 to 1.20.3-alpine3.16 by @dependabot in #2884
- build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0 by @dependabot in #2885
- build(deps): bump aquasecurity/trivy-action from 0.9.2 to 0.10.0 by @dependabot in #2905
- build(deps): bump github.com/prometheus/client_golang from 1.14.0 to 1.15.0 by @dependabot in #2900
- build(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 by @dependabot in #2891
- build(deps): bump github.com/russellhaering/goxmldsig from 1.3.0 to 1.4.0 by @dependabot in #2920
- build(deps): bump golang from 1.20.3-alpine3.16 to 1.20.4-alpine3.16 by @dependabot in #2924
- build(deps): bump github.com/lib/pq from 1.10.7 to 1.10.9 by @dependabot in #2922
- build(deps): bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 by @dependabot in #2929
- build(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 by @dependabot in #2932
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.7 to 3.5.8 by @dependabot in #2899
- build(deps): bump github.com/beevik/etree from 1.1.0 to 1.1.4 by @dependabot in #2939
- build(deps): bump github.com/go-sql-driver/mysql from 1.7.0 to 1.7.1 by @dependabot in #2938
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.8 to 3.5.9 by @dependabot in #2946
- build(deps): bump github/codeql-action from 2.3.1 to 2.3.3 by @dependabot in #2943
- build(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2 by @dependabot in #2942
- build(deps): bump alpine from 3.17.3 to 3.18.0 by @dependabot in #2930
- build(deps): bump google.golang.org/grpc from 1.53.0 to 1.55.0 in /api/v2 by @dependabot in #2927
- build(deps): bump google.golang.org/api from 0.114.0 to 0.122.0 by @dependabot in #2931
- build(deps): bump entgo.io/ent from 0.11.10 to 0.12.3 by @dependabot in #2923
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.7 to 3.5.9 by @dependabot in #2944
- build(deps): bump github.com/prometheus/client_golang from 1.15.0 to 1.15.1 by @dependabot in #2945
- build(deps): bump helm/kind-action from 1.5.0 to 1.7.0 by @dependabot in #2956
- build(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 by @dependabot in #2957
- build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 by @dependabot in #2949
- build(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 by @dependabot in #2948
- build(deps): bump google.golang.org/api from 0.122.0 to 0.123.0 by @dependabot in #2959
- build(deps): bump github.com/beevik/etree from 1.1.4 to 1.2.0 by @dependabot in #2947
- build(deps): bump github/codeql-action from 2.3.3 to 2.3.5 by @dependabot in #2970
- build(deps): bump google.golang.org/api from 0.123.0 to 0.124.0 by @dependabot in #2968
- build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @dependabot in #2958
- build(deps): bump aquasecurity/trivy-action from 0.10.0 to 0.11.0 by @dependabot in #2984
- build(deps): bump github/codeql-action from 2.3.5 to 2.3.6 by @dependabot in #2982
- build(deps): bump actions/dependency-review-action from 3.0.4 to 3.0.6 by @dependabot in #2978
- build(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 by @dependabot in #2983
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.16 to 1.14.17 by @dependabot in #2979
- build(deps): bump google.golang.org/api from 0.124.0 to 0.125.0 by @dependabot in #2976
- build(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @dependabot in #2977
- build(deps): bump docker/login-action from 2.1.0 to 2.2.0 by @dependabot in #2987
- build(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0 by @dependabot in #2985
- build(deps): bump docker/metadata-action from 4.4.0 to 4.5.0 by @dependabot in #2986
- build(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 by @dependabot in #2988
- build(deps): bump mheap/github-action-required-labels from 4 to 5 by @dependabot in #2990
- build(deps): bump aquasecurity/trivy-action from 0.11.0 to 0.11.2 by @dependabot in #2995
- build(deps): bump github/codeql-action from 2.3.6 to 2.20.0 by @dependabot in #3002
- build(deps): bump google.golang.org/api from 0.125.0 to 0.127.0 by @dependabot in #2999
- build(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0 by @dependabot in #3001
- build(deps): bump docker/build-push-action from 4.0.0 to 4.1.1 by @dependabot in #3003
- build(deps): bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #2993
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.5 by @dependabot in #2997
- build(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 by @dependabot in #3004
- build(deps): bump alpine from 3.18.0 to 3.18.2 by @dependabot in #3008
- build(deps): bump docker/metadata-action from 4.5.0 to 4.6.0 by @dependabot in #3007
- build(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 by @dependabot in #3005
- build(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 by @dependabot in #3009
- build(deps): bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 by @dependabot in #3010
- build(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 by @dependabot in #3016
- build(deps): bump github/codeql-action from 2.20.0 to 2.20.1 by @dependabot in #3015
- build(deps): bump anchore/sbom-action from 0.14.2 to 0.14.3 by @dependabot in #3014
- build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in #3019
- build(deps): bump google.golang.org/api from 0.127.0 to 0.129.0 by @dependabot in #3022
- build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 by @dependabot in #3023
New Contributors
- @marcofranssen made their first contribution in #2981
- @vsychov made their first contribution in #2911
Full Changelog: v2.36.0...v2.37.0
v2.36.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.36.0
What's Changed
Enhancements 🚀
- TLS configure for OIDC connector by @xtremerui in #1632
- Add icon for gitea by @pinpox in #2733
- fix: Do not use connector data from the refresh token field by @nabokihms in #2729
- Add preferredEmailDomain config option for GitHub connector by @nobuyo in #2740
- Move unique functionality into getGroups to reduce calls to google by @snuggie12 in #2628
- fix: prevent server-side request forgery using Kubernetes storage by @nabokihms in #2479
- fix: return 401 if password is invalid by @nabokihms in #2796
- feat: Add default robots.txt by @nabokihms in #2834
- Skip redirection to approval when it is not required (#2686) by @nobuyo in #2805
- feat: Bump dependencies and Makefile refactoring by @nabokihms in #2844
Bug Fixes 🐛
- Make admin email optional when no service account path is configured by @sagikazarmark in #2695
- Only initialize google admin service if necessary by @sagikazarmark in #2700
Dependency Updates ⬆️
- build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16 by @dependabot in #2697
- fix: Update gomplate version to 3.11.3 fix CVE-2022-27665 by @nabokihms in #2705
- build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by @dependabot in #2708
- build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 by @dependabot in #2715
- build(deps): bump google.golang.org/api from 0.98.0 to 0.101.0 by @dependabot in #2720
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.15 to 1.14.16 by @dependabot in #2721
- build(deps): bump aquasecurity/trivy-action from 0.7.1 to 0.8.0 by @dependabot in #2723
- build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 by @dependabot in #2718
- build(deps): bump golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16 by @dependabot in #2724
- build(deps): bump alpine from 3.16.2 to 3.17.0 by @dependabot in #2746
- build(deps): bump github.com/prometheus/client_golang from 1.13.0 to 1.14.0 by @dependabot in #2735
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.5 to 3.5.6 by @dependabot in #2744
- build(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 by @dependabot in #2751
- build(deps): bump golang from 1.19.3-alpine3.16 to 1.19.4-alpine3.16 by @dependabot in #2750
- build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 by @dependabot in #2755
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.5 to 3.5.6 by @dependabot in #2743
- build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 by @dependabot in #2754
- build(deps): bump helm/kind-action from 1.4.0 to 1.5.0 by @dependabot in #2758
- build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0 by @dependabot in #2741
- build(deps): bump google.golang.org/api from 0.101.0 to 0.104.0 by @dependabot in #2753
- build(deps): bump google.golang.org/grpc from 1.49.0 to 1.51.0 in /api/v2 by @dependabot in #2742
- build(deps): bump golang.org/x/net from 0.3.0 to 0.4.0 by @dependabot in #2761
- build(deps): bump entgo.io/ent from 0.11.3 to 0.11.4 by @dependabot in #2725
- build(deps): bump google.golang.org/api from 0.104.0 to 0.105.0 by @dependabot in #2760
- build(deps): bump golang.org/x/net from 0.4.0 to 0.5.0 by @dependabot in #2774
- build(deps): bump google.golang.org/api from 0.105.0 to 0.106.0 by @dependabot in #2772
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.4.0 to 3.5.0 by @dependabot in #2770
- build(deps): bump golang.org/x/crypto from 0.4.0 to 0.5.0 by @dependabot in #2773
- build(deps): bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 by @dependabot in #2777
- build(deps): bump entgo.io/ent from 0.11.4 to 0.11.5 by @dependabot in #2779
- build(deps): bump alpine from 3.17.0 to 3.17.1 by @dependabot in #2780
- build(deps): bump mheap/github-action-required-labels from 2 to 3 by @dependabot in #2769
- build(deps): bump google.golang.org/api from 0.106.0 to 0.107.0 by @dependabot in #2788
- build(deps): bump golang from 1.19.4-alpine3.16 to 1.19.5-alpine3.16 by @dependabot in #2782
- build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 by @dependabot in #2783
- build(deps): bump google.golang.org/api from 0.107.0 to 0.108.0 by @dependabot in #2793
- build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 in /api/v2 by @dependabot in #2784
- chore: Upgrade golangci-lint to v1.50.1 from v1.46.0 by @dlipovetsky in #2790
- ci: Use go 1.19 by @dlipovetsky in #2791
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.6 to 3.5.7 by @dependabot in #2798
- build(deps): bump docker/build-push-action from 3 to 4 by @dependabot in #2807
- build(deps): bump golang from 1.19.5-alpine3.16 to 1.20.0-alpine3.16 by @dependabot in #2811
- build(deps): bump aquasecurity/trivy-action from 0.8.0 to 0.9.0 by @dependabot in #2810
- build(deps): bump alpine from 3.17.1 to 3.17.2 by @dependabot in #2821
- build(deps): bump aquasecurity/trivy-action from 0.9.0 to 0.9.1 by @dependabot in #2822
- build(deps): bump entgo.io/ent from 0.11.5 to 0.11.8 by @dependabot in #2823
- build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 by @dependabot in #2818
- build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 by @dependabot in #2828
- build(deps): bump golang.org/x/net from 0.4.0 to 0.7.0 in /api/v2 by @dependabot in #2832
- build(deps): bump golang.org/x/sys from 0.0.0-20220114195835-da31bd327af9 to 0.1.0 in /examples by @dependabot in #2837
- build(deps): bump golang.org/x/net from 0.0.0-20220114011407-0dd24b26b47d to 0.7.0 in /examples by @dependabot in #2846
- build(deps): bump golang from 1.20.0-alpine3.16 to 1.20.1-alpine3.16 by @dependabot in #2827
- build(deps): bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 by @dependabot in #2850
- build(deps): bump golang from 1.20.1-alpine3.16 to 1.20.2-alpine3.16 by @dependabot in #2849
- feat: Bump gomplate 3.11.4 by @nabokihms in #2840
- build(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in #2856
- build(deps): bump golang.org/x/oauth2 from 0.4.0 to 0.6.0 by @dependabot in #2847
- build(deps): bump google.golang.org/api from 0.108.0 to 0.112.0 by @dependabot in #2853
- build(deps): bump google.golang.org/api from 0.112.0 to 0.114.0 by @dependabot in #2869
- build(deps): bump actions/setup-go from 3 to 4 by @dependabot in #2863
- build(deps): bump github.com/russellhaering/goxmldsig from 1.2.0 to 1.3.0 by @dependabot in #2862
- build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 by @dependabot in #2866
- build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 in /api/v2 by @dependabot in #2867
- build(deps): bump golang.org/x/crypto from 0.0.0-20220112180741-5e0467b6c7ce to 0.1.0 in /examples by @dependabot in #2845
- build(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 in /api/v2 by @dependabot in #2816
- chore: upgrade tools by @sagikazarmark in #2870
Other Changes
- Bump image in examples/k8s/dex.yaml to v2.32.0 by @stealthybox in #2569
New Contributors
v2.35.3
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.3
What's Changed
Dependency Updates ⬆️
- Backport #2705 to v2.35.x by @nabokihms in #2706
Full Changelog: v2.35.2...v2.35.3
v2.35.2
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.2
What's Changed
Bug Fixes 🐛
- Backport #2700 to v2.35.x by @sagikazarmark in #2702
Dependency Updates ⬆️
- Backport Go update to v2.35.x by @sagikazarmark in #2698
Full Changelog: v2.35.1...v2.35.2
v2.35.1
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.1
What's Changed
Bug Fixes 🐛
- Backport #2694 to v2.35.x by @sagikazarmark in #2696
Full Changelog: v2.35.0...v2.35.1
v2.35.0
If you use the Google connector, please upgrade to 2.35.1 instead.
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.0
What's Changed
Enhancements 🚀
- Reduce HTTP client creations in the Keystone connector by @erwinvaneyk in #2659
Bug Fixes 🐛
- fix for issue 2670; check for no serviceAccountFilePath and no email by @bobcallaway in #2679
- supply HMACKey in test case by @bobcallaway in #2683
- fix: refresh token only once for all concurrent requests by @nabokihms in #2692
Dependency Updates ⬆️
- build(deps): bump google.golang.org/api from 0.95.0 to 0.97.0 by @dependabot in #2677
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.4 to 3.5.5 by @dependabot in #2666
- build(deps): bump google.golang.org/api from 0.97.0 to 0.98.0 by @dependabot in #2682
- build(deps): bump helm/kind-action from 1.3.0 to 1.4.0 by @dependabot in #2681
- build(deps): bump entgo.io/ent from 0.11.2 to 0.11.3 by @dependabot in #2684
- Update golang.org/x packages by @sagikazarmark in #2688
New Contributors
Full Changelog: v2.34.0...v2.35.0