v0.11: Sign in with Microsoft, custom email sending

Highlights

• Microsoft is now available as 3rd-party identity provider. Admins can set up a "Sign in with Microsoft" authentication option for users in the backend config. Both personal and work accounts are supported. Learn more here.
• Custom email sending is now supported by a new webhook and the option to disable email sending through the Hanko backend. Apps can subscribe to the webhook and implement their own email sending (e.g. passcode emails).

What's Changed

• docs: add link to discord guide in backend readme by @lfleischmann in #1424
• feat(thirdparty): add microsoft provider by @lfleischmann in #1409
• Update LICENSE by @FlxMgdnz in #1432
• Update README.md by @FlxMgdnz in #1433
• chore(deps): bump github.com/labstack/echo/v4 from 4.11.4 to 4.12.0 in /backend by @dependabot in #1436
• fix: fix saml login for existing users by @FreddyDevelop in #1434
• [FEAT] disable email delivery by @FreddyDevelop in #1419
• chore(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 in /quickstart by @dependabot in #1440
• chore(deps): bump github.com/labstack/echo-contrib from 0.15.0 to 0.17.1 in /backend by @dependabot in #1441
• fix: don't override error before return by @FreddyDevelop in #1447

Full Changelog: backend/v0.10.2...backend/v0.11.0

v0.10.2

Highlights

• Fix that ensures email JWT claim is present on user creation.
• Change that sets the default Passkey/WebAuthn attestation conveyance preference from 'none' to 'direct' for better AAGUID handling on Windows.

What's Changed

• fix(jwt): add updated email on user create by @shentschel in #1416
• chore(deps): bump github.com/jackc/pgconn from 1.14.1 to 1.14.3 in /backend by @dependabot in #1380
• chore(deps): bump jose from 4.15.4 to 4.15.5 in /frontend by @dependabot in #1385
• chore(deps): bump softprops/action-gh-release from 1 to 2 by @dependabot in #1389
• chore(deps): bump github.com/jackc/pgx/v4 from 4.18.1 to 4.18.2 in /backend by @dependabot in #1391
• chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /backend by @dependabot in #1395
• chore(deps): bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible in /backend by @dependabot in #1402
• chore(deps): bump github.com/go-sql-driver/mysql from 1.7.1 to 1.8.1 in /backend by @dependabot in #1410
• chore(deps): bump follow-redirects from 1.15.4 to 1.15.6 in /docs by @dependabot in #1399
• chore(deps): bump follow-redirects from 1.15.4 to 1.15.6 in /frontend by @dependabot in #1400
• chore(deps): bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /docs by @dependabot in #1406
• chore(deps-dev): bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /frontend by @dependabot in #1405
• Update README.md by @FlxMgdnz in #1408
• chore(deps): bump express from 4.18.1 to 4.19.2 in /docs by @dependabot in #1413
• chore(deps): bump express from 4.18.2 to 4.19.2 in /frontend by @dependabot in #1414
• chore(deps): bump peaceiris/actions-gh-pages from 3 to 4 by @dependabot in #1422
• Roadmap updates by @FlxMgdnz in #1411
• chore(deps): bump golang.org/x/crypto from 0.21.0 to 0.22.0 in /backend by @dependabot in #1425
• chore(deps): bump github.com/go-webauthn/webauthn from 0.10.1 to 0.10.2 in /backend by @dependabot in #1426
• chore(deps): bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 in /backend by @dependabot in #1428
• enhance(webauthn): change default attestation mode by @shentschel in #1421
• chore: update versions to v0.10.2 by @lfleischmann in #1430

Full Changelog: backend/v0.10.1...backend/v0.10.2

v0.10.1

Highlights

• Email claim added to session JWT, allowing developers to quickly retrieve the user's primary email address
• New Social SSO provider: Discord

What's Changed

• chore(deps): bump github.com/go-playground/validator/v10 from 10.17.0 to 10.18.0 in /backend by @dependabot in #1342
• chore: update debug dockerfile by @lfleischmann in #1352
• chore(webhooks): improve webhook docs by @shentschel in #1351
• feat(thirdparty): add discord provider by @lfleischmann in #1353
• fix(webhooks): fix HasEvent logic by @shentschel in #1355
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.19 to 2.0.20 in /backend by @dependabot in #1358
• chore(deps-dev): bump ip from 2.0.0 to 2.0.1 in /frontend by @dependabot in #1359
• Roadmap updated by @FlxMgdnz in #1363
• feat(webhooks): add webhooks trigger to thirdparty auth by @shentschel in #1367
• chore(deps): bump golang.org/x/crypto from 0.19.0 to 0.21.0 in /backend by @dependabot in #1378
• chore(deps): bump github.com/go-playground/validator/v10 from 10.18.0 to 10.19.0 in /backend by @dependabot in #1377
• chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 in /backend by @dependabot in #1375
• chore(deps): bump github.com/gomodule/redigo from 1.8.9 to 1.9.2 in /backend by @dependabot in #1365
• chore(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 in /backend by @dependabot in #1379
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.20 to 2.0.21 in /backend by @dependabot in #1386
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.19 to 2.0.21 in /quickstart by @dependabot in #1387
• Fix links in README.md by @wttw in #1407
• feat(jwt): add email claim to session JWT by @shentschel in #1404

New Contributors

• @wttw made their first contribution in #1407

Full Changelog: backend/v0.10.0...backend/v0.10.1

v0.10: Webhooks, Account Linking, Passkey Names

This release contains some highly requested new features:

Webhooks

It is now possible to configure webhooks. For now, subscribable events are limited to changes to user accounts. More information here.

3rd-party Account Linking

Automatic account linking can now be activated for individual 3rd-party OAuth connections. This allows for existing accounts to be accessed with 3rd-party connections like Sign in with Google when using the same email address, and vice versa.

Improved Passkey Naming

When a new passkey is created, the original passkey name displayed in the list of passkeys in the user profile is generated by Hanko Backend. Previously, all passkey names looked like "Passkeys-ABCDE", where "ABCDE" was the last characters of the random credential ID. From now on, the passkey names are based on the available information about the authenticator used to create the passkey, e.g. "iCloud Keychain", "Windows Hello" or "1Password", which improves the usability of the passkey list in the user profile.

What's Changed

• feat:add passcode.zh-CN.yaml for support chinese by @zhaoyii in #1219
• chore(deps): bump golang.org/x/crypto from 0.15.0 to 0.16.0 in /backend by @dependabot in #1225
• chore(deps): bump golang.org/x/oauth2 from 0.14.0 to 0.15.0 in /backend by @dependabot in #1226
• chore(deps): bump github.com/brianvoe/gofakeit/v6 from 6.24.0 to 6.25.0 in /backend by @dependabot in #1227
• feat(i18n): add italian translations by @riccardoperra in #1228
• Fixed typo by @FlxMgdnz in #1238
• chore(deps): bump github.com/go-webauthn/webauthn from 0.9.1 to 0.9.2 in /backend by @dependabot in #1232
• chore(deps): bump github.com/brianvoe/gofakeit/v6 from 6.25.0 to 6.26.0 in /backend by @dependabot in #1248
• chore(deps): bump github.com/nicksnyder/go-i18n/v2 from 2.2.2 to 2.3.0 in /backend by @dependabot in #1246
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.17 to 2.0.18 in /backend by @dependabot in #1243
• chore(deps-dev): bump vite from 4.4.9 to 4.4.12 in /frontend by @dependabot in #1247
• chore(deps): bump github.com/go-webauthn/webauthn from 0.9.2 to 0.9.4 in /backend by @dependabot in #1242
• fix: set cookie secure flag by @lfleischmann in #1250
• chore(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 in /backend by @dependabot in #1252
• chore(deps): bump github.com/brianvoe/gofakeit/v6 from 6.26.0 to 6.26.2 in /backend by @dependabot in #1257
• chore(deps): bump github.com/brianvoe/gofakeit/v6 from 6.26.2 to 6.26.3 in /backend by @dependabot in #1258
• chore(deps): bump follow-redirects from 1.15.2 to 1.15.4 in /frontend by @dependabot in #1286
• chore(deps): bump follow-redirects from 1.15.1 to 1.15.4 in /docs by @dependabot in #1285
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.18 to 2.0.19 in /backend by @dependabot in #1283
• chore(deps): bump golang.org/x/oauth2 from 0.15.0 to 0.16.0 in /backend by @dependabot in #1281
• chore(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /quickstart by @dependabot in #1268
• chore(deps): bump github.com/labstack/echo/v4 from 4.11.3 to 4.11.4 in /backend by @dependabot in #1272
• chore(deps): bump github.com/go-webauthn/webauthn from 0.9.4 to 0.10.0 in /backend by @dependabot in #1271
• chore(deps): bump github.com/brianvoe/gofakeit/v6 from 6.26.3 to 6.26.4 in /backend by @dependabot in #1287
• chore(deps): bump github.com/brianvoe/gofakeit/v6 from 6.26.4 to 6.27.0 in /backend by @dependabot in #1296
• chore(deps): bump github.com/go-playground/validator/v10 from 10.16.0 to 10.17.0 in /backend by @dependabot in #1293
• chore(deps): bump github.com/brianvoe/gofakeit/v6 from 6.27.0 to 6.28.0 in /backend by @dependabot in #1302
• chore(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0 in /backend by @dependabot in #1306
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.11 to 2.0.19 in /quickstart by @dependabot in #1305
• 1030 - Refactor SMTP settings to be outside of passcode config by @irby in #1121
• improve(passkeys): improve passkey naming by @shentschel in #1303
• chore(deps): bump github.com/nicksnyder/go-i18n/v2 from 2.3.0 to 2.4.0 in /backend by @dependabot in #1313
• chore(deps): bump github.com/opencontainers/runc from 1.1.5 to 1.1.12 in /backend by @dependabot in #1314
• chore(backend): update config json schema by @lfleischmann in #1318
• ci: enable dependabot version updates for actions by @lfleischmann in #1319
• fix: make samesite and domain attributes configurable for frontend sdk cookie by @lfleischmann in #1251
• chore(deps): bump actions/checkout from 3 to 4 by @dependabot in #1326
• chore(deps): bump docker/build-push-action from 4 to 5 by @dependabot in #1325
• chore(deps): bump actions/setup-go from 3 to 5 by @dependabot in #1324
• chore(deps): bump github.com/rs/zerolog from 1.31.0 to 1.32.0 in /backend by @dependabot in #1327
• chore(deps): bump github/codeql-action from 2 to 3 by @dependabot in #1322
• chore(deps): bump actions/setup-node from 3 to 4 by @dependabot in #1323
• chore(deps): bump docker/metadata-action from 4 to 5 by @dependabot in #1332
• chore(deps): bump docker/setup-qemu-action from 2 to 3 by @dependabot in #1331
• chore(deps): bump docker/setup-buildx-action from 2 to 3 by @dependabot in #1330
• chore(deps): bump docker/login-action from 2 to 3 by @dependabot in #1329
• chore(deps): bump actions/github-script from 6 to 7 by @dependabot in #1328
• chore(deps): bump golang.org/x/crypto from 0.18.0 to 0.19.0 in /backend by @dependabot in #1335
• feat: extend third-party account linking by @lfleischmann in #1316
• chore(deps): bump github.com/go-webauthn/webauthn from 0.10.0 to 0.10.1 in /backend by @dependabot in #1339
• chore(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 in /backend by @dependabot in #1338
• feat(webhooks): add webhooks by @shentschel in #1291
• chore(docs): add webhook docs by @shentschel in #1346
• chore: bump frontend versions to v0.10.0 by @lfleischmann in #1348
• ci: fix tag extraction pattern in docker publish workflow by @lfleischmann in #1350

New Contributors

• @zhaoyii made their first contribution in #1219
• @riccardoperra made their first contribution in #1228

Full Changelog: backend/v0.9.1...backend/v0.10.0

v0.9.1

Lots of small improvements and fixes in this one.

A big thank you to all contributors.

What's Changed

• #983 add instructions on how to run project locally with bare metal vs Docker by @irby in #1008
• feat(i18n): add pt-BR translation by @caioluis in #1090
• feat(i18n): add bn translation by @heysagnik in #1092
• Fix (1067): Allow Multiple Email Servers for Test Suites by @irby in #1093
• chore(deps): bump github.com/brianvoe/gofakeit/v6 from 6.23.2 to 6.24.0 in /backend by @dependabot in #1127
• chore(deps): bump github.com/nicksnyder/go-i18n/v2 from 2.2.1 to 2.2.2 in /backend by @dependabot in #1126
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.14 to 2.0.15 in /backend by @dependabot in #1117
• chore(deps): bump vue from 3.2.47 to 3.3.6 in /frontend by @dependabot in #1118
• docs: roadmap updates by @FlxMgdnz in #1129
• chore(deps): bump github.com/google/uuid from 1.3.0 to 1.3.1 in /backend by @dependabot in #1130
• chore(deps): bump github.com/russellhaering/goxmldsig from 1.3.0 to 1.4.0 in /backend by @dependabot in #1131
• chore(deps-dev): bump eslint from 8.47.0 to 8.52.0 in /frontend by @dependabot in #1132
• Publish backend binaries by @IgnisDa in #1135
• chore(deps): bump @types/react from 18.2.0 to 18.2.32 in /frontend by @dependabot in #1139
• docs: corrected minute grammatical errors in README.md by @alienishi in #1120
• chore(deps): bump github.com/google/uuid from 1.3.1 to 1.4.0 in /backend by @dependabot in #1146
• chore(deps): bump @angular/forms from 15.2.8 to 15.2.10 in /frontend by @dependabot in #1145
• Updated the name of Twitter in all the docs by @Arcturus22 in #1149
• fix: get session token from header for passcode finalization by @FreddyDevelop in #1124
• chore(deps): bump next from 13.2.3 to 14.0.1 in /frontend by @dependabot in #1154
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.15 to 2.0.16 in /backend by @dependabot in #1153
• chore(deps): bump github.com/docker/docker from 23.0.3+incompatible to 24.0.7+incompatible in /backend by @dependabot in #1151
• chore(deps): bump react-router-dom from 6.14.2 to 6.18.0 in /frontend by @dependabot in #1156
• chore(deps-dev): bump webpack-cli from 5.0.1 to 5.1.4 in /frontend by @dependabot in #1157
• chore(deps): bump jwks-rsa from 3.0.1 to 3.1.0 in /frontend by @dependabot in #1161
• Error message styling by @Esther-Lita in #1150
• chore: re-generate example.css file by @bjoern-m in #1162
• chore(deps): bump github.com/go-playground/validator/v10 from 10.15.5 to 10.16.0 in /backend by @dependabot in #1163
• chore(deps): bump golang.org/x/text from 0.13.0 to 0.14.0 in /backend by @dependabot in #1164
• chore(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 in /backend by @dependabot in #1165
• chore(deps): bump tslib from 2.5.0 to 2.6.2 in /frontend by @dependabot in #1166
• fix: reload the profile after passkey creation by @bjoern-m in #1172
• chore(deps): bump github.com/labstack/echo/v4 from 4.11.2 to 4.11.3 in /backend by @dependabot in #1177
• chore(deps): bump golang.org/x/crypto from 0.14.0 to 0.15.0 in /backend by @dependabot in #1184
• chore(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 in /backend by @dependabot in #1183
• chore(deps-dev): bump @vitejs/plugin-vue from 4.1.0 to 4.4.1 in /frontend by @dependabot in #1180
• feat(elements): inherit the justify-content property when using shadow… by @bjoern-m in #1182
• chore(deps): bump vue from 3.3.6 to 3.3.8 in /frontend by @dependabot in #1190
• chore(deps-dev): bump svelte-preprocess from 5.0.4 to 5.1.0 in /frontend by @dependabot in #1191
• chore(deps-dev): bump ts-jest from 29.0.5 to 29.1.1 in /frontend by @dependabot in #1194
• chore(deps-dev): bump jest-environment-jsdom from 29.6.1 to 29.7.0 in /frontend by @dependabot in #1193
• chore(deps-dev): bump css-loader from 6.7.3 to 6.8.1 in /frontend by @dependabot in #1196
• chore(docs): fix typo in backend Config.md by @kimar in #1195
• fix: typo by @testwill in #1201
• fix: fix user-import json schema by @FreddyDevelop in #1202
• chore(deps-dev): bump vue-tsc from 1.2.0 to 1.8.22 in /frontend by @dependabot in #1200
• chore(deps-dev): bump @vue/eslint-config-typescript from 11.0.3 to 12.0.0 in /frontend by @dependabot in #1199
• chore(dockerfile): update Node.js version for compatibility in Next.j… by @kenaqshal in #1206
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.16 to 2.0.17 in /backend by @dependabot in #1209
• chore(deps-dev): bump @vitejs/plugin-vue from 4.4.1 to 4.5.0 in /frontend by @dependabot in #1205
• chore(deps-dev): bump eslint-config-next from 12.3.4 to 14.0.3 in /frontend by @dependabot in #1204
• chore(deps): bump github.com/go-webauthn/webauthn from 0.8.6 to 0.9.1 in /backend by @dependabot in #1207
• chore(deps): bump @angular/core from 15.2.9 to 15.2.10 in /frontend by @dependabot in #1212

New Contributors

• @caioluis made their first contribution in #1090
• @heysagnik made their first contribution in #1092
• @alienishi made their first contribution in #1120
• @Arcturus22 made their first contribution in #1149
• @kimar made their first contribution in #1195
• @testwill made their first contribution in #1201
• @kenaqshal made their first contribution in #1206

Full Changelog: backend/v0.9.0...backend/v0.9.1

v0.9: SAML SSO, User Export

This release includes two exciting features that further expand the scope of Hanko:

SAML Enterprise SSO

• We've added support for external SAML identity providers (IdP). That means the Hanko login can now be configured to redirect email addresses of certain domains to connected SAML IdPs. This is useful for Hanko deployments targeting B2B scenarios where customers request the ability for their employees to sign in with their company-managed single sign-on (SSO) service such as Okta, Onelogin, Keycloak, and others.
• The SAML feature is implemented per domain, i.e. each SAML connection is associated with an email domain. Given a valid SAML connection for, e.g., example.com, each user that enters an @example.com email address into the username field of the hanko-auth element will be redirected to the respective SAML IdP. If the user can be authenticated by the IdP, they will get directed back to Hanko and a regular Hanko JWT will be issued.
• In the current implementation, all hanko-profile actions are still possible for SAML-provisioned users. That means that a SAML user can still create a passkey directly with the service running Hanko and will be able to use this passkey to authenticate without being redirected to the IdP. We are aware that this may not be the desired behavior and we're open to hear your thoughts moving forward.
• See the updated backend docs to learn about all new SAML config options.
• Thanks @shentschel for your work on this!

Important

We've introduced the /ee folder in the Hanko backend that has a different proprietary license for the code that handles SAML SSO connections. Self-hosting a Hanko production deployment that uses /ee code requires a commercial agreement with us. If the SAML feature is not used / configured, the code won't be executed and there's no risk of a license violation.

User Export

• In the same spirit of our existing user import feature, there's now a user export subcommand made available by Hanko backend.
• The exported data is in the same format / schema that's used for user import (i.e. exported Hanko data is importable to another Hanko without any modifications)
• Thanks @IgnisDa for your contribution!

What's Changed

• chore: remove sonatype lift config by @lfleischmann in #1079
• Guide on how to get user data by @Esther-Lita in #1028
• chore(deps): bump github.com/labstack/echo/v4 from 4.11.1 to 4.11.2 in /backend by @dependabot in #1083
• chore(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 in /quickstart by @dependabot in #1084
• chore: remove frontend-sdk dockerfile by @lfleischmann in #1087
• ci: remove docs auto deploy on backend tag by @lfleischmann in #1088
• added API link by @krishvsoni in #1082
• Add user export subcommand by @IgnisDa in #1097
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.13 to 2.0.14 in /backend by @dependabot in #1101
• Feature/saml by @shentschel in #1041
• chore(deps): bump @babel/traverse from 7.21.2 to 7.23.2 in /frontend by @dependabot in #1103

New Contributors

• @krishvsoni made their first contribution in #1082
• @shentschel made their first contribution in #1041

Full Changelog: https://github.com/teamhanko/hanko/compare/@teamhanko/[email protected]/v0.9.0

v0.8.4

This is another minor release containing new content for our docs (that have been migrated to Mintlify and their own repo in the meantime) and a few other neat changes:

Highlights

• Improved default styling for Hanko Elements by @Esther-Lita in #1036
• Shortened and simplified default texts in Hanko Elements (en only) by @FlxMgdnz in #1034
• Added translation for Simplified Chinese (zh) by @lfleischmann in #1022
• Fixed x-domain cookie lifetime to respect configured session lifetime by @lfleischmann in #1049

Other Changes

• chore(deps): bump github.com/go-playground/validator/v10 from 10.15.1 to 10.15.3 in /backend by @dependabot in #997
• chore(deps): bump golang.org/x/text from 0.12.0 to 0.13.0 in /backend by @dependabot in #1001
• chore(deps): bump golang.org/x/crypto from 0.12.0 to 0.13.0 in /backend by @dependabot in #1005
• chore(deps): bump github.com/invopop/jsonschema from 0.7.0 to 0.8.0 in /backend by @dependabot in #1010
• fix: public router adhere to LogHealthAndMetrics option by @FerdinandvHagen in #1014
• chore(deps): bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 in /backend by @dependabot in #1006
• Add tutorial section by @Ashutosh-Bhadauriya in #1016
• Add sveltekit guide by @Ashutosh-Bhadauriya in #995
• chore(deps): bump github.com/go-playground/validator/v10 from 10.15.3 to 10.15.4 in /backend by @dependabot in #1023
• docs: added the python backend guide by @Chigala in #981
• Fix: remove note by @Ashutosh-Bhadauriya in #1026
• Added the Hanko Cloud video tutorial to the Docs by @Esther-Lita in #1025
• feat(docs): add github embeds by @jankal in #1037
• Update community link by @Ashutosh-Bhadauriya in #1038
• chore(deps): bump github.com/invopop/jsonschema from 0.8.0 to 0.9.0 in /backend by @dependabot in #1033
• chore(deps): bump github.com/rs/zerolog from 1.30.0 to 1.31.0 in /backend by @dependabot in #1040
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.12 to 2.0.13 in /backend by @dependabot in #1044
• Update README.md by @FlxMgdnz in #1042
• chore(deps): bump github.com/invopop/jsonschema from 0.9.0 to 0.10.0 in /backend by @dependabot in #1043
• fix: create volume dynamically in x domain kind cluster by @lfleischmann in #1046
• chore(deps): bump github.com/go-playground/validator/v10 from 10.15.4 to 10.15.5 in /backend by @dependabot in #1055
• chore(deps): bump github.com/invopop/jsonschema from 0.10.0 to 0.11.0 in /backend by @dependabot in #1056
• docs: fix typo in README.md by @eltociear in #1052
• chore(deps): bump postcss from 8.4.19 to 8.4.31 in /docs by @dependabot in #1059
• fix: Change passkey wording, update Save a passkey to Create a passkey and Add passkey to Create a passkey by @vishalkhoje in #1053
• chore(deps): bump github.com/invopop/jsonschema from 0.11.0 to 0.12.0 in /backend by @dependabot in #1060
• chore(deps): bump golang.org/x/crypto from 0.13.0 to 0.14.0 in /backend by @dependabot in #1064
• chore(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 in /backend by @dependabot in #1066
• fix: typo in doc urls by @amjed-ali-k in #1068
• Backfill unit tests for Email Handler Create by @irby in #1071
• Allow starting hanko without config file by @IgnisDa in #1039
• Create Nextjs.mdx by @Esther-Lita in #1019
• chore(examples-fresh): bump up fresh v1.4.3 by @ryuapp in #1050
• fix(frontend-sdk): fix export types by @amjed-ali-k in #1076

New Contributors

• @FerdinandvHagen made their first contribution in #1014
• @Chigala made their first contribution in #981
• @Esther-Lita made their first contribution in #1025
• @jankal made their first contribution in #1037
• @eltociear made their first contribution in #1052
• @vishalkhoje made their first contribution in #1053
• @amjed-ali-k made their first contribution in #1068
• @ryuapp made their first contribution in #1050

Full Changelog: backend/v0.8.3...backend/v0.8.4

v0.8.3

This minor release brings some new and handy features, most importantly:

• New user self-service sign up can be disabled (thanks @irby)
• The admin API allows creating new users (especially useful if new user signups are disabled)
• Both the admin and public APIs now serve a simple static status page on /

What's Changed

• chore(deps): bump github.com/rs/zerolog from 1.29.1 to 1.30.0 in /backend by @dependabot in #942
• fix: make passcode email optional in backend config schema by @lfleischmann in #946
• feat: check webauthn session data expiry by @lfleischmann in #944
• chore(deps): bump github.com/brianvoe/gofakeit/v6 from 6.23.0 to 6.23.1 in /backend by @dependabot in #949
• ci: exempt EPIC labeled issues from stale workflow by @lfleischmann in #950
• chore(deps): bump @types/react-dom from 18.0.11 to 18.2.7 in /frontend by @dependabot in #922
• chore(deps): bump golang.org/x/text from 0.11.0 to 0.12.0 in /backend by @dependabot in #952
• Add configuration to disable user registration by @irby in #947
• chore(deps): bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 in /backend by @dependabot in #954
• fix: angular example by @rishi-raj-jain in #943
• chore(deps): bump github.com/go-playground/validator/v10 from 10.14.1 to 10.15.0 in /backend by @dependabot in #956
• Update roadmap by @FlxMgdnz in #957
• chore(deps): bump github.com/go-webauthn/webauthn from 0.8.2 to 0.8.6 in /backend by @dependabot in #925
• chore(deps): bump github.com/labstack/echo/v4 from 4.10.2 to 4.11.1 in /backend by @dependabot in #914
• chore(deps): bump @denysvuika/preact-translate from 0.4.1 to 0.5.0 in /frontend by @dependabot in #830
• chore(deps): bump github.com/labstack/echo-jwt/v4 from 4.1.0 to 4.2.0 in /backend by @dependabot in #787
• chore(deps-dev): bump karma from 6.4.1 to 6.4.2 in /frontend by @dependabot in #958
• ci: remove stale workflow by @lfleischmann in #959
• chore(deps-dev): bump svelte-preprocess from 4.10.7 to 5.0.4 in /frontend by @dependabot in #915
• chore(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.11 to 2.0.12 in /backend by @dependabot in #963
• chore(deps-dev): bump eslint-config-prettier from 8.6.0 to 9.0.0 in /frontend by @dependabot in #964
• chore(deps-dev): bump vite from 4.3.9 to 4.4.9 in /frontend by @dependabot in #965
• feat: add status page by @lfleischmann in #961
• Feat add create user admin endpoint by @FreddyDevelop in #966
• chore(deps): bump github.com/go-playground/validator/v10 from 10.15.0 to 10.15.1 in /backend by @dependabot in #972
• [DOCS] Add fullstack section and update nextjs guide by @Ashutosh-Bhadauriya in #971
• chore(deps): bump github.com/jackc/pgconn from 1.14.0 to 1.14.1 in /backend by @dependabot in #974

New Contributors

• @rishi-raj-jain made their first contribution in #943
• @Ashutosh-Bhadauriya made their first contribution in #971

Full Changelog: backend/v0.8.2...backend/v0.8.3

v0.8.2

Another minor release with some fixes and improvements.

What's Changed

• fix: don't set cookie when jwt is set in header by @lfleischmann in #929
• fix: only set prefilledEmail when email input is empty by @FreddyDevelop in #932
• ci: introduce stale issue workflow by @tungbq in #934
• fix: hanko-elements uses wrong frontend-sdk version by @bjoern-m in #937
• Update README.md by @FlxMgdnz in #939
• feat: generate more accurate backend config jsonschema by @lfleischmann in #941
• chore: frontend version bump by @FreddyDevelop in #938

New Contributors

• @tungbq made their first contribution in #934

Full Changelog: backend/v0.8.1...backend/v0.8.2

v0.8.1

Small release containing some minor features and bugfixes.

What's Changed

• chore: remove the -beta from the fronend versions. The prerelease is … by @like-a-bause in #892
• Fix audit logger improvements by @FreddyDevelop in #888
• Feat let cookie name be changed by @FreddyDevelop in #885
• chore(deps): bump github.com/brianvoe/gofakeit/v6 from 6.22.0 to 6.23.0 in /backend by @dependabot in #895
• chore(deps-dev): bump @typescript-eslint/parser from 5.59.1 to 5.62.0 in /frontend by @dependabot in #896
• Attribute to pre-fill the email address by @bjoern-m in #889
• chore(deps): bump golang.org/x/oauth2 from 0.9.0 to 0.10.0 in /backend by @dependabot in #894
• chore(deps): bump semver from 5.7.1 to 5.7.2 in /docs by @dependabot in #898
• chore(deps): bump semver from 5.7.1 to 5.7.2 in /frontend by @dependabot in #897
• chore(deps-dev): bump @rushstack/eslint-patch from 1.2.0 to 1.3.2 in /frontend by @dependabot in #859
• Update README.md by @like-a-bause in #900
• feat: add option to use a url to the user import file by @FreddyDevelop in #901
• chore(deps-dev): bump karma-coverage from 2.2.0 to 2.2.1 in /frontend by @dependabot in #903
• fix(hanko-elements): translations shown when lang attribute is missing by @bjoern-m in #907
• chore(deps-dev): bump jest-environment-jsdom from 29.5.0 to 29.6.1 in /frontend by @dependabot in #908
• chore(deps-dev): bump jasmine-core from 4.5.0 to 4.6.0 in /frontend by @dependabot in #910
• chore(deps-dev): bump turbo from 1.10.2 to 1.10.7 in /frontend by @dependabot in #902
• chore(deps-dev): bump @types/jasmine from 4.3.1 to 4.3.5 in /frontend by @dependabot in #912
• docs(api-spec): fix wrong type of transports for webauthn reg finaliz… by @lfleischmann in #919
• chore(deps): bump react-router-dom from 6.10.0 to 6.14.2 in /frontend by @dependabot in #916
• chore(deps): bump word-wrap from 1.2.3 to 1.2.4 in /frontend by @dependabot in #921
• chore(deps): bump word-wrap from 1.2.3 to 1.2.4 in /e2e by @dependabot in #920
• fix: fix user import via url by @FreddyDevelop in #906
• feat: make user verification configurable, preferred as default by @lfleischmann in #909
• fix(deploy): set correct webauthn settings in k8s x-domain config by @lfleischmann in #924

Full Changelog: backend/v0.8.0...backend/v0.8.1