Releases: dexidp/dex
v2.2.0 Dex API release
v2.41.1
What's Changed
Bug Fixes 🐛
- Fix ldap connection error: network unreachable @nabokihms in #3677
- Fix gomplate fork/exec error for distroless images by @nabokihms in #3684
Full Changelog: v2.41.0...v2.41.1
v2.41.0
What's Changed
Exciting New Features 🎉
- Enrich Dex logs with real IP and request ID by @nabokihms in #3661
- gRPC Connectors API by @twoojoo in #3245
Important
Connectors API is disabled by default. Set the DEX_API_CONNECTORS_CRUD=true
env variable to enable the feature.
Enhancements 🚀
- Prevent double clicking of the submit button on login by @pcorliss in #3554
- Gracefully handle no args being passed to entrypoint by @rgmz in #3589
- New Prometheus metrics build_info by @nlamirault in #3558
- Always retrieve github emails when
preferredEmailDomain
is set by @thesuperzapper in #3584 - Propagate http.Client to JWT verifier for OIDC connector by @jack-r-warren in #3641
- Fix the broken link to v2 page by @tuladhar in #3648
- Add regex for oidc group matching by @jacksonargo in #3063
Bug Fixes 🐛
- Remove additional features and add a feature flag instead by @nabokihms in #3663
Dependency Updates ⬆️
- build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 in /examples by @dependabot in #3582
- build(deps): bump actions/attest-build-provenance from 1.1.2 to 1.3.1 by @dependabot in #3580
- build(deps): bump github/codeql-action from 3.25.7 to 3.25.12 by @dependabot in #3619
- build(deps): bump actions/dependency-review-action from 4.3.2 to 4.3.4 by @dependabot in #3618
- build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 by @dependabot in #3617
- build(deps): bump aquasecurity/trivy-action from 0.21.0 to 0.24.0 by @dependabot in #3615
- build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /examples in the go_modules group by @dependabot in #3612
- build(deps): bump distroless/static-debian12 from
e9ac71e
to8dd8d3c
by @dependabot in #3604 - build(deps): bump docker/build-push-action from 5.3.0 to 6.3.0 by @dependabot in #3603
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0 in /examples by @dependabot in #3609
- build(deps): bump golang.org/x/net from 0.25.0 to 0.27.0 by @dependabot in #3606
- build(deps): bump golang.org/x/crypto from 0.23.0 to 0.25.0 by @dependabot in #3605
- build(deps): bump alpine from 3.20.0 to 3.20.1 by @dependabot in #3591
- build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 in /examples by @dependabot in #3600
- build(deps): bump golang.org/x/oauth2 from 0.20.0 to 0.21.0 by @dependabot in #3567
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0 by @dependabot in #3627
- build(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #3621
- build(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0 by @dependabot in #3625
- build(deps): bump actions/attest-build-provenance from 1.3.1 to 1.3.3 by @dependabot in #3624
- build(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2 by @dependabot in #3631
- build(deps): bump anchore/sbom-action from 0.16.0 to 0.17.0 by @dependabot in #3630
- build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.3 by @dependabot in #3626
- build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in #3622
- build(deps): bump docker/build-push-action from 6.3.0 to 6.4.0 by @dependabot in #3623
- build(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by @dependabot in #3629
- build(deps): bump github.com/AppsFlyer/go-sundheit from 0.5.0 to 0.5.1 by @dependabot in #3635
- build(deps): bump docker/build-push-action from 6.4.0 to 6.4.1 by @dependabot in #3633
- build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 by @dependabot in #3634
- Update dependencies before Dex v2.41 by @nabokihms in #3637
- build(deps): bump alpine from 3.20.1 to 3.20.2 by @dependabot in #3647
- build(deps): bump google.golang.org/api from 0.182.0 to 0.189.0 by @dependabot in #3646
- build(deps): bump github/codeql-action from 3.25.12 to 3.25.14 by @dependabot in #3651
- build(deps): bump actions/upload-artifact from 3.1.3 to 4.3.4 by @dependabot in #3607
- build(deps): bump golang from
8c9183f
to0d3653d
by @dependabot in #3657 - FIx CVE before Dex v2.41 by @nabokihms in #3653
- Bump gomplate 4.0.1 by @MoeBensu in #3652
- build(deps): bump github.com/AppsFlyer/go-sundheit from 0.5.1 to 0.6.0 by @dependabot in #3655
- build(deps): bump docker/setup-buildx-action from 3.4.0 to 3.6.1 by @dependabot in #3658
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.14 to 3.5.15 by @dependabot in #3639
- build(deps): bump docker/setup-qemu-action from 3.1.0 to 3.2.0 by @dependabot in #3645
- build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #3656
- build(deps): bump docker/build-push-action from 6.4.1 to 6.5.0 by @dependabot in #3643
- build(deps): bump docker/login-action from 3.2.0 to 3.3.0 by @dependabot in #3644
- build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.3 to 4.0.4 by @dependabot in #3666
- build(deps): bump google.golang.org/api from 0.189.0 to 0.190.0 by @dependabot in #3667
- build(deps): bump actions/attest-build-provenance from 1.3.3 to 1.4.0 by @dependabot in #3665
- Bump ent v0.14.0 by @nabokihms in #3670
- build(deps): bump github/codeql-action from 3.25.14 to 3.25.15 by @dependabot in #3664
New Contributors
- @pcorliss made their first contribution in #3554
- @rgmz made their first contribution in #3589
- @nlamirault made their first contribution in #3558
- @thesuperzapper made their first contribution in #3584
- @twoojoo made their first contribution in #3245
- @jack-r-warren made their first contribution in #3641
- @tuladhar made their first contribution in #3648
- @MoeBensu made their first contribution in #3652
- @jacksonargo made their first contribution in #3063
Full Changelog: v2.40.0...v2.41.0
v2.40.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.40.0
Know before update
Important
Dex migrated to the log/slog for logging. Both text and json log format outputs changed.
The change can affect users, that import Dex as a library in their projects.
What's Changed
Exciting New Features 🎉
- Add introspect endpoint to introspect access & refresh token by @supercairos in #3404
- Use log/slog for structured logging by @seankhliao in #3502
Enhancements 🚀
- Add support for configurable prompt type for Google connector by @abhisek in #3475
- Google: Implement groups fetch by default service account from metadata (support for GKE workload identity) by @vsychov in #2989
- OIDC connector option to override jwksURI by @sohgaura in #3543
- Allow domain names or IDs in keystone connector by @cardoe in #3506
Bug Fixes 🐛
- Fix function names in comment by @mountcount in #3464
- Fix slight grammar errors. by @adeinega in #3538
Dependency Updates ⬆️
- build(deps): bump google.golang.org/api from 0.172.0 to 0.179.0 by @dependabot in #3516
- build(deps): bump golang from 1.22.2-alpine3.18 to 1.22.3-alpine3.18 by @dependabot in #3514
- build(deps): bump aquasecurity/trivy-action from 0.18.0 to 0.20.0 by @dependabot in #3512
- build(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 in /examples by @dependabot in #3508
- build(deps): bump anchore/sbom-action from 0.15.9 to 0.15.11 by @dependabot in #3497
- build(deps): bump golang.org/x/net from 0.20.0 to 0.23.0 in /api/v2 in the go_modules group by @dependabot in #3483
- build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @dependabot in #3472
- build(deps): bump distroless/static-debian12 from
42c8865
toe9ac71e
by @dependabot in #3469 - build(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #3462
- build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.1 in /api/v2 by @dependabot in #3510
- build(deps): bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 by @dependabot in #3526
- build(deps): bump google.golang.org/api from 0.179.0 to 0.180.0 by @dependabot in #3525
- build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.2 by @dependabot in #3524
- build(deps): bump helm/kind-action from 1.9.0 to 1.10.0 by @dependabot in #3523
- build(deps): bump github/codeql-action from 3.24.10 to 3.25.4 by @dependabot in #3522
- build(deps): bump mheap/github-action-required-labels from 5.4.0 to 5.4.1 by @dependabot in #3521
- build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #3520
- build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /api/v2 by @dependabot in #3465
- build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /examples by @dependabot in #3460
- build(deps): bump alpine from 3.19.1 to 3.20.0 by @dependabot in #3547
- build(deps): bump anchore/sbom-action from 0.15.11 to 0.16.0 by @dependabot in #3545
- build(deps): bump github/codeql-action from 3.25.4 to 3.25.6 by @dependabot in #3544
- build(deps): bump actions/checkout from 4.1.2 to 4.1.6 by @dependabot in #3542
- build(deps): bump google.golang.org/api from 0.180.0 to 0.181.0 by @dependabot in #3541
- build(deps): bump golang from
4531927
toff6ab2b
by @dependabot in #3536 - build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #3534
- build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.1 to 4.0.2 by @dependabot in #3531
- build(deps): bump github.com/beevik/etree from 1.3.0 to 1.4.0 by @dependabot in #3530
- build(deps): bump google.golang.org/grpc from 1.63.2 to 1.64.0 in /examples by @dependabot in #3535
- build(deps): bump docker/login-action from 3.1.0 to 3.2.0 by @dependabot in #3551
- build(deps): bump golang from
ff6ab2b
tod1a601b
by @dependabot in #3550 - build(deps): bump aquasecurity/trivy-action from 0.20.0 to 0.21.0 by @dependabot in #3552
- Bump google.golang.org/grpc to v1.64.0 by @nabokihms in #3553
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.13 to 3.5.14 by @dependabot in #3555
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.13 to 3.5.14 by @dependabot in #3556
- build(deps): bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #3561
- Bump gomplate 3.11.8 by @nabokihms in #3565
New Contributors
- @elehcim made their first contribution in #3474
- @abhisek made their first contribution in #3475
- @mountcount made their first contribution in #3464
- @adeinega made their first contribution in #3538
- @sohgaura made their first contribution in #3543
- @cardoe made their first contribution in #3506
Full Changelog: v2.39.1...v2.40.0
v2.39.1
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.39.1
Bug Fixes 🐛
-
Update max length of Kubernetes object to fit Kubernetes policy by @RomanenkoDenys in #3439 (fix regression for Kubernetes storage)
-
Do not escape password for LDAP connectors by @nabokihms in #3470 (changes introduced in v2.39.0 were reverted)
v2.39.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.39.0
Know before update
Warning
The validation of username and password in the LDAP connector is much more strict now.
As of today, Dex uses the EscapeFilter
function to check for special characters in credentials and prevent injections by denying such requests.
the special characters in the set
()*\
and those out of the range 0 < c < 0x80, as defined in RFC4515
What's Changed
Enhancements 🚀
- Also set the username in authproxy connector by @ppacher in #3307
- Log failed login attempt by @i-amelia in #2454
- Update ent by @sagikazarmark in #3379
- Add sanitizer to LDAP account and password by @hsinhoyeh in #3372
- Add headers control to Dex web server by @nabokihms in #3339
- OIDC connector: Allow specifying empty prompt type by @nabokihms in #3373
- Set read-only permissions to the check job by @nabokihms in #3415
Bug Fixes 🐛
- Use the correct token type for userInfo requests while Token Exchange by @MrDeerly in #3336
- Do not evaluate skipApproval on the approval page by @MM53 in #3086
Dependency Updates ⬆️
- build(deps): bump anchore/sbom-action from 0.15.5 to 0.15.6 by @dependabot in #3314
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.19 to 1.14.22 by @dependabot in #3328
- build(deps): bump github/codeql-action from 3.23.1 to 3.24.0 by @dependabot in #3327
- build(deps): bump anchore/sbom-action from 0.15.6 to 0.15.8 by @dependabot in #3325
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.11 to 3.5.12 by @dependabot in #3323
- build(deps): bump google.golang.org/api from 0.157.0 to 0.161.0 by @dependabot in #3317
- build(deps): bump alpine from 3.19.0 to 3.19.1 by @dependabot in #3311
- build(deps): bump golang from
3bd4475
to3354c3a
by @dependabot in #3310 - build(deps): bump mheap/github-action-required-labels from 5.1.0 to 5.2.0 by @dependabot in #3308
- build(deps): bump sigstore/cosign-installer from 3.2.0 to 3.4.0 by @dependabot in #3324
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.11 to 3.5.12 by @dependabot in #3321
- build(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 in /examples by @dependabot in #3340
- build(deps): bump tonistiigi/xx from 1.3.0 to 1.4.0 by @dependabot in #3333
- build(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 by @dependabot in #3341
- build(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 in /examples by @dependabot in #3352
- build(deps): bump distroless/static from
9be3fcc
toa43abc8
by @dependabot in #3350 - build(deps): bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 by @dependabot in #3332
- build(deps): bump docker/metadata-action from 5.5.0 to 5.5.1 by @dependabot in #3330
- build(deps): bump mheap/github-action-required-labels from 5.2.0 to 5.3.0 by @dependabot in #3347
- build(deps): bump helm/kind-action from 1.8.0 to 1.9.0 by @dependabot in #3345
- build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @dependabot in #3360
- build(deps): bump google.golang.org/api from 0.161.0 to 0.165.0 by @dependabot in #3355
- build(deps): bump actions/dependency-review-action from 4.0.0 to 4.1.0 by @dependabot in #3359
- build(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 by @dependabot in #3377
- build(deps): bump google.golang.org/api from 0.165.0 to 0.167.0 by @dependabot in #3376
- build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in #3375
- build(deps): bump distroless/static from
a43abc8
to072d78b
by @dependabot in #3374 - build(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 in /examples by @dependabot in #3368
- build(deps): bump actions/dependency-review-action from 4.1.0 to 4.1.3 by @dependabot in #3363
- build(deps): bump haya14busa/action-cond from 1.1.1 to 1.2.1 by @dependabot in #3346
- build(deps): bump golang from 1.21.6-alpine3.18 to 1.22.0-alpine3.18 by @dependabot in #3334
- build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 by @dependabot in #3367
- build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 in /api/v2 by @dependabot in #3365
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 by @dependabot in #3405
- build(deps): bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0 by @dependabot in #3380
- build(deps): bump golang from 1.22.0-alpine3.18 to 1.22.1-alpine3.18 by @dependabot in #3398
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 in /examples by @dependabot in #3406
- build(deps): bump google.golang.org/api from 0.167.0 to 0.169.0 by @dependabot in #3407
- Update jose by @nabokihms in #3409
- build(deps): bump distroless/static from
072d78b
to9235ad9
by @dependabot in #3381 - build(deps): bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in #3382
- build(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 by @dependabot in #3384
- build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in #3386
- build(deps): bump anchore/sbom-action from 0.15.8 to 0.15.9 by @dependabot in #3397
- build(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 by @dependabot in #3393
- build(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 in /examples by @dependabot in #3394
- build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 in /examples by @dependabot in #3401
- build(deps): bump github.com/go-sql-driver/mysql from 1.7.1 to 1.8.0 by @dependabot in #3414
- build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by @dependabot in #3413
- build(deps): bump distroless/static from
9235ad9
to7e5c6a2
by @dependabot in #3410 - build(deps): bump docker/build-push-action from 5.1.0 to 5.2.0 by @dependabot in #3411
- build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 by @dependabot in #3412
- build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot in #3389
- build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #3417
- build(deps): bump github/codeql-action from 3.24.6 to 3.24.8 by @dependabot in #3422
- build(deps): bump google.golang.org/api from 0.169.0 to 0.171.0 by @dependabot in #3426
- build(deps): bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #3418
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 in /examples by @dependabot in #3424
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 by @dependabot in #3425
- build(deps): bump docker/build-push-action from 5.2.0 to 5.3.0 by @dependabot in #3420
- build(deps): bump golang from
010f3b3
toede158f
by @dependabot in #3421 - build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 in /api/v2 by @dependabot in #3399
- build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 in /api/v2 by @dependabot in #3400
New Contributors
- @ppacher made their first contribution in #3307
- @MrDeerly made their first contribution in #3336
- @i-amelia made their first contribution in #2454
- @hsinhoyeh made their first contribution in #3372
Full Changelog: v2.38.0...v2.39.0
v2.38.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.38.0
What's Changed
Exciting New Features 🎉
- RFC 8693 OAuth 2.0 Token Exchange by @seankhliao in #2806
Enhancements 🚀
- include granttypes in example config by @seankhliao in #3027
- Add GetClient grpc service by @marcofranssen in #2972
- feat: Update response_types_supported to allow multiple-valued response type combinations by @Cedric-Magnan in #2521
- verify access tokens by checking getuserinfo during a token exchange by @seankhliao in #3031
- Store offline sessions only if they were requested by the user by @MM53 in #3125
- Minimalistic support for group filtering in oidc connector by @mdpradeep in #3074
- feat(connector/microsoft): support custom api and graph URLs by @sagikazarmark in #3084
- Composite claims in OIDC connector by @Oded-B in #3056
- Add support for extra claims to authproxy connector by @mkjpryor in #2851
- Add support for linux/s390x by @lysliu in #3189
- Override OIDC provider discovered claims by @nabokihms in #3267
- Bump gomplate to v3.11.7 by @nabokihms in #3293
- Introduce a dedicated pkg for featureflags by @nabokihms in #3278
- Sign container images by @nabokihms in #3269
- Add context to storage's Create endpoints by @PumpkinSeed in #2935
- feat: add TLS versions configuration by @tuminoid in #3303
Bug Fixes 🐛
- Fix etcd device requests by @MM53 in #3119
- Fix lint errors after merging AllowedHeaders feature by @nabokihms in #3247
- Propagate Dex version from build args by @nabokihms in #3276
Dependency Updates ⬆️
- build(deps): bump golang.org/x/net from 0.11.0 to 0.12.0 by @dependabot in #3036
- build(deps): bump google.golang.org/api from 0.129.0 to 0.130.0 by @dependabot in #3034
- build(deps): bump golang.org/x/crypto from 0.10.0 to 0.11.0 by @dependabot in #3035
- build(deps): bump helm/kind-action from 1.7.0 to 1.8.0 by @dependabot in #3041
- build(deps): bump google.golang.org/api from 0.130.0 to 0.134.0 by @dependabot in #3054
- build(deps): bump docker/setup-buildx-action from 2.8.0 to 2.9.1 by @dependabot in #3043
- build(deps): bump github/codeql-action from 2.20.1 to 2.21.2 by @dependabot in #3057
- build(deps): bump google.golang.org/grpc from 1.56.1 to 1.57.0 by @dependabot in #3055
- build(deps): bump google.golang.org/protobuf from 1.30.0 to 1.31.0 in /api/v2 by @dependabot in #3021
- build(deps): bump google.golang.org/grpc from 1.55.0 to 1.57.0 in /api/v2 by @dependabot in #3053
- build(deps): bump golang.org/x/net from 0.12.0 to 0.13.0 by @dependabot in #3060
- build(deps): bump google.golang.org/api from 0.134.0 to 0.138.0 by @dependabot in #3079
- build(deps): bump actions/dependency-review-action from 3.0.6 to 3.0.8 by @dependabot in #3078
- build(deps): bump github/codeql-action from 2.21.2 to 2.21.4 by @dependabot in #3076
- build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in #3071
- build(deps): bump alpine from 3.18.2 to 3.18.3 by @dependabot in #3069
- build(deps): bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 by @dependabot in #3090
- build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #3099
- build(deps): bump docker/setup-buildx-action from 2.9.1 to 3.0.0 by @dependabot in #3104
- build(deps): bump actions/checkout from 3.5.3 to 4.1.0 by @dependabot in #3117
- build(deps): bump alpine from 3.18.3 to 3.18.4 by @dependabot in #3130
- build(deps): bump github/codeql-action from 2.21.4 to 2.21.9 by @dependabot in #3127
- build(deps): bump google.golang.org/api from 0.138.0 to 0.143.0 by @dependabot in #3121
- build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 by @dependabot in #3116
- build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 in /api/v2 by @dependabot in #3115
- build(deps): bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 by @dependabot in #3132
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.5 to 3.4.6 by @dependabot in #3133
- build(deps): bump docker/login-action from 2.2.0 to 3.0.0 by @dependabot in #3134
- build(deps): bump docker/build-push-action from 4.1.1 to 5.0.0 by @dependabot in #3135
- build(deps): bump docker/metadata-action from 4.6.0 to 5.0.0 by @dependabot in #3136
- build(deps): bump actions/dependency-review-action from 3.0.8 to 3.1.0 by @dependabot in #3137
- build(deps): bump docker/setup-qemu-action from 2.2.0 to 3.0.0 by @dependabot in #3138
- build(deps): bump google.golang.org/api from 0.143.0 to 0.147.0 by @dependabot in #3152
- build(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot in #3155
- build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in #3154
- build(deps): bump github/codeql-action from 2.21.9 to 2.22.3 by @dependabot in #3153
- build(deps): bump tonistiigi/xx from 1.2.1 to 1.3.0 by @dependabot in #3161
- build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #3159
- build(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @dependabot in #3157
- build(deps): bump golang.org/x/net from 0.7.0 to 0.17.0 in /examples by @dependabot in #3151
- build(deps): bump google.golang.org/api from 0.147.0 to 0.148.0 by @dependabot in #3163
- build(deps): bump golang.org/x/net from 0.12.0 to 0.17.0 in /api/v2 by @dependabot in #3150
- Bump Go 1.21 by @nabokihms in #3165
- build(deps): bump google.golang.org/grpc from 1.58.2 to 1.59.0 in /api/v2 by @dependabot in #3158
- Bump ent (v0.12.4) and example app dependencies by @nabokihms in #3166
- build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0 by @dependabot in #3167
- build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in #3168
- build(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 by @dependabot in #3169
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.9 to 3.5.11 by @dependabot in #3216
- build(deps): bump golang from 1.21.3-alpine3.18 to 1.21.5-alpine3.18 by @dependabot in #3213
- build(deps): bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 by @dependabot in #3181
- build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #3182
- build(deps): bump docker/build-push-action from 5.0.0 to 5.1.0 by @dependabot in #3198
- build(deps): bump anchore/sbom-action from 0.14.3 to 0.15.1 by @dependabot in #3210
- build(deps): bump aquasecurity/trivy-action from 0.12.0 to 0.16.0 by @dependabot in #3219
- build(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.4 by @dependabot in #3206
- Bump golangci-lint 1.55.2 by @nabokihms in #3232
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.17 to 1.14.19 by @dependabot in #3226
- build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 by @dependabot in #3228
- build(deps): bump alpine from 3.18.4 to 3.19.0 by @dependabot in #3214
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @dependabot in #3201
- build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /examples by @dependabot in #3229
- build(deps)...
v2.37.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.37.0
What's Changed
Exciting New Features 🎉
- TLS cert reloader by @seankhliao in #2964
Enhancements 🚀
- Add xx to cross-compile binaries in Docker by @sagikazarmark in #2898
- Spelling by @jsoref in #2919
- LDAP case-insensitive DN attribute by @nabokihms in #2829
- Utilize native git diff --exit-code by @marcofranssen in #2981
- Google: Add Support for Multiple Admin Emails to Retrieve Group Lists by @vsychov in #2911
Bug Fixes 🐛
- Do not skip approval screen by default by @nabokihms in #2897
- Fail if OIDC config contains hosted domains by @nabokihms in #2937
Dependency Updates ⬆️
- build(deps): bump alpine from 3.17.2 to 3.17.3 by @dependabot in #2879
- build(deps): bump mheap/github-action-required-labels from 3 to 4 by @dependabot in #2881
- build(deps): bump google.golang.org/grpc from 1.53.0 to 1.54.0 by @dependabot in #2873
- build(deps): bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 by @dependabot in #2892
- build(deps): bump golang from 1.20.2-alpine3.16 to 1.20.3-alpine3.16 by @dependabot in #2884
- build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0 by @dependabot in #2885
- build(deps): bump aquasecurity/trivy-action from 0.9.2 to 0.10.0 by @dependabot in #2905
- build(deps): bump github.com/prometheus/client_golang from 1.14.0 to 1.15.0 by @dependabot in #2900
- build(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 by @dependabot in #2891
- build(deps): bump github.com/russellhaering/goxmldsig from 1.3.0 to 1.4.0 by @dependabot in #2920
- build(deps): bump golang from 1.20.3-alpine3.16 to 1.20.4-alpine3.16 by @dependabot in #2924
- build(deps): bump github.com/lib/pq from 1.10.7 to 1.10.9 by @dependabot in #2922
- build(deps): bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 by @dependabot in #2929
- build(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 by @dependabot in #2932
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.7 to 3.5.8 by @dependabot in #2899
- build(deps): bump github.com/beevik/etree from 1.1.0 to 1.1.4 by @dependabot in #2939
- build(deps): bump github.com/go-sql-driver/mysql from 1.7.0 to 1.7.1 by @dependabot in #2938
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.8 to 3.5.9 by @dependabot in #2946
- build(deps): bump github/codeql-action from 2.3.1 to 2.3.3 by @dependabot in #2943
- build(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2 by @dependabot in #2942
- build(deps): bump alpine from 3.17.3 to 3.18.0 by @dependabot in #2930
- build(deps): bump google.golang.org/grpc from 1.53.0 to 1.55.0 in /api/v2 by @dependabot in #2927
- build(deps): bump google.golang.org/api from 0.114.0 to 0.122.0 by @dependabot in #2931
- build(deps): bump entgo.io/ent from 0.11.10 to 0.12.3 by @dependabot in #2923
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.7 to 3.5.9 by @dependabot in #2944
- build(deps): bump github.com/prometheus/client_golang from 1.15.0 to 1.15.1 by @dependabot in #2945
- build(deps): bump helm/kind-action from 1.5.0 to 1.7.0 by @dependabot in #2956
- build(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 by @dependabot in #2957
- build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 by @dependabot in #2949
- build(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 by @dependabot in #2948
- build(deps): bump google.golang.org/api from 0.122.0 to 0.123.0 by @dependabot in #2959
- build(deps): bump github.com/beevik/etree from 1.1.4 to 1.2.0 by @dependabot in #2947
- build(deps): bump github/codeql-action from 2.3.3 to 2.3.5 by @dependabot in #2970
- build(deps): bump google.golang.org/api from 0.123.0 to 0.124.0 by @dependabot in #2968
- build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @dependabot in #2958
- build(deps): bump aquasecurity/trivy-action from 0.10.0 to 0.11.0 by @dependabot in #2984
- build(deps): bump github/codeql-action from 2.3.5 to 2.3.6 by @dependabot in #2982
- build(deps): bump actions/dependency-review-action from 3.0.4 to 3.0.6 by @dependabot in #2978
- build(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 by @dependabot in #2983
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.16 to 1.14.17 by @dependabot in #2979
- build(deps): bump google.golang.org/api from 0.124.0 to 0.125.0 by @dependabot in #2976
- build(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @dependabot in #2977
- build(deps): bump docker/login-action from 2.1.0 to 2.2.0 by @dependabot in #2987
- build(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0 by @dependabot in #2985
- build(deps): bump docker/metadata-action from 4.4.0 to 4.5.0 by @dependabot in #2986
- build(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 by @dependabot in #2988
- build(deps): bump mheap/github-action-required-labels from 4 to 5 by @dependabot in #2990
- build(deps): bump aquasecurity/trivy-action from 0.11.0 to 0.11.2 by @dependabot in #2995
- build(deps): bump github/codeql-action from 2.3.6 to 2.20.0 by @dependabot in #3002
- build(deps): bump google.golang.org/api from 0.125.0 to 0.127.0 by @dependabot in #2999
- build(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0 by @dependabot in #3001
- build(deps): bump docker/build-push-action from 4.0.0 to 4.1.1 by @dependabot in #3003
- build(deps): bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #2993
- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.5 by @dependabot in #2997
- build(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 by @dependabot in #3004
- build(deps): bump alpine from 3.18.0 to 3.18.2 by @dependabot in #3008
- build(deps): bump docker/metadata-action from 4.5.0 to 4.6.0 by @dependabot in #3007
- build(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 by @dependabot in #3005
- build(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 by @dependabot in #3009
- build(deps): bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 by @dependabot in #3010
- build(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 by @dependabot in #3016
- build(deps): bump github/codeql-action from 2.20.0 to 2.20.1 by @dependabot in #3015
- build(deps): bump anchore/sbom-action from 0.14.2 to 0.14.3 by @dependabot in #3014
- build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in #3019
- build(deps): bump google.golang.org/api from 0.127.0 to 0.129.0 by @dependabot in #3022
- build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 by @dependabot in #3023
New Contributors
- @marcofranssen made their first contribution in #2981
- @vsychov made their first contribution in #2911
Full Changelog: v2.36.0...v2.37.0
v2.36.0
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.36.0
What's Changed
Enhancements 🚀
- TLS configure for OIDC connector by @xtremerui in #1632
- Add icon for gitea by @pinpox in #2733
- fix: Do not use connector data from the refresh token field by @nabokihms in #2729
- Add preferredEmailDomain config option for GitHub connector by @nobuyo in #2740
- Move unique functionality into getGroups to reduce calls to google by @snuggie12 in #2628
- fix: prevent server-side request forgery using Kubernetes storage by @nabokihms in #2479
- fix: return 401 if password is invalid by @nabokihms in #2796
- feat: Add default robots.txt by @nabokihms in #2834
- Skip redirection to approval when it is not required (#2686) by @nobuyo in #2805
- feat: Bump dependencies and Makefile refactoring by @nabokihms in #2844
Bug Fixes 🐛
- Make admin email optional when no service account path is configured by @sagikazarmark in #2695
- Only initialize google admin service if necessary by @sagikazarmark in #2700
Dependency Updates ⬆️
- build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16 by @dependabot in #2697
- fix: Update gomplate version to 3.11.3 fix CVE-2022-27665 by @nabokihms in #2705
- build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by @dependabot in #2708
- build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 by @dependabot in #2715
- build(deps): bump google.golang.org/api from 0.98.0 to 0.101.0 by @dependabot in #2720
- build(deps): bump github.com/mattn/go-sqlite3 from 1.14.15 to 1.14.16 by @dependabot in #2721
- build(deps): bump aquasecurity/trivy-action from 0.7.1 to 0.8.0 by @dependabot in #2723
- build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 by @dependabot in #2718
- build(deps): bump golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16 by @dependabot in #2724
- build(deps): bump alpine from 3.16.2 to 3.17.0 by @dependabot in #2746
- build(deps): bump github.com/prometheus/client_golang from 1.13.0 to 1.14.0 by @dependabot in #2735
- build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.5 to 3.5.6 by @dependabot in #2744
- build(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 by @dependabot in #2751
- build(deps): bump golang from 1.19.3-alpine3.16 to 1.19.4-alpine3.16 by @dependabot in #2750
- build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 by @dependabot in #2755
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.5 to 3.5.6 by @dependabot in #2743
- build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 by @dependabot in #2754
- build(deps): bump helm/kind-action from 1.4.0 to 1.5.0 by @dependabot in #2758
- build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0 by @dependabot in #2741
- build(deps): bump google.golang.org/api from 0.101.0 to 0.104.0 by @dependabot in #2753
- build(deps): bump google.golang.org/grpc from 1.49.0 to 1.51.0 in /api/v2 by @dependabot in #2742
- build(deps): bump golang.org/x/net from 0.3.0 to 0.4.0 by @dependabot in #2761
- build(deps): bump entgo.io/ent from 0.11.3 to 0.11.4 by @dependabot in #2725
- build(deps): bump google.golang.org/api from 0.104.0 to 0.105.0 by @dependabot in #2760
- build(deps): bump golang.org/x/net from 0.4.0 to 0.5.0 by @dependabot in #2774
- build(deps): bump google.golang.org/api from 0.105.0 to 0.106.0 by @dependabot in #2772
- build(deps): bump github.com/coreos/go-oidc/v3 from 3.4.0 to 3.5.0 by @dependabot in #2770
- build(deps): bump golang.org/x/crypto from 0.4.0 to 0.5.0 by @dependabot in #2773
- build(deps): bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 by @dependabot in #2777
- build(deps): bump entgo.io/ent from 0.11.4 to 0.11.5 by @dependabot in #2779
- build(deps): bump alpine from 3.17.0 to 3.17.1 by @dependabot in #2780
- build(deps): bump mheap/github-action-required-labels from 2 to 3 by @dependabot in #2769
- build(deps): bump google.golang.org/api from 0.106.0 to 0.107.0 by @dependabot in #2788
- build(deps): bump golang from 1.19.4-alpine3.16 to 1.19.5-alpine3.16 by @dependabot in #2782
- build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 by @dependabot in #2783
- build(deps): bump google.golang.org/api from 0.107.0 to 0.108.0 by @dependabot in #2793
- build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 in /api/v2 by @dependabot in #2784
- chore: Upgrade golangci-lint to v1.50.1 from v1.46.0 by @dlipovetsky in #2790
- ci: Use go 1.19 by @dlipovetsky in #2791
- build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.6 to 3.5.7 by @dependabot in #2798
- build(deps): bump docker/build-push-action from 3 to 4 by @dependabot in #2807
- build(deps): bump golang from 1.19.5-alpine3.16 to 1.20.0-alpine3.16 by @dependabot in #2811
- build(deps): bump aquasecurity/trivy-action from 0.8.0 to 0.9.0 by @dependabot in #2810
- build(deps): bump alpine from 3.17.1 to 3.17.2 by @dependabot in #2821
- build(deps): bump aquasecurity/trivy-action from 0.9.0 to 0.9.1 by @dependabot in #2822
- build(deps): bump entgo.io/ent from 0.11.5 to 0.11.8 by @dependabot in #2823
- build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 by @dependabot in #2818
- build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 by @dependabot in #2828
- build(deps): bump golang.org/x/net from 0.4.0 to 0.7.0 in /api/v2 by @dependabot in #2832
- build(deps): bump golang.org/x/sys from 0.0.0-20220114195835-da31bd327af9 to 0.1.0 in /examples by @dependabot in #2837
- build(deps): bump golang.org/x/net from 0.0.0-20220114011407-0dd24b26b47d to 0.7.0 in /examples by @dependabot in #2846
- build(deps): bump golang from 1.20.0-alpine3.16 to 1.20.1-alpine3.16 by @dependabot in #2827
- build(deps): bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 by @dependabot in #2850
- build(deps): bump golang from 1.20.1-alpine3.16 to 1.20.2-alpine3.16 by @dependabot in #2849
- feat: Bump gomplate 3.11.4 by @nabokihms in #2840
- build(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in #2856
- build(deps): bump golang.org/x/oauth2 from 0.4.0 to 0.6.0 by @dependabot in #2847
- build(deps): bump google.golang.org/api from 0.108.0 to 0.112.0 by @dependabot in #2853
- build(deps): bump google.golang.org/api from 0.112.0 to 0.114.0 by @dependabot in #2869
- build(deps): bump actions/setup-go from 3 to 4 by @dependabot in #2863
- build(deps): bump github.com/russellhaering/goxmldsig from 1.2.0 to 1.3.0 by @dependabot in #2862
- build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 by @dependabot in #2866
- build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 in /api/v2 by @dependabot in #2867
- build(deps): bump golang.org/x/crypto from 0.0.0-20220112180741-5e0467b6c7ce to 0.1.0 in /examples by @dependabot in #2845
- build(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 in /api/v2 by @dependabot in #2816
- chore: upgrade tools by @sagikazarmark in #2870
Other Changes
- Bump image in examples/k8s/dex.yaml to v2.32.0 by @stealthybox in #2569
New Contributors
v2.35.3
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.3
What's Changed
Dependency Updates ⬆️
- Backport #2705 to v2.35.x by @nabokihms in #2706
Full Changelog: v2.35.2...v2.35.3