Skip to content

Releases: dexidp/dex

v2.2.0 Dex API release

10 Sep 09:40
d0f1777
Compare
Choose a tag to compare

v2.41.1

07 Aug 17:48
Compare
Choose a tag to compare

What's Changed

Bug Fixes 🐛

Full Changelog: v2.41.0...v2.41.1

v2.41.0

04 Aug 14:50
257a821
Compare
Choose a tag to compare

What's Changed

Exciting New Features 🎉

Important

Connectors API is disabled by default. Set the DEX_API_CONNECTORS_CRUD=true env variable to enable the feature.

Enhancements 🚀

Bug Fixes 🐛

  • Remove additional features and add a feature flag instead by @nabokihms in #3663

Dependency Updates ⬆️

  • build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 in /examples by @dependabot in #3582
  • build(deps): bump actions/attest-build-provenance from 1.1.2 to 1.3.1 by @dependabot in #3580
  • build(deps): bump github/codeql-action from 3.25.7 to 3.25.12 by @dependabot in #3619
  • build(deps): bump actions/dependency-review-action from 4.3.2 to 4.3.4 by @dependabot in #3618
  • build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 by @dependabot in #3617
  • build(deps): bump aquasecurity/trivy-action from 0.21.0 to 0.24.0 by @dependabot in #3615
  • build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /examples in the go_modules group by @dependabot in #3612
  • build(deps): bump distroless/static-debian12 from e9ac71e to 8dd8d3c by @dependabot in #3604
  • build(deps): bump docker/build-push-action from 5.3.0 to 6.3.0 by @dependabot in #3603
  • build(deps): bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0 in /examples by @dependabot in #3609
  • build(deps): bump golang.org/x/net from 0.25.0 to 0.27.0 by @dependabot in #3606
  • build(deps): bump golang.org/x/crypto from 0.23.0 to 0.25.0 by @dependabot in #3605
  • build(deps): bump alpine from 3.20.0 to 3.20.1 by @dependabot in #3591
  • build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 in /examples by @dependabot in #3600
  • build(deps): bump golang.org/x/oauth2 from 0.20.0 to 0.21.0 by @dependabot in #3567
  • build(deps): bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0 by @dependabot in #3627
  • build(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #3621
  • build(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0 by @dependabot in #3625
  • build(deps): bump actions/attest-build-provenance from 1.3.1 to 1.3.3 by @dependabot in #3624
  • build(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2 by @dependabot in #3631
  • build(deps): bump anchore/sbom-action from 0.16.0 to 0.17.0 by @dependabot in #3630
  • build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.3 by @dependabot in #3626
  • build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in #3622
  • build(deps): bump docker/build-push-action from 6.3.0 to 6.4.0 by @dependabot in #3623
  • build(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by @dependabot in #3629
  • build(deps): bump github.com/AppsFlyer/go-sundheit from 0.5.0 to 0.5.1 by @dependabot in #3635
  • build(deps): bump docker/build-push-action from 6.4.0 to 6.4.1 by @dependabot in #3633
  • build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 by @dependabot in #3634
  • Update dependencies before Dex v2.41 by @nabokihms in #3637
  • build(deps): bump alpine from 3.20.1 to 3.20.2 by @dependabot in #3647
  • build(deps): bump google.golang.org/api from 0.182.0 to 0.189.0 by @dependabot in #3646
  • build(deps): bump github/codeql-action from 3.25.12 to 3.25.14 by @dependabot in #3651
  • build(deps): bump actions/upload-artifact from 3.1.3 to 4.3.4 by @dependabot in #3607
  • build(deps): bump golang from 8c9183f to 0d3653d by @dependabot in #3657
  • FIx CVE before Dex v2.41 by @nabokihms in #3653
  • Bump gomplate 4.0.1 by @MoeBensu in #3652
  • build(deps): bump github.com/AppsFlyer/go-sundheit from 0.5.1 to 0.6.0 by @dependabot in #3655
  • build(deps): bump docker/setup-buildx-action from 3.4.0 to 3.6.1 by @dependabot in #3658
  • build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.14 to 3.5.15 by @dependabot in #3639
  • build(deps): bump docker/setup-qemu-action from 3.1.0 to 3.2.0 by @dependabot in #3645
  • build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #3656
  • build(deps): bump docker/build-push-action from 6.4.1 to 6.5.0 by @dependabot in #3643
  • build(deps): bump docker/login-action from 3.2.0 to 3.3.0 by @dependabot in #3644
  • build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.3 to 4.0.4 by @dependabot in #3666
  • build(deps): bump google.golang.org/api from 0.189.0 to 0.190.0 by @dependabot in #3667
  • build(deps): bump actions/attest-build-provenance from 1.3.3 to 1.4.0 by @dependabot in #3665
  • Bump ent v0.14.0 by @nabokihms in #3670
  • build(deps): bump github/codeql-action from 3.25.14 to 3.25.15 by @dependabot in #3664

New Contributors

Full Changelog: v2.40.0...v2.41.0

v2.40.0

03 Jun 19:52
23efe92
Compare
Choose a tag to compare

The official container image for this release can be pulled from

ghcr.io/dexidp/dex:v2.40.0

Know before update

Important

Dex migrated to the log/slog for logging. Both text and json log format outputs changed.

The change can affect users, that import Dex as a library in their projects.

What's Changed

Exciting New Features 🎉

Enhancements 🚀

  • Add support for configurable prompt type for Google connector by @abhisek in #3475
  • Google: Implement groups fetch by default service account from metadata (support for GKE workload identity) by @vsychov in #2989
  • OIDC connector option to override jwksURI by @sohgaura in #3543
  • Allow domain names or IDs in keystone connector by @cardoe in #3506

Bug Fixes 🐛

Dependency Updates ⬆️

  • build(deps): bump google.golang.org/api from 0.172.0 to 0.179.0 by @dependabot in #3516
  • build(deps): bump golang from 1.22.2-alpine3.18 to 1.22.3-alpine3.18 by @dependabot in #3514
  • build(deps): bump aquasecurity/trivy-action from 0.18.0 to 0.20.0 by @dependabot in #3512
  • build(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 in /examples by @dependabot in #3508
  • build(deps): bump anchore/sbom-action from 0.15.9 to 0.15.11 by @dependabot in #3497
  • build(deps): bump golang.org/x/net from 0.20.0 to 0.23.0 in /api/v2 in the go_modules group by @dependabot in #3483
  • build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @dependabot in #3472
  • build(deps): bump distroless/static-debian12 from 42c8865 to e9ac71e by @dependabot in #3469
  • build(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #3462
  • build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.1 in /api/v2 by @dependabot in #3510
  • build(deps): bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 by @dependabot in #3526
  • build(deps): bump google.golang.org/api from 0.179.0 to 0.180.0 by @dependabot in #3525
  • build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.2 by @dependabot in #3524
  • build(deps): bump helm/kind-action from 1.9.0 to 1.10.0 by @dependabot in #3523
  • build(deps): bump github/codeql-action from 3.24.10 to 3.25.4 by @dependabot in #3522
  • build(deps): bump mheap/github-action-required-labels from 5.4.0 to 5.4.1 by @dependabot in #3521
  • build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #3520
  • build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /api/v2 by @dependabot in #3465
  • build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /examples by @dependabot in #3460
  • build(deps): bump alpine from 3.19.1 to 3.20.0 by @dependabot in #3547
  • build(deps): bump anchore/sbom-action from 0.15.11 to 0.16.0 by @dependabot in #3545
  • build(deps): bump github/codeql-action from 3.25.4 to 3.25.6 by @dependabot in #3544
  • build(deps): bump actions/checkout from 4.1.2 to 4.1.6 by @dependabot in #3542
  • build(deps): bump google.golang.org/api from 0.180.0 to 0.181.0 by @dependabot in #3541
  • build(deps): bump golang from 4531927 to ff6ab2b by @dependabot in #3536
  • build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #3534
  • build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.1 to 4.0.2 by @dependabot in #3531
  • build(deps): bump github.com/beevik/etree from 1.3.0 to 1.4.0 by @dependabot in #3530
  • build(deps): bump google.golang.org/grpc from 1.63.2 to 1.64.0 in /examples by @dependabot in #3535
  • build(deps): bump docker/login-action from 3.1.0 to 3.2.0 by @dependabot in #3551
  • build(deps): bump golang from ff6ab2b to d1a601b by @dependabot in #3550
  • build(deps): bump aquasecurity/trivy-action from 0.20.0 to 0.21.0 by @dependabot in #3552
  • Bump google.golang.org/grpc to v1.64.0 by @nabokihms in #3553
  • build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.13 to 3.5.14 by @dependabot in #3555
  • build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.13 to 3.5.14 by @dependabot in #3556
  • build(deps): bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #3561
  • Bump gomplate 3.11.8 by @nabokihms in #3565

New Contributors

Full Changelog: v2.39.1...v2.40.0

v2.39.1

09 Apr 11:55
3705207
Compare
Choose a tag to compare

The official container image for this release can be pulled from

ghcr.io/dexidp/dex:v2.39.1

Bug Fixes 🐛

  • Update max length of Kubernetes object to fit Kubernetes policy by @RomanenkoDenys in #3439 (fix regression for Kubernetes storage)

  • Do not escape password for LDAP connectors by @nabokihms in #3470 (changes introduced in v2.39.0 were reverted)

v2.39.0

22 Mar 20:32
f611470
Compare
Choose a tag to compare

The official container image for this release can be pulled from

ghcr.io/dexidp/dex:v2.39.0

Know before update

Warning

The validation of username and password in the LDAP connector is much more strict now.
As of today, Dex uses the EscapeFilter function to check for special characters in credentials and prevent injections by denying such requests.

the special characters in the set ()*\ and those out of the range 0 < c < 0x80, as defined in RFC4515

What's Changed

Enhancements 🚀

Bug Fixes 🐛

  • Use the correct token type for userInfo requests while Token Exchange by @MrDeerly in #3336
  • Do not evaluate skipApproval on the approval page by @MM53 in #3086

Dependency Updates ⬆️

  • build(deps): bump anchore/sbom-action from 0.15.5 to 0.15.6 by @dependabot in #3314
  • build(deps): bump github.com/mattn/go-sqlite3 from 1.14.19 to 1.14.22 by @dependabot in #3328
  • build(deps): bump github/codeql-action from 3.23.1 to 3.24.0 by @dependabot in #3327
  • build(deps): bump anchore/sbom-action from 0.15.6 to 0.15.8 by @dependabot in #3325
  • build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.11 to 3.5.12 by @dependabot in #3323
  • build(deps): bump google.golang.org/api from 0.157.0 to 0.161.0 by @dependabot in #3317
  • build(deps): bump alpine from 3.19.0 to 3.19.1 by @dependabot in #3311
  • build(deps): bump golang from 3bd4475 to 3354c3a by @dependabot in #3310
  • build(deps): bump mheap/github-action-required-labels from 5.1.0 to 5.2.0 by @dependabot in #3308
  • build(deps): bump sigstore/cosign-installer from 3.2.0 to 3.4.0 by @dependabot in #3324
  • build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.11 to 3.5.12 by @dependabot in #3321
  • build(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 in /examples by @dependabot in #3340
  • build(deps): bump tonistiigi/xx from 1.3.0 to 1.4.0 by @dependabot in #3333
  • build(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 by @dependabot in #3341
  • build(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 in /examples by @dependabot in #3352
  • build(deps): bump distroless/static from 9be3fcc to a43abc8 by @dependabot in #3350
  • build(deps): bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 by @dependabot in #3332
  • build(deps): bump docker/metadata-action from 5.5.0 to 5.5.1 by @dependabot in #3330
  • build(deps): bump mheap/github-action-required-labels from 5.2.0 to 5.3.0 by @dependabot in #3347
  • build(deps): bump helm/kind-action from 1.8.0 to 1.9.0 by @dependabot in #3345
  • build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @dependabot in #3360
  • build(deps): bump google.golang.org/api from 0.161.0 to 0.165.0 by @dependabot in #3355
  • build(deps): bump actions/dependency-review-action from 4.0.0 to 4.1.0 by @dependabot in #3359
  • build(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 by @dependabot in #3377
  • build(deps): bump google.golang.org/api from 0.165.0 to 0.167.0 by @dependabot in #3376
  • build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in #3375
  • build(deps): bump distroless/static from a43abc8 to 072d78b by @dependabot in #3374
  • build(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 in /examples by @dependabot in #3368
  • build(deps): bump actions/dependency-review-action from 4.1.0 to 4.1.3 by @dependabot in #3363
  • build(deps): bump haya14busa/action-cond from 1.1.1 to 1.2.1 by @dependabot in #3346
  • build(deps): bump golang from 1.21.6-alpine3.18 to 1.22.0-alpine3.18 by @dependabot in #3334
  • build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 by @dependabot in #3367
  • build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 in /api/v2 by @dependabot in #3365
  • build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 by @dependabot in #3405
  • build(deps): bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0 by @dependabot in #3380
  • build(deps): bump golang from 1.22.0-alpine3.18 to 1.22.1-alpine3.18 by @dependabot in #3398
  • build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 in /examples by @dependabot in #3406
  • build(deps): bump google.golang.org/api from 0.167.0 to 0.169.0 by @dependabot in #3407
  • Update jose by @nabokihms in #3409
  • build(deps): bump distroless/static from 072d78b to 9235ad9 by @dependabot in #3381
  • build(deps): bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in #3382
  • build(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 by @dependabot in #3384
  • build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in #3386
  • build(deps): bump anchore/sbom-action from 0.15.8 to 0.15.9 by @dependabot in #3397
  • build(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 by @dependabot in #3393
  • build(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 in /examples by @dependabot in #3394
  • build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 in /examples by @dependabot in #3401
  • build(deps): bump github.com/go-sql-driver/mysql from 1.7.1 to 1.8.0 by @dependabot in #3414
  • build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by @dependabot in #3413
  • build(deps): bump distroless/static from 9235ad9 to 7e5c6a2 by @dependabot in #3410
  • build(deps): bump docker/build-push-action from 5.1.0 to 5.2.0 by @dependabot in #3411
  • build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 by @dependabot in #3412
  • build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot in #3389
  • build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #3417
  • build(deps): bump github/codeql-action from 3.24.6 to 3.24.8 by @dependabot in #3422
  • build(deps): bump google.golang.org/api from 0.169.0 to 0.171.0 by @dependabot in #3426
  • build(deps): bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #3418
  • build(deps): bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 in /examples by @dependabot in #3424
  • build(deps): bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 by @dependabot in #3425
  • build(deps): bump docker/build-push-action from 5.2.0 to 5.3.0 by @dependabot in #3420
  • build(deps): bump golang from 010f3b3 to ede158f by @dependabot in #3421
  • build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 in /api/v2 by @dependabot in #3399
  • build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 in /api/v2 by @dependabot in #3400

New Contributors

Full Changelog: v2.38.0...v2.39.0

v2.38.0

25 Jan 14:31
v2.38.0
9451d87
Compare
Choose a tag to compare

The official container image for this release can be pulled from

ghcr.io/dexidp/dex:v2.38.0

What's Changed

Exciting New Features 🎉

Enhancements 🚀

Bug Fixes 🐛

Dependency Updates ⬆️

  • build(deps): bump golang.org/x/net from 0.11.0 to 0.12.0 by @dependabot in #3036
  • build(deps): bump google.golang.org/api from 0.129.0 to 0.130.0 by @dependabot in #3034
  • build(deps): bump golang.org/x/crypto from 0.10.0 to 0.11.0 by @dependabot in #3035
  • build(deps): bump helm/kind-action from 1.7.0 to 1.8.0 by @dependabot in #3041
  • build(deps): bump google.golang.org/api from 0.130.0 to 0.134.0 by @dependabot in #3054
  • build(deps): bump docker/setup-buildx-action from 2.8.0 to 2.9.1 by @dependabot in #3043
  • build(deps): bump github/codeql-action from 2.20.1 to 2.21.2 by @dependabot in #3057
  • build(deps): bump google.golang.org/grpc from 1.56.1 to 1.57.0 by @dependabot in #3055
  • build(deps): bump google.golang.org/protobuf from 1.30.0 to 1.31.0 in /api/v2 by @dependabot in #3021
  • build(deps): bump google.golang.org/grpc from 1.55.0 to 1.57.0 in /api/v2 by @dependabot in #3053
  • build(deps): bump golang.org/x/net from 0.12.0 to 0.13.0 by @dependabot in #3060
  • build(deps): bump google.golang.org/api from 0.134.0 to 0.138.0 by @dependabot in #3079
  • build(deps): bump actions/dependency-review-action from 3.0.6 to 3.0.8 by @dependabot in #3078
  • build(deps): bump github/codeql-action from 2.21.2 to 2.21.4 by @dependabot in #3076
  • build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in #3071
  • build(deps): bump alpine from 3.18.2 to 3.18.3 by @dependabot in #3069
  • build(deps): bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 by @dependabot in #3090
  • build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #3099
  • build(deps): bump docker/setup-buildx-action from 2.9.1 to 3.0.0 by @dependabot in #3104
  • build(deps): bump actions/checkout from 3.5.3 to 4.1.0 by @dependabot in #3117
  • build(deps): bump alpine from 3.18.3 to 3.18.4 by @dependabot in #3130
  • build(deps): bump github/codeql-action from 2.21.4 to 2.21.9 by @dependabot in #3127
  • build(deps): bump google.golang.org/api from 0.138.0 to 0.143.0 by @dependabot in #3121
  • build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 by @dependabot in #3116
  • build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 in /api/v2 by @dependabot in #3115
  • build(deps): bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 by @dependabot in #3132
  • build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.5 to 3.4.6 by @dependabot in #3133
  • build(deps): bump docker/login-action from 2.2.0 to 3.0.0 by @dependabot in #3134
  • build(deps): bump docker/build-push-action from 4.1.1 to 5.0.0 by @dependabot in #3135
  • build(deps): bump docker/metadata-action from 4.6.0 to 5.0.0 by @dependabot in #3136
  • build(deps): bump actions/dependency-review-action from 3.0.8 to 3.1.0 by @dependabot in #3137
  • build(deps): bump docker/setup-qemu-action from 2.2.0 to 3.0.0 by @dependabot in #3138
  • build(deps): bump google.golang.org/api from 0.143.0 to 0.147.0 by @dependabot in #3152
  • build(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot in #3155
  • build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in #3154
  • build(deps): bump github/codeql-action from 2.21.9 to 2.22.3 by @dependabot in #3153
  • build(deps): bump tonistiigi/xx from 1.2.1 to 1.3.0 by @dependabot in #3161
  • build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #3159
  • build(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @dependabot in #3157
  • build(deps): bump golang.org/x/net from 0.7.0 to 0.17.0 in /examples by @dependabot in #3151
  • build(deps): bump google.golang.org/api from 0.147.0 to 0.148.0 by @dependabot in #3163
  • build(deps): bump golang.org/x/net from 0.12.0 to 0.17.0 in /api/v2 by @dependabot in #3150
  • Bump Go 1.21 by @nabokihms in #3165
  • build(deps): bump google.golang.org/grpc from 1.58.2 to 1.59.0 in /api/v2 by @dependabot in #3158
  • Bump ent (v0.12.4) and example app dependencies by @nabokihms in #3166
  • build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0 by @dependabot in #3167
  • build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in #3168
  • build(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 by @dependabot in #3169
  • build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.9 to 3.5.11 by @dependabot in #3216
  • build(deps): bump golang from 1.21.3-alpine3.18 to 1.21.5-alpine3.18 by @dependabot in #3213
  • build(deps): bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 by @dependabot in #3181
  • build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #3182
  • build(deps): bump docker/build-push-action from 5.0.0 to 5.1.0 by @dependabot in #3198
  • build(deps): bump anchore/sbom-action from 0.14.3 to 0.15.1 by @dependabot in #3210
  • build(deps): bump aquasecurity/trivy-action from 0.12.0 to 0.16.0 by @dependabot in #3219
  • build(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.4 by @dependabot in #3206
  • Bump golangci-lint 1.55.2 by @nabokihms in #3232
  • build(deps): bump github.com/mattn/go-sqlite3 from 1.14.17 to 1.14.19 by @dependabot in #3226
  • build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 by @dependabot in #3228
  • build(deps): bump alpine from 3.18.4 to 3.19.0 by @dependabot in #3214
  • build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @dependabot in #3201
  • build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /examples by @dependabot in #3229
  • build(deps)...
Read more

v2.37.0

30 Jun 14:12
08bb7fb
Compare
Choose a tag to compare

The official container image for this release can be pulled from

ghcr.io/dexidp/dex:v2.37.0

What's Changed

Exciting New Features 🎉

Enhancements 🚀

Bug Fixes 🐛

Dependency Updates ⬆️

  • build(deps): bump alpine from 3.17.2 to 3.17.3 by @dependabot in #2879
  • build(deps): bump mheap/github-action-required-labels from 3 to 4 by @dependabot in #2881
  • build(deps): bump google.golang.org/grpc from 1.53.0 to 1.54.0 by @dependabot in #2873
  • build(deps): bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 by @dependabot in #2892
  • build(deps): bump golang from 1.20.2-alpine3.16 to 1.20.3-alpine3.16 by @dependabot in #2884
  • build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0 by @dependabot in #2885
  • build(deps): bump aquasecurity/trivy-action from 0.9.2 to 0.10.0 by @dependabot in #2905
  • build(deps): bump github.com/prometheus/client_golang from 1.14.0 to 1.15.0 by @dependabot in #2900
  • build(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 by @dependabot in #2891
  • build(deps): bump github.com/russellhaering/goxmldsig from 1.3.0 to 1.4.0 by @dependabot in #2920
  • build(deps): bump golang from 1.20.3-alpine3.16 to 1.20.4-alpine3.16 by @dependabot in #2924
  • build(deps): bump github.com/lib/pq from 1.10.7 to 1.10.9 by @dependabot in #2922
  • build(deps): bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 by @dependabot in #2929
  • build(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 by @dependabot in #2932
  • build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.7 to 3.5.8 by @dependabot in #2899
  • build(deps): bump github.com/beevik/etree from 1.1.0 to 1.1.4 by @dependabot in #2939
  • build(deps): bump github.com/go-sql-driver/mysql from 1.7.0 to 1.7.1 by @dependabot in #2938
  • build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.8 to 3.5.9 by @dependabot in #2946
  • build(deps): bump github/codeql-action from 2.3.1 to 2.3.3 by @dependabot in #2943
  • build(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2 by @dependabot in #2942
  • build(deps): bump alpine from 3.17.3 to 3.18.0 by @dependabot in #2930
  • build(deps): bump google.golang.org/grpc from 1.53.0 to 1.55.0 in /api/v2 by @dependabot in #2927
  • build(deps): bump google.golang.org/api from 0.114.0 to 0.122.0 by @dependabot in #2931
  • build(deps): bump entgo.io/ent from 0.11.10 to 0.12.3 by @dependabot in #2923
  • build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.7 to 3.5.9 by @dependabot in #2944
  • build(deps): bump github.com/prometheus/client_golang from 1.15.0 to 1.15.1 by @dependabot in #2945
  • build(deps): bump helm/kind-action from 1.5.0 to 1.7.0 by @dependabot in #2956
  • build(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 by @dependabot in #2957
  • build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 by @dependabot in #2949
  • build(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 by @dependabot in #2948
  • build(deps): bump google.golang.org/api from 0.122.0 to 0.123.0 by @dependabot in #2959
  • build(deps): bump github.com/beevik/etree from 1.1.4 to 1.2.0 by @dependabot in #2947
  • build(deps): bump github/codeql-action from 2.3.3 to 2.3.5 by @dependabot in #2970
  • build(deps): bump google.golang.org/api from 0.123.0 to 0.124.0 by @dependabot in #2968
  • build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @dependabot in #2958
  • build(deps): bump aquasecurity/trivy-action from 0.10.0 to 0.11.0 by @dependabot in #2984
  • build(deps): bump github/codeql-action from 2.3.5 to 2.3.6 by @dependabot in #2982
  • build(deps): bump actions/dependency-review-action from 3.0.4 to 3.0.6 by @dependabot in #2978
  • build(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 by @dependabot in #2983
  • build(deps): bump github.com/mattn/go-sqlite3 from 1.14.16 to 1.14.17 by @dependabot in #2979
  • build(deps): bump google.golang.org/api from 0.124.0 to 0.125.0 by @dependabot in #2976
  • build(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @dependabot in #2977
  • build(deps): bump docker/login-action from 2.1.0 to 2.2.0 by @dependabot in #2987
  • build(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0 by @dependabot in #2985
  • build(deps): bump docker/metadata-action from 4.4.0 to 4.5.0 by @dependabot in #2986
  • build(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 by @dependabot in #2988
  • build(deps): bump mheap/github-action-required-labels from 4 to 5 by @dependabot in #2990
  • build(deps): bump aquasecurity/trivy-action from 0.11.0 to 0.11.2 by @dependabot in #2995
  • build(deps): bump github/codeql-action from 2.3.6 to 2.20.0 by @dependabot in #3002
  • build(deps): bump google.golang.org/api from 0.125.0 to 0.127.0 by @dependabot in #2999
  • build(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0 by @dependabot in #3001
  • build(deps): bump docker/build-push-action from 4.0.0 to 4.1.1 by @dependabot in #3003
  • build(deps): bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #2993
  • build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.5 by @dependabot in #2997
  • build(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 by @dependabot in #3004
  • build(deps): bump alpine from 3.18.0 to 3.18.2 by @dependabot in #3008
  • build(deps): bump docker/metadata-action from 4.5.0 to 4.6.0 by @dependabot in #3007
  • build(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 by @dependabot in #3005
  • build(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 by @dependabot in #3009
  • build(deps): bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 by @dependabot in #3010
  • build(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 by @dependabot in #3016
  • build(deps): bump github/codeql-action from 2.20.0 to 2.20.1 by @dependabot in #3015
  • build(deps): bump anchore/sbom-action from 0.14.2 to 0.14.3 by @dependabot in #3014
  • build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in #3019
  • build(deps): bump google.golang.org/api from 0.127.0 to 0.129.0 by @dependabot in #3022
  • build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 by @dependabot in #3023

New Contributors

Full Changelog: v2.36.0...v2.37.0

v2.36.0

20 Mar 13:29
v2.36.0
2bb4896
Compare
Choose a tag to compare

The official container image for this release can be pulled from

ghcr.io/dexidp/dex:v2.36.0

What's Changed

Enhancements 🚀

Bug Fixes 🐛

Dependency Updates ⬆️

  • build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16 by @dependabot in #2697
  • fix: Update gomplate version to 3.11.3 fix CVE-2022-27665 by @nabokihms in #2705
  • build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by @dependabot in #2708
  • build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 by @dependabot in #2715
  • build(deps): bump google.golang.org/api from 0.98.0 to 0.101.0 by @dependabot in #2720
  • build(deps): bump github.com/mattn/go-sqlite3 from 1.14.15 to 1.14.16 by @dependabot in #2721
  • build(deps): bump aquasecurity/trivy-action from 0.7.1 to 0.8.0 by @dependabot in #2723
  • build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 by @dependabot in #2718
  • build(deps): bump golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16 by @dependabot in #2724
  • build(deps): bump alpine from 3.16.2 to 3.17.0 by @dependabot in #2746
  • build(deps): bump github.com/prometheus/client_golang from 1.13.0 to 1.14.0 by @dependabot in #2735
  • build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.5 to 3.5.6 by @dependabot in #2744
  • build(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 by @dependabot in #2751
  • build(deps): bump golang from 1.19.3-alpine3.16 to 1.19.4-alpine3.16 by @dependabot in #2750
  • build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 by @dependabot in #2755
  • build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.5 to 3.5.6 by @dependabot in #2743
  • build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 by @dependabot in #2754
  • build(deps): bump helm/kind-action from 1.4.0 to 1.5.0 by @dependabot in #2758
  • build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0 by @dependabot in #2741
  • build(deps): bump google.golang.org/api from 0.101.0 to 0.104.0 by @dependabot in #2753
  • build(deps): bump google.golang.org/grpc from 1.49.0 to 1.51.0 in /api/v2 by @dependabot in #2742
  • build(deps): bump golang.org/x/net from 0.3.0 to 0.4.0 by @dependabot in #2761
  • build(deps): bump entgo.io/ent from 0.11.3 to 0.11.4 by @dependabot in #2725
  • build(deps): bump google.golang.org/api from 0.104.0 to 0.105.0 by @dependabot in #2760
  • build(deps): bump golang.org/x/net from 0.4.0 to 0.5.0 by @dependabot in #2774
  • build(deps): bump google.golang.org/api from 0.105.0 to 0.106.0 by @dependabot in #2772
  • build(deps): bump github.com/coreos/go-oidc/v3 from 3.4.0 to 3.5.0 by @dependabot in #2770
  • build(deps): bump golang.org/x/crypto from 0.4.0 to 0.5.0 by @dependabot in #2773
  • build(deps): bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 by @dependabot in #2777
  • build(deps): bump entgo.io/ent from 0.11.4 to 0.11.5 by @dependabot in #2779
  • build(deps): bump alpine from 3.17.0 to 3.17.1 by @dependabot in #2780
  • build(deps): bump mheap/github-action-required-labels from 2 to 3 by @dependabot in #2769
  • build(deps): bump google.golang.org/api from 0.106.0 to 0.107.0 by @dependabot in #2788
  • build(deps): bump golang from 1.19.4-alpine3.16 to 1.19.5-alpine3.16 by @dependabot in #2782
  • build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 by @dependabot in #2783
  • build(deps): bump google.golang.org/api from 0.107.0 to 0.108.0 by @dependabot in #2793
  • build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 in /api/v2 by @dependabot in #2784
  • chore: Upgrade golangci-lint to v1.50.1 from v1.46.0 by @dlipovetsky in #2790
  • ci: Use go 1.19 by @dlipovetsky in #2791
  • build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.6 to 3.5.7 by @dependabot in #2798
  • build(deps): bump docker/build-push-action from 3 to 4 by @dependabot in #2807
  • build(deps): bump golang from 1.19.5-alpine3.16 to 1.20.0-alpine3.16 by @dependabot in #2811
  • build(deps): bump aquasecurity/trivy-action from 0.8.0 to 0.9.0 by @dependabot in #2810
  • build(deps): bump alpine from 3.17.1 to 3.17.2 by @dependabot in #2821
  • build(deps): bump aquasecurity/trivy-action from 0.9.0 to 0.9.1 by @dependabot in #2822
  • build(deps): bump entgo.io/ent from 0.11.5 to 0.11.8 by @dependabot in #2823
  • build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 by @dependabot in #2818
  • build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 by @dependabot in #2828
  • build(deps): bump golang.org/x/net from 0.4.0 to 0.7.0 in /api/v2 by @dependabot in #2832
  • build(deps): bump golang.org/x/sys from 0.0.0-20220114195835-da31bd327af9 to 0.1.0 in /examples by @dependabot in #2837
  • build(deps): bump golang.org/x/net from 0.0.0-20220114011407-0dd24b26b47d to 0.7.0 in /examples by @dependabot in #2846
  • build(deps): bump golang from 1.20.0-alpine3.16 to 1.20.1-alpine3.16 by @dependabot in #2827
  • build(deps): bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 by @dependabot in #2850
  • build(deps): bump golang from 1.20.1-alpine3.16 to 1.20.2-alpine3.16 by @dependabot in #2849
  • feat: Bump gomplate 3.11.4 by @nabokihms in #2840
  • build(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in #2856
  • build(deps): bump golang.org/x/oauth2 from 0.4.0 to 0.6.0 by @dependabot in #2847
  • build(deps): bump google.golang.org/api from 0.108.0 to 0.112.0 by @dependabot in #2853
  • build(deps): bump google.golang.org/api from 0.112.0 to 0.114.0 by @dependabot in #2869
  • build(deps): bump actions/setup-go from 3 to 4 by @dependabot in #2863
  • build(deps): bump github.com/russellhaering/goxmldsig from 1.2.0 to 1.3.0 by @dependabot in #2862
  • build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 by @dependabot in #2866
  • build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 in /api/v2 by @dependabot in #2867
  • build(deps): bump golang.org/x/crypto from 0.0.0-20220112180741-5e0467b6c7ce to 0.1.0 in /examples by @dependabot in #2845
  • build(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 in /api/v2 by @dependabot in #2816
  • chore: upgrade tools by @sagikazarmark in #2870

Other Changes

New Contributors

Read more

v2.35.3

11 Oct 16:58
v2.35.3
54c9e82
Compare
Choose a tag to compare

The official container image for this release can be pulled from

ghcr.io/dexidp/dex:v2.35.3

What's Changed

Dependency Updates ⬆️

Full Changelog: v2.35.2...v2.35.3