mirror/dex - dex - xhrpb gitea

Commit Graph

Author	SHA1	Message	Date
dependabot[bot]	74dd7eeb4c	build(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.2 (#4623 ) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.79.1 to 1.79.2. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.79.1...v1.79.2) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-version: 1.79.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 week ago
dependabot[bot]	9ba3c3f930	build(deps): bump aquasecurity/trivy-action from 0.34.2 to 0.35.0 (#4622 ) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.34.2 to 0.35.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](`97e0b3872f...57a97c7e78`) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 week ago
dependabot[bot]	e2462a25ce	build(deps): bump golang.org/x/oauth2 from 0.35.0 to 0.36.0 in /examples (#4627 ) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.35.0 to 0.36.0. - [Commits](https://github.com/golang/oauth2/compare/v0.35.0...v0.36.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 week ago
Mark Liu	c03a687465	fix(server): handle double-submit on approval endpoint (#4620 ) When GetAuthRequest returns ErrNotFound in handleApproval, render a 400 "User session error." instead of logging + rendering a 500 "Database error.". Covers the double-submit race where sendCodeResponse deletes the auth request on first approval and the second request finds nothing. --- Signed-off-by: Mark Liu <mark@prove.com.au> Signed-off-by: mark-liu <mark-liu@users.noreply.github.com>	1 week ago
Maksim Nabokikh	591a201c88	feat(tests): add MySQL 8 support in CI and tests (#4617 ) Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	2 weeks ago
dependabot[bot]	f4c3102b3a	build(deps): bump github/codeql-action from 4.32.5 to 4.32.6 (#4615 ) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.5 to 4.32.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`c793b717bc...0d579ffd05`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2 weeks ago
dependabot[bot]	976e45e83c	build(deps): bump docker/metadata-action from 5.10.0 to 6.0.0 (#4614 ) Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.10.0 to 6.0.0. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](`c299e40c65...030e881283`) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2 weeks ago
dependabot[bot]	8dce952b17	build(deps): bump docker/build-push-action from 6.19.2 to 7.0.0 (#4613 ) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.19.2 to 7.0.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](`10e90e3645...d08e5c354a`) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2 weeks ago
dependabot[bot]	91bf627b39	build(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0 (#4616 ) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.12.0 to 4.0.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](`8d2750c68a...4d04d5d948`) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2 weeks ago
dependabot[bot]	787087179c	build(deps): bump golang from 1.26.0-alpine3.22 to 1.26.1-alpine3.22 (#4612 ) Bumps golang from 1.26.0-alpine3.22 to 1.26.1-alpine3.22. --- updated-dependencies: - dependency-name: golang dependency-version: 1.26.1-alpine3.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2 weeks ago
Maksim Nabokikh	a11b3cd2ef	feat(gitlab): implement TokenIdentity method (#4606 ) Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	2 weeks ago
dependabot[bot]	3ab094771c	build(deps): bump docker/login-action from 3.7.0 to 4.0.0 (#4609 ) Bumps [docker/login-action](https://github.com/docker/login-action) from 3.7.0 to 4.0.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](`c94ce9fb46...b45d80f862`) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2 weeks ago
dependabot[bot]	fb570557ee	build(deps): bump docker/setup-qemu-action from 3.7.0 to 4.0.0 (#4608 ) Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3.7.0 to 4.0.0. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](`c7c5346462...ce360397dd`) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2 weeks ago
dependabot[bot]	57a601f11e	build(deps): bump actions/dependency-review-action from 4.8.3 to 4.9.0 (#4605 )	2 weeks ago
Mathias Gebbe	fec4f53203	feat(oauth2): add client credentials flow with opt-in config flag (#4583 ) Implement the OAuth2 client_credentials grant type for machine-to-machine authentication. The grant is gated behind a new clientCredentialsEnabled config flag (defaults to false), following the same pattern as passwordConnector for the password grant. --------- Signed-off-by: Mathias Gebbe <mathias.gebbe@gmail.com> Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com> Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com> Co-authored-by: Maksim Nabokikh <maksim.nabokikh@flant.com> Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>	2 weeks ago
dependabot[bot]	e79638db52	build(deps): bump github/codeql-action from 4.32.4 to 4.32.5 (#4603 )	2 weeks ago
dependabot[bot]	044dcd57a2	build(deps): bump aquasecurity/trivy-action from 0.34.1 to 0.34.2 (#4602 )	2 weeks ago
Maksim Nabokikh	a70f592589	fix(deviceflow): update redirect URIs to use absolute paths for non-root URLs (#4597 ) Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	2 weeks ago
kt	91e985edea	fix: correct error message for device request expiry (#4599 ) Signed-off-by: kanywst <niwatakuma@icloud.com>	2 weeks ago
kt	99c423364e	fix: fix typo in grpc listener error message (#4598 ) Signed-off-by: kanywst <niwatakuma@icloud.com>	2 weeks ago
Maksim Nabokikh	e1d6c38ca2	fix: Invert condition for unknown fields in config unmarshaller (#4596 ) Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com>	3 weeks ago
dependabot[bot]	e5c14f1c7c	build(deps): bump distroless/static-debian13 from `01e550f` to `f512d81` (#4593 ) Bumps distroless/static-debian13 from `01e550f` to `f512d81`. --- updated-dependencies: - dependency-name: distroless/static-debian13 dependency-version: nonroot dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	3 weeks ago
dependabot[bot]	e5e64c64c0	build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (#4594 ) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6.0.0 to 7.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](`b7c566a772...bbbca2ddaa`) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	3 weeks ago
dependabot[bot]	8ab16cfe02	build(deps): bump actions/attest-build-provenance from 4.0.0 to 4.1.0 (#4595 ) Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](`e4d4f7c39a...a2bbfa2537`) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	3 weeks ago
Maksim Nabokikh	47e84dba69	feat(connector): add compile-time checks for connector interfaces (#4591 ) Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	3 weeks ago
Mathias Gebbe	44e27490be	fix(connector): update authproxy and oauth to match CallbackConnector interface (#4589 ) The PKCE support added in v2.45.0 changed the CallbackConnector interface signatures but missed updating the authproxy and oauth connectors. This caused a type assertion failure in handleConnectorLogin(), resulting in "Requested resource does not exist" errors when using these connectors. Update LoginURL to return (string, []byte, error) and HandleCallback to accept a []byte connData parameter for both connectors and their tests. Signed-off-by: Mathias Gebbe <mathias.gebbe@gmail.com>	3 weeks ago
Ivan Zviagintsev	4311931881	feat: saml support refresh tokens (#4565 ) Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>	3 weeks ago
Maksim Nabokikh	d78d744468	feat: Disallow unknown config fields (#4531 ) Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	3 weeks ago
Andy Lo-A-Foe	49dcb4d863	fix: clean up in-memory connector before create (#4529 ) Signed-off-by: Andy Lo-A-Foe <andy.loafoe@gmail.com> Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>	3 weeks ago
dependabot[bot]	3295c72066	build(deps): bump actions/attest-build-provenance from 3.2.0 to 4.0.0 (#4585 ) Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3.2.0 to 4.0.0. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](`96278af6ca...e4d4f7c39a`) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	3 weeks ago
dependabot[bot]	c0daa71ec7	build(deps): bump golang.org/x/net from 0.50.0 to 0.51.0 (#4586 ) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.50.0 to 0.51.0. - [Commits](https://github.com/golang/net/compare/v0.50.0...v0.51.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-version: 0.51.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	3 weeks ago
dependabot[bot]	9cd6668f40	build(deps): bump anchore/sbom-action from 0.22.2 to 0.23.0 (#4587 ) Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.22.2 to 0.23.0. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](`28d71544de...17ae174017`) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-version: 0.23.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	3 weeks ago
dependabot[bot]	4c3dffdb94	build(deps): bump actions/setup-go from 6.2.0 to 6.3.0 (#4584 ) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.2.0 to 6.3.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](`7a3fe6cf4c...4b73464bb3`) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	3 weeks ago
dependabot[bot]	2ecf64e8b8	build(deps): bump google.golang.org/api from 0.268.0 to 0.269.0 (#4582 )	3 weeks ago
Michiel De Backker	a6962a8ba4	fix(mysql): quote `groups` reserved word in query replacer (#4580 ) `groups` is a reserved word in MySQL >= 8.0.2, causing migration 13 to fail with a syntax error on `ALTER TABLE password ADD COLUMN groups`. Fixes #4579 Signed-off-by: Michiel De Backker <mail@backkem.me>	3 weeks ago
dependabot[bot]	0963bbe780	build(deps): bump google.golang.org/api from 0.267.0 to 0.268.0 (#4577 )	3 weeks ago
Maksim Nabokikh	bcc2283694	feat: enhance test commands to support GitHub Actions formatting (#4575 ) With the number of tests growing, it is harder and harder to find errors in the test output. Gotestsum is a well-known runner for tests helping to format the output fot both local runs and GitHub Actions. Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	3 weeks ago
dependabot[bot]	ec26e19e79	build(deps): bump github/codeql-action from 4.32.3 to 4.32.4 (#4573 )	3 weeks ago
dependabot[bot]	51c66d2523	build(deps): bump aquasecurity/trivy-action from 0.34.0 to 0.34.1 (#4574 )	3 weeks ago
Maksim Nabokikh	8db7699e0f	feat: implement device code flow in example-app (#4570 ) This is a KubeCon 2026 preparation: 1. Add device flow to the example-app 2. Add userinfo checker 3. Refactor the structure Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	3 weeks ago
Maksim Nabokikh	cf17fc68c8	test: update HandleCallback after merging OIDC PKCE (#4572 ) Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	3 weeks ago
Aljoscha Bollmann	83697b06a6	fix(server): respond with forbidden if failed to authenticate (#4200 ) Signed-off-by: Aljoscha Bollmann <aljoscha.bollmann@proton.me>	3 weeks ago
Giovanni Vella	25591eeaf4	Add support to PKCE in OIDC connector (#3777 ) Signed-off-by: johnvan7 <giovanni.vella98@gmail.com> Signed-off-by: Giovanni Vella <giovanni.vella98@gmail.com>	3 weeks ago
Maksim Nabokikh	5d27abc117	feat: refactor example-app with a new config (#4569 ) This is a preparation for KubeCon 2026: 1. Restyle the app 2. Refactor advanced configuration options 3. Move embedded templates and css to separate files Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	3 weeks ago
Maksim Nabokikh	08079303c9	feat: add debug step to check image metadata in workflow (#4566 ) Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	4 weeks ago
dependabot[bot]	49c8228d30	build(deps): bump actions/dependency-review-action from 4.8.2 to 4.8.3 (#4563 ) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.8.2 to 4.8.3. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](`3c4e3dcb1a...05fe457637`) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-version: 4.8.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	4 weeks ago
Maksim Nabokikh	0108be9e9f	feat: add skopeo copy command to transfer image from OCI layout (#4564 ) Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	4 weeks ago
dependabot[bot]	548b0f54e8	build(deps): bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 (#4562 )	4 weeks ago
Maksim Nabokikh	29c7b6f4e3	feat: validate redirect URIs and safely append parameters (#4559 ) Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	4 weeks ago
dependabot[bot]	69f9b7eef9	build(deps): bump google.golang.org/api from 0.266.0 to 0.267.0 (#4558 ) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.266.0 to 0.267.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.266.0...v0.267.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-version: 0.267.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	4 weeks ago

1 2 3 4 5 ...

3745 Commits (74dd7eeb4ca8c4de275c2045e81a09b674a0837f) All Branches Search

3745 Commits (74dd7eeb4ca8c4de275c2045e81a09b674a0837f)

All Branches