e7b151c386
feat: grpc api list clients
...
refers to https://github.com/dexidp/dex/issues/3496
Signed-off-by: Julius Foitzik <info@accountr.eu>
8 months ago
745e1114f3
build(deps): bump github.com/oklog/run from 1.1.0 to 1.2.0 ( #4199 )
...
Bumps [github.com/oklog/run](https://github.com/oklog/run ) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/oklog/run/releases )
- [Commits](https://github.com/oklog/run/compare/v1.1.0...v1.2.0 )
---
updated-dependencies:
- dependency-name: github.com/oklog/run
dependency-version: 1.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
8 months ago
a829066558
Resolve CVE by updating gomplate to 4.3.3 ( #4224 )
...
Signed-off-by: Phil Brown <pbrown2@atlassian.com>
8 months ago
8bed0f6e16
build(deps): bump the etcd group with 2 updates ( #4213 )
...
Bumps the etcd group with 2 updates: [go.etcd.io/etcd/client/pkg/v3](https://github.com/etcd-io/etcd ) and [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd ).
Updates `go.etcd.io/etcd/client/pkg/v3` from 3.6.1 to 3.6.2
- [Release notes](https://github.com/etcd-io/etcd/releases )
- [Commits](https://github.com/etcd-io/etcd/compare/v3.6.1...v3.6.2 )
Updates `go.etcd.io/etcd/client/v3` from 3.6.1 to 3.6.2
- [Release notes](https://github.com/etcd-io/etcd/releases )
- [Commits](https://github.com/etcd-io/etcd/compare/v3.6.1...v3.6.2 )
---
updated-dependencies:
- dependency-name: go.etcd.io/etcd/client/pkg/v3
dependency-version: 3.6.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: etcd
- dependency-name: go.etcd.io/etcd/client/v3
dependency-version: 3.6.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: etcd
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
8 months ago
f7d34b2b0f
feat: Add ModifyGroupNames claimMutation to oidc connector ( #4144 )
...
Signed-off-by: Mathias Petermann <mathias.petermann@swisscom.com>
8 months ago
28d4f3f068
build(deps): bump alpine from 3.22.0 to 3.22.1 ( #4217 )
...
Bumps alpine from 3.22.0 to 3.22.1.
---
updated-dependencies:
- dependency-name: alpine
dependency-version: 3.22.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
8 months ago
6e57370364
build(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 ( #4214 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.39.0 to 0.40.0.
- [Commits](https://github.com/golang/crypto/compare/v0.39.0...v0.40.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-version: 0.40.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
8 months ago
92dcd86dbd
build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.0 to 4.1.1 ( #4196 )
...
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/go-jose/go-jose/releases )
- [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md )
- [Commits](https://github.com/go-jose/go-jose/compare/v4.1.0...v4.1.1 )
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
dependency-version: 4.1.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
8 months ago
1cb23728b1
build(deps): bump aquasecurity/trivy-action from 0.31.0 to 0.32.0 ( #4210 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.31.0 to 0.32.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](76071ef0d7...dc5a429b52
8 months ago
cb3d7651d7
build(deps): bump sigstore/cosign-installer from 3.9.0 to 3.9.2 ( #4225 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.9.0 to 3.9.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](fb28c2b633...d58896d6a1
8 months ago
356524e4ef
build(deps): bump anchore/sbom-action from 0.20.1 to 0.20.2 ( #4205 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.20.1 to 0.20.2.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](9246b90769...cee1b8e05a
8 months ago
260c087b27
build(deps): bump google.golang.org/grpc in /examples ( #4219 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.73.0 to 1.74.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.73.0...v1.74.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-version: 1.74.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
8 months ago
3ed215890b
build(deps): bump mheap/github-action-required-labels ( #4190 )
...
Bumps [mheap/github-action-required-labels](https://github.com/mheap/github-action-required-labels ) from 5.5.0 to 5.5.1.
- [Release notes](https://github.com/mheap/github-action-required-labels/releases )
- [Commits](388fd6af37...8afbe8ae6a
8 months ago
67b4228595
[oidc] pass httpClient to the TokenIdentity context ( #4223 )
...
Signed-off-by: Vasily Maryutenkov <vasily.maryutenkov@flant.com>
8 months ago
7208747072
Add LDAP parent groups search, Active Directory Hierarchy ( #4113 )
...
This commit enables universal nested group search support across a
variety of LDAP server implementations. It updates the code to allow
recursive group membership discovery during user authentication and
provides CI tests to validate the functionality.
Based on @paroque’s original https://github.com/dexidp/dex/pull/1058
PR.
- Removed `Recursive` boolean flag from config and logic
- Made recursion behavior dependant on presence of `RecursionGroupAttr`
- Updated log messages to reflect changes and follow `slog` structured format
Signed-off-by: Ethan Dieterich <ethandieterich@gmail.com>
9 months ago
56cca05998
build(deps): bump docker/setup-buildx-action from 3.11.0 to 3.11.1 ( #4189 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.11.0 to 3.11.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](18ce135bb5...e468171a9d
9 months ago
ac0446537c
Merge pull request #4170 from dexidp/dependabot/go_modules/api/v2/google.golang.org/grpc-1.73.0
...
build(deps): bump google.golang.org/grpc from 1.72.1 to 1.73.0 in /api/v2
9 months ago
1a11f66526
build(deps): bump google.golang.org/grpc in /api/v2
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.72.1 to 1.73.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.72.1...v1.73.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-version: 1.73.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
9 months ago
f372fdf7e6
Merge pull request #4163 from dexidp/dependabot/docker/alpine-3.22.0
...
build(deps): bump alpine from 3.21.3 to 3.22.0
9 months ago
2e1aab66f1
Merge pull request #4175 from dexidp/dependabot/go_modules/etcd-02511abee6
...
build(deps): bump the etcd group with 2 updates
9 months ago
272a2f2881
Merge pull request #4183 from dexidp/dependabot/go_modules/github.com/go-sql-driver/mysql-1.9.3
...
build(deps): bump github.com/go-sql-driver/mysql from 1.9.2 to 1.9.3
9 months ago
42b242a3d6
Merge pull request #4184 from dexidp/dependabot/github_actions/anchore/sbom-action-0.20.1
...
build(deps): bump anchore/sbom-action from 0.20.0 to 0.20.1
9 months ago
cc979e0507
Merge pull request #4185 from dexidp/dependabot/github_actions/docker/setup-buildx-action-3.11.0
...
build(deps): bump docker/setup-buildx-action from 3.10.0 to 3.11.0
9 months ago
d821814164
Merge pull request #4186 from dexidp/dependabot/go_modules/google.golang.org/api-0.238.0
...
build(deps): bump google.golang.org/api from 0.233.0 to 0.238.0
9 months ago
4da06d1b48
build(deps): bump anchore/sbom-action from 0.20.0 to 0.20.1
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](e11c554f70...9246b90769
9 months ago
52d66cfacc
build(deps): bump sigstore/cosign-installer from 3.8.2 to 3.9.0 ( #4187 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.8.2 to 3.9.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](3454372f43...fb28c2b633
9 months ago
ad6a374b20
build(deps): bump google.golang.org/api from 0.233.0 to 0.238.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.233.0 to 0.238.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.233.0...v0.238.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-version: 0.238.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
9 months ago
69f37df1fe
build(deps): bump docker/setup-buildx-action from 3.10.0 to 3.11.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.10.0 to 3.11.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](b5ca514318...18ce135bb5
9 months ago
8d71a26481
build(deps): bump the etcd group with 2 updates
...
Bumps the etcd group with 2 updates: [go.etcd.io/etcd/client/pkg/v3](https://github.com/etcd-io/etcd ) and [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd ).
Updates `go.etcd.io/etcd/client/pkg/v3` from 3.6.0 to 3.6.1
- [Release notes](https://github.com/etcd-io/etcd/releases )
- [Commits](https://github.com/etcd-io/etcd/compare/v3.6.0...v3.6.1 )
Updates `go.etcd.io/etcd/client/v3` from 3.6.0 to 3.6.1
- [Release notes](https://github.com/etcd-io/etcd/releases )
- [Commits](https://github.com/etcd-io/etcd/compare/v3.6.0...v3.6.1 )
---
updated-dependencies:
- dependency-name: go.etcd.io/etcd/client/pkg/v3
dependency-version: 3.6.1
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: etcd
- dependency-name: go.etcd.io/etcd/client/v3
dependency-version: 3.6.1
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: etcd
...
Signed-off-by: dependabot[bot] <support@github.com>
9 months ago
87ec9e077e
Allow server startup with partial connector failures ( #4159 )
...
Signed-off-by: Manoj Vivek <p.manoj.vivek@gmail.com>
9 months ago
5566d77756
build(deps): bump alpine from 3.21.3 to 3.22.0
...
Bumps alpine from 3.21.3 to 3.22.0.
---
updated-dependencies:
- dependency-name: alpine
dependency-version: 3.22.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
9 months ago
bc87381af0
build(deps): bump distroless/static-debian12 from `188ddfb` to `627d6c5` ( #4181 )
...
Bumps distroless/static-debian12 from `188ddfb` to `627d6c5`.
---
updated-dependencies:
- dependency-name: distroless/static-debian12
dependency-version: nonroot
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9 months ago
19fad89236
build(deps): bump docker/build-push-action from 6.17.0 to 6.18.0 ( #4155 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6.17.0 to 6.18.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](1dc7386353...263435318d
9 months ago
8ba221d179
build(deps): bump github.com/go-sql-driver/mysql from 1.9.2 to 1.9.3
...
Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql ) from 1.9.2 to 1.9.3.
- [Release notes](https://github.com/go-sql-driver/mysql/releases )
- [Changelog](https://github.com/go-sql-driver/mysql/blob/v1.9.3/CHANGELOG.md )
- [Commits](https://github.com/go-sql-driver/mysql/compare/v1.9.2...v1.9.3 )
---
updated-dependencies:
- dependency-name: github.com/go-sql-driver/mysql
dependency-version: 1.9.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
9 months ago
4257990af6
build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 ( #4162 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](f49aabe0b5...05b42c6244
9 months ago
c6b9c792ef
build(deps): bump aquasecurity/trivy-action from 0.30.0 to 0.31.0 ( #4167 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.30.0 to 0.31.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](6c175e9c40...76071ef0d7
9 months ago
d26bbcc07b
build(deps): bump github/codeql-action from 3.28.18 to 3.29.0 ( #4179 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.18 to 3.29.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ff0a06e83c...ce28f5bb42
9 months ago
159163327a
build(deps): bump google.golang.org/grpc in /examples ( #4174 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.72.1 to 1.73.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.72.1...v1.73.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-version: 1.73.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9 months ago
b6334605f0
build(deps): bump golang.org/x/net from 0.40.0 to 0.41.0 ( #4171 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.40.0 to 0.41.0.
- [Commits](https://github.com/golang/net/compare/v0.40.0...v0.41.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.41.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9 months ago
7012c0c8a0
build(deps): bump actions/attest-build-provenance from 2.3.0 to 2.4.0 ( #4180 )
...
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance ) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases )
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md )
- [Commits](db473fddc0...e8998f9491
9 months ago
d7eae8fe79
remove extra method="get" from device-code template ( #4145 )
...
In device-code template, same form tag has method="post", then
followed by method="get".. Chrome can handle that as post just fine,
but in headless environments you might be using Lynx, which uses GET:
it results in 400 Bad Request from Dex server.
Signed-off-by: Tuomo Tanskanen <tuomo.tanskanen@est.tech>
9 months ago
7c9744953f
Merge pull request #4146 from nathanlaceyraft/update-gomplate-cve
...
Resolve CVE by updating gomplate to 4.3.2
10 months ago
07bdd285e6
Resolve CVE by updating gomplate to 4.3.2
...
Signed-off-by: Nathan Lacey <nlacey@teamraft.com>
10 months ago
8e96058e71
Merge pull request #4141 from dexidp/dependencies
...
chore: update dependencies
10 months ago
385e63d4d4
chore: update dependencies
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
10 months ago
6dad0fc16f
Merge pull request #4136 from dexidp/dependabot/go_modules/go.etcd.io/etcd/client/v3-3.6.0
...
build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.21 to 3.6.0
10 months ago
362f2557f7
build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.21 to 3.6.0
...
Bumps [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd ) from 3.5.21 to 3.6.0.
- [Release notes](https://github.com/etcd-io/etcd/releases )
- [Commits](https://github.com/etcd-io/etcd/compare/v3.5.21...v3.6.0 )
---
updated-dependencies:
- dependency-name: go.etcd.io/etcd/client/v3
dependency-version: 3.6.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
10 months ago
183d845758
Merge pull request #4135 from dexidp/dependabot/github_actions/docker/build-push-action-6.17.0
...
build(deps): bump docker/build-push-action from 6.16.0 to 6.17.0
10 months ago
e552a8e8ed
chore: group etcd dependency updates
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
10 months ago
9da4bdb423
Merge pull request #4139 from dexidp/dependabot/github_actions/github/codeql-action-3.28.18
...
build(deps): bump github/codeql-action from 3.28.17 to 3.28.18
10 months ago
Julius Foitzik
dependabot[bot]
Phil Brown
Mathias Petermann
Vasily Maryutenkov
EthanDieterich
Márk Sági-Kazár
Manoj Vivek
Tuomo Tanskanen
Nathan Lacey