Releases: goauthentik/authentik
Release 2023.10.6
See https://goauthentik.io/docs/releases/2023.10#fixed-in-2023106
What's Changed
- providers/oauth2: remember session_id from initial token (cherry-pick #7976) by @gcp-cherry-pick-bot in #7977
- outposts: fix Outpost reconcile not re-assigning managed attribute (cherry-pick #8014) by @gcp-cherry-pick-bot in #8020
- providers/proxy: use access token (cherry-pick #8022) by @gcp-cherry-pick-bot in #8023
- outposts: disable deployment and secret reconciler for embedded outpost in code instead of in config (cherry-pick #8021) by @gcp-cherry-pick-bot in #8024
- rbac: fix error when looking up permissions for now uninstalled apps (cherry-pick #8068) by @gcp-cherry-pick-bot in #8070
- web/flows: fix device picker incorrect foreground color (cherry-pick #8067) by @gcp-cherry-pick-bot in #8069
- providers/oauth2: fix CVE-2024-21637 (cherry-pick #8104) by @gcp-cherry-pick-bot in #8105
Full Changelog: version/2023.10.5...version/2023.10.6
Release 2023.10.5
See https://goauthentik.io/docs/releases/2023.10#fixed-in-2023105
What's Changed
- tests: fix flaky tests (cherry-pick #7676) by @gcp-cherry-pick-bot in #7939
- providers/scim: change familyName default (cherry-pick #7904) by @gcp-cherry-pick-bot in #7930
- web: fix overflow glitch on ak-page-header (cherry-pick #7883) by @gcp-cherry-pick-bot in #7931
- root: Fix cache related image build issues (cherry-pick #7831) by @gcp-cherry-pick-bot in #7932
- web/user: fix search not updating app (cherry-pick #7825) by @gcp-cherry-pick-bot in #7933
- blueprints: improve file change handler (cherry-pick #7813) by @gcp-cherry-pick-bot in #7934
- root: don't show warning when app has no URLs to import (cherry-pick #7765) by @gcp-cherry-pick-bot in #7935
- stages/email: improve error handling for incorrect template syntax (cherry-pick #7758) by @gcp-cherry-pick-bot in #7936
- events: include user agent in events (cherry-pick #7693) by @gcp-cherry-pick-bot in #7938
- events: add better fallback for sanitize_item to ensure everything can be saved as JSON (cherry-pick #7694) by @gcp-cherry-pick-bot in #7937
Full Changelog: version/2023.10.4...version/2023.10.5
Release 2023.8.5
See https://goauthentik.io/docs/releases/2023.8#fixed-in-202385
What's Changed
Full Changelog: version/2023.8.4...version/2023.8.5
Release 2023.10.4
See https://goauthentik.io/docs/releases/2023.10#fixed-in-2023104
What's Changed
- providers/proxy: Fix duplicate cookies when using file system store. (cherry-pick #7541) by @gcp-cherry-pick-bot in #7544
- stages/email: use uuid for email confirmation token instead of username (cherry-pick #7581) by @gcp-cherry-pick-bot in #7584
- events: sanitize functions (cherry-pick #7587) by @gcp-cherry-pick-bot in #7589
- providers/scim: fix missing schemas attribute for User and Group (cherry-pick #7477) by @gcp-cherry-pick-bot in #7596
- events: fix missing model_* events when not directly authenticated (cherry-pick #7588) by @gcp-cherry-pick-bot in #7597
- ci: fix permissions for release pipeline to publish binaries (cherry-pick #7512) by @gcp-cherry-pick-bot in #7621
- core: bump golang from 1.21.3-bookworm to 1.21.4-bookworm (cherry-pick #7483) by @gcp-cherry-pick-bot in #7622
- events: don't update internal service accounts unless needed (cherry-pick #7611) by @gcp-cherry-pick-bot in #7640
- security: fix CVE-2023-48228 (cherry-pick #7666) by @gcp-cherry-pick-bot in #7668
Full Changelog: version/2023.10.3...version/2023.10.4
Release 2023.10.3
See https://goauthentik.io/docs/releases/2023.10#fixed-in-2023103
Note: for this specific release, we will not be publishing binary versions of the outposts due to a CI/CD issue. No changes affect those outposts, you can still run 2023.10.2.
What's Changed
- root: Improve multi arch Docker image build speed (cherry-pick #7355) by @gcp-cherry-pick-bot in #7426
- providers/oauth2: set auth_via for token and other endpoints (cherry-pick #7417) by @gcp-cherry-pick-bot in #7427
- stages/email: fix duplicate querystring encoding (cherry-pick #7386) by @gcp-cherry-pick-bot in #7425
- web/admin: fix html error on oauth2 provider page (cherry-pick #7384) by @gcp-cherry-pick-bot in #7424
- ci: explicitly give write permissions to packages (cherry-pick #7428) by @gcp-cherry-pick-bot in #7430
- providers/proxy: fix closed redis client (cherry-pick #7385) by @gcp-cherry-pick-bot in #7429
- sources/oauth: fix patreon (cherry-pick #7454) by @gcp-cherry-pick-bot in #7456
- web/flows: attempt to fix bitwareden android compatibility (cherry-pick #7455) by @gcp-cherry-pick-bot in #7457
- events: fix gdpr compliance always running (cherry-pick #7491) by @gcp-cherry-pick-bot in #7505
- Web: bugfix: broken backchannel selector (cherry-pick #7480) by @gcp-cherry-pick-bot in #7507
- core: fix worker beat toggle inverted (cherry-pick #7508) by @gcp-cherry-pick-bot in #7509
Full Changelog: version/2023.10.2...version/2023.10.3
Release 2023.8.4
See https://goauthentik.io/docs/releases/2023.8#fixed-in-202384
What's Changed
- providers/saml: set WantAuthnRequestsSigned in metadata (cherry-pick #6851) by @gcp-cherry-pick-bot in #6880
- sources/ldap: fix inverted interpretation of FreeIPA nsaccountlock (cherry-pick #6877) by @gcp-cherry-pick-bot in #6879
New Contributors
- @gcp-cherry-pick-bot made their first contribution in #6880
Full Changelog: version/2023.8.3...version/2023.8.4
Release 2023.10.2
See https://goauthentik.io/docs/releases/2023.10#fixed-in-2023102
What's Changed
- website/docs: update release notes for 2023.10.1 by @BeryJu in #7316
- web: bump API Client version by @authentik-automation in #7321
- stages/email: fix sending emails from task by @BeryJu in #7325
- providers/proxy: attempt to fix duplicate cookie by @BeryJu in #7324
- website/blogs: Blog dockers by @tanberry in #7328
- core: bump pydantic-scim from 0.0.7 to 0.0.8 by @dependabot in #7336
- core: bump ruff from 0.1.2 to 0.1.3 by @dependabot in #7335
- core: bump goauthentik.io/api/v3 from 3.2023083.10 to 3.2023101.1 by @dependabot in #7334
- core: bump github.com/google/uuid from 1.3.1 to 1.4.0 by @dependabot in #7333
- web/admin: fix role form reacting to enter by @BeryJu in #7330
- website/docs: add warning about upgrading to 2023.10 by @BeryJu in #7340
- rbac: handle lookup error by @BeryJu in #7341
- web/admin: fix @change handler for ak-radio elements by @BeryJu in #7348
- blueprints: fix entries with state: absent not being deleted if their serializer has errors by @BeryJu in #7345
- crypto: fix race conditions when creating self-signed certificates on startup by @BeryJu in #7344
- website/docs: add warning about Helm breaking change in 2024.x by @rissson in #7351
- translate: Updates for file web/xliff/en.xlf in zh_CN by @transifex-integration in #7353
- translate: Updates for file web/xliff/en.xlf in zh-Hans by @transifex-integration in #7354
- lifecycle: rework otp_merge migration by @BeryJu in #7359
- website/docs: add missing breaking change due to APPEND_SLASH by @BeryJu in #7360
- website/docs: prepare 2023.10.2 release notes by @BeryJu in #7362
- security: fix oobe-flow reuse when akadmin is deleted by @BeryJu in #7361
Full Changelog: version/2023.10.1...version/2023.10.2
Release 2023.10.1
See https://goauthentik.io/docs/releases/2023.10#fixed-in-2023101
What's Changed
- web: bump API Client version by @authentik-automation in #7311
- root: fix pylint errors by @BeryJu in #7312
- lifecycle: fix otp merge migration by @BeryJu in #7315
Full Changelog: version/2023.10.0...version/2023.10.1
Release 2023.10.0
See https://goauthentik.io/docs/releases/2023.10
What's Changed
- web: bump API Client version by @authentik-automation in #6734
- root: connect to backend via socket by @BeryJu in #6720
- web: replace ampersand by @BeryJu in #6737
- web/admin: fix application icon size by @BeryJu in #6738
- core: compile backend translations by @authentik-automation in #6739
- web/admin: fix circular dependency by @BeryJu in #6740
- root: fix broken celery dependency by @BeryJu in #6744
- web: bump rollup-plugin-copy from 3.4.0 to 3.5.0 in /web by @dependabot in #6743
- core: bump celery from 5.3.1 to 5.3.4 by @dependabot in #6746
- core: bump goauthentik.io/api/v3 from 3.2023081.3 to 3.2023082.1 by @dependabot in #6747
- sources/ldap: fix FreeIPA nsaccountlock sync by @BeryJu in #6745
- stages/authenticator: vendor otp by @BeryJu in #6741
- web: bump API Client version by @authentik-automation in #6748
- website/docs: enterprise: add note about upgrading the amount of users by @rissson in #6750
- ci: bump actions/checkout from 3 to 4 by @dependabot in #6754
- core: bump django from 4.2.4 to 4.2.5 by @dependabot in #6751
- web: bump @types/codemirror from 5.60.9 to 5.60.10 in /web by @dependabot in #6758
- web: bump @typescript-eslint/parser from 6.5.0 to 6.6.0 in /web by @dependabot in #6757
- web: bump the eslint group in /web with 1 update by @dependabot in #6755
- web: bump @types/chart.js from 2.9.37 to 2.9.38 in /web by @dependabot in #6756
- web: bump the babel group in /web with 5 updates by @dependabot in #6753
- core: bump goauthentik.io/api/v3 from 3.2023082.1 to 3.2023082.2 by @dependabot in #6752
- web: don't import entire SourceViewPage in flow and user interface by @BeryJu in #6761
- stages/password: fix failed_attempts_before_cancel allowing one too m… by @BeryJu in #6763
- flows: remove need for post() wrapper by using dispatch by @BeryJu in #6765
- policies/reputation: require either check to be enabled by @BeryJu in #6764
- stages/password: move password validation to serializer by @BeryJu in #6766
- web/admin: fix not being able to unset certificates by @kensternberg-authentik in #6767
- web: bump pyright from 1.1.325 to 1.1.326 in /web by @dependabot in #6774
- web: bump the sentry group in /web with 2 updates by @dependabot in #6773
- core: bump goauthentik.io/api/v3 from 3.2023082.2 to 3.2023082.6 by @dependabot in #6770
- core: bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 by @dependabot in #6772
- root: lock node to 20.5 by @BeryJu in #6776
- core: bump github.com/getsentry/sentry-go from 0.23.0 to 0.24.0 by @dependabot in #6771
- web: bump rollup from 3.28.1 to 3.29.0 in /web by @dependabot in #6775
- website/dev-docs: add raw markdown template by @tanberry in #6768
- website/docs: rework user reference page by @BeryJu in #6777
- translate: Updates for file web/xliff/en.xlf in zh-Hans on branch main by @transifex-integration in #6791
- translate: Updates for file web/xliff/en.xlf in zh_CN on branch main by @transifex-integration in #6788
- translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans on branch main by @transifex-integration in #6790
- translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN on branch main by @transifex-integration in #6789
- core: bump coverage from 7.3.0 to 7.3.1 by @dependabot in #6786
- web: bump the sentry group in /web with 2 updates by @dependabot in #6787
- website: bump react-tooltip from 5.21.1 to 5.21.3 in /website by @dependabot in #6785
- core: bump golang from 1.21.0-bookworm to 1.21.1-bookworm by @dependabot in #6783
- website/dev-docs: more raw templates, fixed wget link by @tanberry in #6778
- core: bump debugpy from 1.6.7.post1 to 1.7.0 by @dependabot in #6799
- web: bump core-js from 3.32.1 to 3.32.2 in /web by @dependabot in #6800
- core: bump pytest from 7.4.1 to 7.4.2 by @dependabot in #6803
- core: bump twilio from 8.7.0 to 8.8.0 by @dependabot in #6802
- web: bump @formatjs/intl-listformat from 7.4.0 to 7.4.1 in /web by @dependabot in #6801
- core: bump gitpython from 3.1.34 to 3.1.35 by @dependabot in #6805
- sources/ldap: fix task timeout for ldap_sync_all and ldap_sync_single by @a-gerhard in #6809
- web: bump rollup from 3.29.0 to 3.29.1 in /web by @dependabot in #6828
- core: bump black from 23.7.0 to 23.9.1 by @dependabot in #6833
- core: bump pdoc from 14.0.0 to 14.1.0 by @dependabot in #6832
- ci: bump tibdex/github-app-token from 1 to 2 by @dependabot in #6831
- web: bump the eslint group in /web with 1 update by @dependabot in #6827
- web: bump @formatjs/intl-listformat from 7.4.1 to 7.4.2 in /web by @dependabot in #6830
- web: bump vite-tsconfig-paths from 4.2.0 to 4.2.1 in /web by @dependabot in #6829
- translate: Updates for file web/xliff/en.xlf in nl on branch main by @transifex-integration in #6821
- translate: Updates for file locale/en/LC_MESSAGES/django.po in nl on branch main by @transifex-integration in #6820
- web: bump the babel group in /web with 1 update by @dependabot in #6826
- core: compile backend translations by @authentik-automation in #6835
- sources/ldap: dont prefetch useless items by @a-gerhard in #6812
- website/docs: add missing word to index.mdx by @mlbarrow in #6818
- web/admin: fix flow-search not being able to unset by @BeryJu in #6838
- ci: docker build: enable GHA cache by @rissson in #5341
- providers/scim: check that a provider exists before starting scim task by @BeryJu in #6841
- core: remove celery's duplicate max_tasks_per_child by @BeryJu in #6840
- website/blogs: blog about Sourcegraph by @tanberry in #6814
- website/docs: prepare 2023.8.3 release notes by @BeryJu in #6843
- web/admin: simplify sidebar renderer by @kensternberg-authentik in #6797
- web: bump API Client version by @authentik-automation in #6850
- web: bump @typescript-eslint/parser from 6.6.0 to 6.7.0 in /web by @dependabot in #6847
- web: bump the eslint group in /web with 1 update by @dependabot in #6846
- root: fix dumb-init by @rissson in #6853
- providers/saml: set WantAuthnRequestsSigned in metadata by @BeryJu in #6851
- root: fix gunicorn not starting by @rissson in #6860
- core: bump goauthentik.io/api/v3 from 3.2023082.6 to 3.2023083.1 by @dependabot in #6859
- core: bump ruff from 0.0.287 to 0.0.288 by @dependabot in #6858
- root: ad...