habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: bump goauthentik/fips-python from 3.12.10-slim-bookworm-fips to 3.13.3-slim-bookworm-fips (#12763)

Browse Source 
* core: bump goauthentik/fips-python from 3.12.7-slim-bookworm-fips to 3.13.1-slim-bookworm-fips

Dependabot couldn't find the original pull request head commit, 57d3f7b1d72de7f2448d0ce661c74de53412bdd5.

* upgrade the rest

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update dev env

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* silence docker build action about env name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* bump to 3.13.3

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
dependabot[bot]
2025-05-03 22:04:49 +02:00
committed by GitHub
parent 1912991682
commit 91b40350aa
10 changed files with 469 additions and 350 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Dockerfile
View File

@ -85,18 +85,17 @@ FROM --platform=${BUILDPLATFORM} ghcr.io/maxmind/geoipupdate:v7.1.0 AS geoip
ENV GEOIPUPDATE_EDITION_IDS="GeoLite2-City GeoLite2-ASN" ENV GEOIPUPDATE_EDITION_IDS="GeoLite2-City GeoLite2-ASN"
ENV GEOIPUPDATE_VERBOSE="1" ENV GEOIPUPDATE_VERBOSE="1"
ENV GEOIPUPDATE_ACCOUNT_ID_FILE="/run/secrets/GEOIPUPDATE_ACCOUNT_ID" ENV GEOIPUPDATE_ACCOUNT_ID_FILE="/run/secrets/GEOIPUPDATE_ACCOUNT_ID"
ENV GEOIPUPDATE_LICENSE_KEY_FILE="/run/secrets/GEOIPUPDATE_LICENSE_KEY"
USER root USER root
RUN --mount=type=secret,id=GEOIPUPDATE_ACCOUNT_ID \ RUN --mount=type=secret,id=GEOIPUPDATE_ACCOUNT_ID \
--mount=type=secret,id=GEOIPUPDATE_LICENSE_KEY \ --mount=type=secret,id=GEOIPUPDATE_LICENSE_KEY \
mkdir -p /usr/share/GeoIP && \ mkdir -p /usr/share/GeoIP && \
/bin/sh -c "/usr/bin/entry.sh || echo 'Failed to get GeoIP database, disabling'; exit 0" /bin/sh -c "GEOIPUPDATE_LICENSE_KEY_FILE=/run/secrets/GEOIPUPDATE_LICENSE_KEY /usr/bin/entry.sh || echo 'Failed to get GeoIP database, disabling'; exit 0"
# Stage 5: Download uv # Stage 5: Download uv
FROM ghcr.io/astral-sh/uv:0.7.2 AS uv FROM ghcr.io/astral-sh/uv:0.7.2 AS uv
# Stage 6: Base python image # Stage 6: Base python image
FROM ghcr.io/goauthentik/fips-python:3.12.10-slim-bookworm-fips AS python-base FROM ghcr.io/goauthentik/fips-python:3.13.3-slim-bookworm-fips AS python-base
ENV VENV_PATH="/ak-root/.venv" \ ENV VENV_PATH="/ak-root/.venv" \
PATH="/lifecycle:/ak-root/.venv/bin:$PATH" \ PATH="/lifecycle:/ak-root/.venv/bin:$PATH" \

2
authentik/api/schema.py
View File

@ -54,7 +54,7 @@ def create_component(generator: SchemaGenerator, name, schema, type_=ResolvedCom
return component return component
def postprocess_schema_responses(result, generator: SchemaGenerator, **kwargs): # noqa: W0613 def postprocess_schema_responses(result, generator: SchemaGenerator, **kwargs):
"""Workaround to set a default response for endpoints. """Workaround to set a default response for endpoints.
Workaround suggested at Workaround suggested at
<https://github.com/tfranzel/drf-spectacular/issues/119#issuecomment-656970357> <https://github.com/tfranzel/drf-spectacular/issues/119#issuecomment-656970357>

4
authentik/blueprints/v1/common.py
View File

@ -164,9 +164,7 @@ class BlueprintEntry:
"""Get the blueprint model, with yaml tags resolved if present""" """Get the blueprint model, with yaml tags resolved if present"""
return str(self.tag_resolver(self.model, blueprint)) return str(self.tag_resolver(self.model, blueprint))
def get_permissions( def get_permissions(self, blueprint: "Blueprint") -> Generator[BlueprintEntryPermission]:
self, blueprint: "Blueprint"
) -> Generator[BlueprintEntryPermission, None, None]:
"""Get permissions of this entry, with all yaml tags resolved""" """Get permissions of this entry, with all yaml tags resolved"""
for perm in self.permissions: for perm in self.permissions:
yield BlueprintEntryPermission( yield BlueprintEntryPermission(

2
authentik/events/logs.py
View File

@ -57,7 +57,7 @@ class LogEventSerializer(PassiveSerializer):
@contextmanager @contextmanager
def capture_logs(log_default_output=True) -> Generator[list[LogEvent], None, None]: def capture_logs(log_default_output=True) -> Generator[list[LogEvent]]:
"""Capture log entries created""" """Capture log entries created"""
logs = [] logs = []
cap = LogCapture() cap = LogCapture()

2
authentik/lib/sync/mapper.py
View File

@ -59,7 +59,7 @@ class PropertyMappingManager:
request: HttpRequest | None, request: HttpRequest | None,
return_mapping: bool = False, return_mapping: bool = False,
**kwargs, **kwargs,
) -> Generator[tuple[dict, PropertyMapping], None]: ) -> Generator[tuple[dict, PropertyMapping]]:
"""Iterate over all mappings that were pre-compiled and """Iterate over all mappings that were pre-compiled and
execute all of them with the given context""" execute all of them with the given context"""
if not self.__has_compiled: if not self.__has_compiled:

2
authentik/providers/scim/clients/groups.py
View File

@ -199,7 +199,7 @@ class SCIMGroupClient(SCIMClient[Group, SCIMProviderGroup, SCIMGroupSchema]):
chunk_size = len(ops) chunk_size = len(ops)
if len(ops) < 1: if len(ops) < 1:
return return
for chunk in batched(ops, chunk_size): for chunk in batched(ops, chunk_size, strict=False):
req = PatchRequest(Operations=list(chunk)) req = PatchRequest(Operations=list(chunk))
self._request( self._request(
"PATCH", "PATCH",

6
pyproject.toml
View File

@ -3,7 +3,7 @@ name = "authentik"
version = "2025.4.0" version = "2025.4.0"
description = "" description = ""
authors = [{ name = "authentik Team", email = "hello@goauthentik.io" }] authors = [{ name = "authentik Team", email = "hello@goauthentik.io" }]
requires-python = "==3.12.*" requires-python = "==3.13.*"
dependencies = [ dependencies = [
"argon2-cffi", "argon2-cffi",
"celery", "celery",
@ -155,12 +155,12 @@ ignore-words = ".github/codespell-words.txt"
[tool.black] [tool.black]
line-length = 100 line-length = 100
target-version = ['py312'] target-version = ['py313']
exclude = 'node_modules' exclude = 'node_modules'
[tool.ruff] [tool.ruff]
line-length = 100 line-length = 100
target-version = "py312" target-version = "py313"
exclude = ["**/migrations/**", "**/node_modules/**"] exclude = ["**/migrations/**", "**/node_modules/**"]
[tool.ruff.lint] [tool.ruff.lint]

782
uv.lock generated
View File

File diff suppressed because it is too large Load Diff

2
website/docs/developer-docs/index.md
View File

@ -163,7 +163,7 @@ While the prerequisites above must be satisfied prior to having your pull reques
All Python code is linted with [black](https://black.readthedocs.io/en/stable/) and [Ruff](https://docs.astral.sh/ruff). All Python code is linted with [black](https://black.readthedocs.io/en/stable/) and [Ruff](https://docs.astral.sh/ruff).
authentik runs on Python 3.12 at the time of writing this. authentik runs on Python 3.13 at the time of writing this.
- Use native type-annotations wherever possible. - Use native type-annotations wherever possible.
- Add meaningful docstrings when possible. - Add meaningful docstrings when possible.

10
website/docs/developer-docs/setup/full-dev-environment.mdx
View File

@ -15,9 +15,9 @@ import ExecutionEnvironment from "@docusaurus/ExecutionEnvironment";
## Requirements ## Requirements
- [Python](https://www.python.org/) (3.12 or later) - [Python](https://www.python.org/) (3.13 or later)
- [uv](https://docs.astral.sh/uv/getting-started/installation/), (Latest stable release) - [uv](https://docs.astral.sh/uv/getting-started/installation/), (Latest stable release)
- [Go](https://go.dev/) (1.23 or later) - [Go](https://go.dev/) (1.24 or later)
- [Node.js](https://nodejs.org/en) (22 or later) - [Node.js](https://nodejs.org/en) (22 or later)
- [PostgreSQL](https://www.postgresql.org/) (16 or later) - [PostgreSQL](https://www.postgresql.org/) (16 or later)
- [Redis](https://redis.io/) (7 or later) - [Redis](https://redis.io/) (7 or later)
@ -54,9 +54,8 @@ values={[
To install the native dependencies on macOS, run: To install the native dependencies on macOS, run:
```sh ```sh
$ pip install uv
$ brew install libxmlsec1 libpq krb5 # Required development libraries, $ brew install libxmlsec1 libpq krb5 # Required development libraries,
$ brew install postgresql redis node@22 golangci-lint # Required CLI tools $ brew install uv postgresql redis node@22 golangci-lint # Required CLI tools
``` ```
</TabItem> </TabItem>
@ -72,8 +71,7 @@ $ sudo apt-get install postresql redis
Adjust your needs as required for other distributions such as Red Hat, SUSE, or Arch. Adjust your needs as required for other distributions such as Red Hat, SUSE, or Arch.
Install golangci-lint locally [from the site Install golangci-lint locally [from the site instructions](https://golangci-lint.run/welcome/install/#other-ci).
instructions](https://golangci-lint.run/welcome/install/#other-ci).
</TabItem> </TabItem>