This commit is a quick-and-dirty prototypes for what such a list
view would look like. None of the usual bells and whistles have
been applied: the styles are ugly, the reveals overly quick, and
there's probably a host of other things we could do to pretty it
up (like search, or toggle between Alphabetical and ASCIIBetical,
although in the context of I18N does that even mean anything
anymore?). But it does the job.
* main:
website/docs: fix openssl rand commands (#9554)
web: bump @sentry/browser from 7.112.2 to 7.113.0 in /web in the sentry group (#9549)
core, web: update translations (#9548)
core: bump goauthentik.io/api/v3 from 3.2024041.1 to 3.2024041.2 (#9551)
core: bump django-model-utils from 4.5.0 to 4.5.1 (#9550)
providers/scim: fix time_limit not set correctly (#9546)
* main:
web/flows: fix error when enrolling multiple WebAuthn devices consecutively (#9545)
web: bump ejs from 3.1.9 to 3.1.10 in /tests/wdio (#9542)
web: bump API Client version (#9543)
providers/saml: fix ecdsa support (#9537)
website/integrations: nextcloud: connect to existing user (#9155)
* doc: integration: nextcloud: connect to existing user
Add instruction on how to link an existing Nextcloud user to the authentik user.
Signed-off-by: Pierrick Guillaume <34305318+Fymyte@users.noreply.github.com>
* Apply suggested changes
Signed-off-by: Pierrick Guillaume <pierguill@gmail.com>
* Fix missing letter
Signed-off-by: Pierrick Guillaume <pierguill@gmail.com>
* Run prettier
* Remove tip
* fix federated cloud id tip and indentation
---------
Signed-off-by: Pierrick Guillaume <34305318+Fymyte@users.noreply.github.com>
Signed-off-by: Pierrick Guillaume <pierguill@gmail.com>
Co-authored-by: Pierrick Guillaume <pguillaume@sequans.com>
* main: (43 commits)
stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#9535)
web: bump the rollup group across 1 directory with 3 updates (#9532)
website/developer-docs: Add note for custom YAML tags in an IDE (#9528)
lifecycle: close database connection after migrating (#9516)
web: bump the babel group in /web with 3 updates (#9520)
core: bump node from 21 to 22 (#9521)
web: bump @codemirror/lang-python from 6.1.5 to 6.1.6 in /web (#9523)
providers/rac: bump guacd to 1.5.5 (#9514)
core: only prefetch related objects when required (#9476)
website/integrations: move Fortimanager to Networking (#9505)
website: bump react-tooltip from 5.26.3 to 5.26.4 in /website (#9494)
web: bump the rollup group in /web with 3 updates (#9497)
web: bump yaml from 2.4.1 to 2.4.2 in /web (#9499)
core: bump goauthentik.io/api/v3 from 3.2024040.1 to 3.2024041.1 (#9503)
core: bump pytest from 8.1.1 to 8.2.0 (#9501)
website: bump react-dom from 18.3.0 to 18.3.1 in /website (#9495)
website: bump react and @types/react in /website (#9496)
web: bump react-dom from 18.3.0 to 18.3.1 in /web (#9498)
core: bump sentry-sdk from 2.0.0 to 2.0.1 (#9502)
web/flows: fix missing fallback for flow logo (#9487)
...
Add note for custom tags in an IDE
Custom tags are not provided via the schema file, but must be defined in the IDE. If this is not done, the IDE displays syntax errors when using the custom tags.
Signed-off-by: Nils Mittler <70568139+mittler-works@users.noreply.github.com>
* events: ensure all models' __str__ can be called without any further lookups
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* allow for additional queries for models using default_token_key
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* main:
web: clean up some repetitive types (#9241)
core: fix logic for token expiration (#9426)
ci: fix ci pipeline (#9427)
translate: Updates for file locale/en/LC_MESSAGES/django.po in ru (#9424)
web: Add resolved and integrity fields back to package-lock.json (#9419)
translate: Updates for file locale/en/LC_MESSAGES/django.po in ru (#9407)
stages/identification: don't check source component (#9410)
core: bump selenium from 4.19.0 to 4.20.0 (#9411)
core: bump black from 24.4.0 to 24.4.1 (#9412)
ci: bump golangci/golangci-lint-action from 4 to 5 (#9413)
core: bump goauthentik.io/api/v3 from 3.2024023.2 to 3.2024040.1 (#9414)
web: bump @sentry/browser from 7.112.1 to 7.112.2 in /web in the sentry group (#9416)
sources/oauth: ensure all UI sources return a valid source (#9401)
web: markdown: display markdown even when frontmatter is missing (#9404)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: clean up some repetitive types
This commit centralizes two types that were defined multiple times throughout our code, and
casts in stone those definitions, applying the correct definitions where needed.
I had two types that were used repeatedly to define the interfaces for providers and context
consumers. Because they were both one-liners, I had done what I usually curse in others: copied
them. Worse, I hand-wrote them because they're so simple I had them memorized.
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: markdown: display markdown even when frontmatter is missing
Make the check for the document title comprehensive across the
entire demeter. If there is no front matter, `data` will be missing,
not just `data.title`.
* main:
web: bump API Client version (#9400)
release: 2024.4.0
release: 2024.4.0-rc1
root: bump blueprint schema version
lifecycle: fix ak test-all command
website/docs: finalize 2024.4 release notes (#9396)
web: bump @sentry/browser from 7.111.0 to 7.112.1 in /web in the sentry group (#9387)
web: bump the rollup group in /web with 3 updates (#9388)
ci: bump helm/kind-action from 1.9.0 to 1.10.0 (#9389)
website: bump clsx from 2.1.0 to 2.1.1 in /website (#9390)
core: bump pydantic from 2.7.0 to 2.7.1 (#9391)
core: bump freezegun from 1.4.0 to 1.5.0 (#9393)
core: bump coverage from 7.4.4 to 7.5.0 (#9392)
web: bump the storybook group in /web with 7 updates (#9380)
web: bump the rollup group in /web with 3 updates (#9381)
* main: (24 commits)
web: bump the wdio group in /tests/wdio with 4 updates (#9374)
web: bump the rollup group in /web with 3 updates (#9371)
core: bump ruff from 0.4.0 to 0.4.1 (#9372)
core, web: update translations (#9366)
web/admin: fix document title for admin interface (#9362)
translate: Updates for file web/xliff/en.xlf in zh_CN (#9363)
translate: Updates for file web/xliff/en.xlf in zh-Hans (#9364)
core, web: update translations (#9360)
website/docs: release notes 2024.4: add performance improvements values (#9356)
translate: Updates for file web/xliff/en.xlf in zh_CN (#9317)
translate: Updates for file web/xliff/en.xlf in zh-Hans (#9318)
website/docs: 2024.4 release notes (#9267)
sources/ldap: fix default blueprint for mapping user DN to path (#9355)
web/admin: group form dual select (#9354)
core: bump golang.org/x/net from 0.22.0 to 0.23.0 (#9351)
core: bump goauthentik.io/api/v3 from 3.2024023.1 to 3.2024023.2 (#9345)
web: bump chromedriver from 123.0.3 to 123.0.4 in /tests/wdio (#9348)
core: bump twilio from 9.0.4 to 9.0.5 (#9346)
core: bump ruff from 0.3.7 to 0.4.0 (#9347)
web: bump @sentry/browser from 7.110.1 to 7.111.0 in /web in the sentry group (#9349)
...
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: fix locale prioritization scheme
The locale priority algorithm had two problems: first, the order was incorrect, allowing the global
default from globalAK() to override a lot of more precise settings; second, the algorithm would take
outside locale overrides from the event handler, which was not necessary.
This commit revises the locale prioritization scheme. It continues to watch for "change of locale"
events from all sources (URL, browser, and user/brand/site internal settings), but if the event
carries a suggested locale, that suggestion is ignored. Instead, when a change of locale event
occurs, it re-runs the algorithm in priority order.
That order is:
- The URL query parameter `locale=`
- The User's stated preference in `CurrentUser.attributes`
- The Browser's stated locale
- The Brand's stated preference in `CurrentBrand.attributes`
- The authentik instance's setting `from window.globalAK()`
- The default locale complied into the UI at build time.
Note to @tanberry: We should note this order somewhere in the documentation, so that users are not
"surprised" that their user preference (set in User Interface -> Settings -> User Details -> Locale)
is not overriden by the browser's preference. (The setting they need is "Based on your browser" to
make browser locale detection work.)
* web: fix locale prioritization scheme
The locale priority algorithm had two problems: first, the order was incorrect, allowing the global
default from globalAK() to override a lot of more precise settings; second, the algorithm would take
outside locale overrides from the event handler, which was not necessary.
This commit revises the locale prioritization scheme. It continues to watch for "change of locale"
events from all sources (URL, browser, and user/brand/site internal settings), but if the event
carries a suggested locale, that suggestion is ignored. Instead, when a change of locale event
occurs, it re-runs the algorithm in priority order.
That order is:
- The URL query parameter `locale=`
- The User's stated preference in `CurrentUser.attributes`
- The Browser's stated locale
- The Brand's stated preference in `CurrentBrand.attributes`
- The authentik instance's setting `from window.globalAK()`
- The default locale complied into the UI at build time.
Note to @tanberry: We should note this order somewhere in the documentation, so that users are not
"surprised" that their user preference (set in User Interface -> Settings -> User Details -> Locale)
is not overriden by the browser's preference. (The setting they need is "Based on your browser" to
make browser locale detection work.)
* web: locale patch for currentUser.settings
Temporarily skipping currentUser.settings.locale as a source of
truth because it's not portable between User/Admin and Flow; Flow
in a logged-out state has no access to `/me`, but we need to probe
`/me` for user settings. This conflict currently triggers a bug
in the session heartbeat handler.
* main:
stages/prompt: fix username field throwing error with existing user (#9342)
root: expose session storage configuration (#9337)
website/integrations: fix typo (#9340)
root: fix go.mod for codeql checking (#9338)
root: make redis settings more consistent (#9335)
web/admin: fix error in admin interface due to un-hydrated context (#9336)
web: bump API Client version (#9334)
stages/authenticator_webauthn: fix attestation value (#9333)
website/docs: fix SECRET_KEY length (#9328)
website/docs: fix email template formatting (#9330)
core, web: update translations (#9323)
web: bump @patternfly/elements from 3.0.0 to 3.0.1 in /web (#9324)
core: bump celery from 5.3.6 to 5.4.0 (#9325)
core: bump goauthentik.io/api/v3 from 3.2024022.12 to 3.2024023.1 (#9327)
sources/scim: service account should be internal (#9321)
web: bump the storybook group in /web with 8 updates (#9266)
sources/scim: cleanup service account when source is deleted (#9319)
fix formating issue
Fixes:
django.template.exceptions.TemplateSyntaxError: 'blocktrans' doesn't allow other block tags (seen "trans 'You recently requested to change your password for you authentik account. Use the button below to set a new password.'") inside it
Signed-off-by: Zapfmeister <zapfmeister@gmail.com>
* main: (23 commits)
web: bump API Client version (#9316)
release: 2024.2.3
website/docs: 2024.2.3 release notes (#9313)
web/admin: fix log viewer empty state (#9315)
website/docs: fix formatting for stage changes (#9314)
core: bump github.com/go-ldap/ldap/v3 from 3.4.7 to 3.4.8 (#9310)
core: bump goauthentik.io/api/v3 from 3.2024022.11 to 3.2024022.12 (#9311)
web: bump core-js from 3.36.1 to 3.37.0 in /web (#9309)
core: bump gunicorn from 21.2.0 to 22.0.0 (#9308)
core, web: update translations (#9307)
website/docs: system settings: add default token duration and length (#9306)
web/flows: update flow background (#9305)
web: fix locale loading being skipped (#9301)
translate: Updates for file web/xliff/en.xlf in fr (#9304)
translate: Updates for file locale/en/LC_MESSAGES/django.po in fr (#9303)
core: replace authentik_signals_ignored_fields with audit_ignore (#9291)
web/flow: fix form input rendering issue (#9297)
events: fix incorrect user logged when using API token authentication (#9302)
translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#9293)
translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#9295)
...
* main: (34 commits)
web: bump API Client version (#9299)
core: fix api schema for users and groups (#9298)
providers/oauth2: fix refresh_token grant returning incorrect id_token (#9275)
web: bump @sentry/browser from 7.110.0 to 7.110.1 in /web in the sentry group (#9278)
core, web: update translations (#9277)
web: bump the rollup group in /web with 3 updates (#9280)
web: bump lit from 3.1.2 to 3.1.3 in /web (#9282)
web: bump @lit/context from 1.1.0 to 1.1.1 in /web (#9281)
website: bump @types/react from 18.2.78 to 18.2.79 in /website (#9286)
core: bump goauthentik.io/api/v3 from 3.2024022.10 to 3.2024022.11 (#9285)
core: bump sqlparse from 0.4.4 to 0.5.0 (#9276)
lifecycle: gunicorn: fix app preload (#9274)
events: add indexes (#9272)
web/flows: fix passwordless hidden without input (#9273)
root: fix geoipupdate arguments (#9271)
website/docs: cleanup more (#9249)
web: bump API Client version (#9270)
sources: add SCIM source (#3051)
core: delegated group member management (#9254)
web: bump API Client version (#9269)
...
* main: (21 commits)
web: manage stacked modals with a stack (#9193)
website/docs: ensure yaml code blocks have language tags (#9240)
blueprints: only create default brand if no other default brand exists (#9222)
web: bump API Client version (#9239)
website/integrations: portainer: Fix Redirect URL mismatch (#9226)
api: fix authentication schema (#9238)
translate: Updates for file web/xliff/en.xlf in zh_CN (#9229)
translate: Updates for file web/xliff/en.xlf in zh-Hans (#9230)
translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#9228)
translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#9231)
core: bump pydantic from 2.6.4 to 2.7.0 (#9232)
core: bump ruff from 0.3.5 to 0.3.7 (#9233)
web: bump @sentry/browser from 7.109.0 to 7.110.0 in /web in the sentry group (#9234)
website: bump @types/react from 18.2.75 to 18.2.77 in /website (#9236)
core, web: update translations (#9225)
website/integrations: add pfSense search scope (#9221)
core: bump idna from 3.6 to 3.7 (#9224)
website/docs: add websocket support to nginx snippets (#9220)
internal: add tests to go flow executor (#9219)
website/integrations: nextcloud: add tip to solve hashed groups configuring OAuth2 (#9153)
...
* main:
website/docs: add more info and links about enforciing unique email addresses (#9154)
core: bump goauthentik.io/api/v3 from 3.2024022.7 to 3.2024022.8 (#9215)
web: bump API Client version (#9214)
stages/authenticator_validate: add ability to limit webauthn device types (#9180)
web: bump API Client version (#9213)
core: add user settable token durations (#7410)
core, web: update translations (#9205)
web: bump typescript from 5.4.4 to 5.4.5 in /tests/wdio (#9206)
web: bump chromedriver from 123.0.2 to 123.0.3 in /tests/wdio (#9207)
core: bump sentry-sdk from 1.44.1 to 1.45.0 (#9208)
web: bump typescript from 5.4.4 to 5.4.5 in /web (#9209)
website: bump typescript from 5.4.4 to 5.4.5 in /website (#9210)
core: bump python from 3.12.2-slim-bookworm to 3.12.3-slim-bookworm (#9211)
* main:
translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#9194)
translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#9197)
translate: Updates for file web/xliff/en.xlf in zh_CN (#9196)
translate: Updates for file web/xliff/en.xlf in zh-Hans (#9198)
web: preserve selected list when provider updates (#9200)
web: bump API Client version (#9195)
sources/oauth: make URLs not required, only check when no OIDC URLs are defined (#9182)
* main: (25 commits)
root: fix readme (#9178)
enterprise: fix audit middleware import (#9177)
web: bump @spotlightjs/spotlight from 1.2.16 to 1.2.17 in /web in the sentry group (#9162)
web: bump API Client version (#9174)
stages/authenticator_webauthn: add MDS support (#9114)
website/integrations: Update Nextcloud OIDC secret size limitation (#9139)
translate: Updates for file web/xliff/en.xlf in zh_CN (#9170)
translate: Updates for file web/xliff/en.xlf in zh-Hans (#9171)
web: bump the rollup group in /web with 3 updates (#9164)
web: bump @codemirror/legacy-modes from 6.3.3 to 6.4.0 in /web (#9166)
web: bump ts-pattern from 5.1.0 to 5.1.1 in /web (#9167)
core: bump github.com/go-ldap/ldap/v3 from 3.4.6 to 3.4.7 (#9168)
core, web: update translations (#9156)
root: fix redis username in lifecycle (#9158)
web: ak-checkbox-group for short, static, multi-select events (#9138)
root: fix startup (#9151)
core: Bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 (#9146)
core: Bump twilio from 9.0.3 to 9.0.4 (#9143)
web: Bump country-flag-icons from 1.5.10 to 1.5.11 in /web (#9144)
web: Bump typescript from 5.4.3 to 5.4.4 in /web (#9145)
...
* main: (22 commits)
blueprints: fix default username field in user-settings flow (#9136)
website/docs: add procedural docs for RAC (#9006)
web: bump API Client version (#9133)
ci: fix python client generator (#9134)
root: generate python client (#9107)
web: Bump vite from 5.1.4 to 5.2.8 in /web (#9120)
core, web: update translations (#9124)
core: Bump golang from 1.22.1-bookworm to 1.22.2-bookworm (#9125)
web: Bump the babel group in /web with 2 updates (#9126)
web: Bump the eslint group in /web with 1 update (#9127)
web: Bump the eslint group in /tests/wdio with 1 update (#9129)
core: Bump sentry-sdk from 1.44.0 to 1.44.1 (#9130)
core: Bump channels from 4.0.0 to 4.1.0 (#9131)
core: Bump django from 5.0.3 to 5.0.4 (#9132)
web: Bump the rollup group in /web with 3 updates (#9128)
translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#9110)
translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#9109)
translate: Updates for file web/xliff/en.xlf in zh_CN (#9111)
translate: Updates for file web/xliff/en.xlf in zh-Hans (#9112)
web: Bump @fortawesome/fontawesome-free from 6.5.1 to 6.5.2 in /web (#9116)
...
* main:
root: fix missing imports after #9081 (#9106)
root: move database calls from ready() to dedicated startup signal (#9081)
web: fix console log leftover (#9096)
web: bump the eslint group in /web with 2 updates (#9098)
core: bump twilio from 9.0.2 to 9.0.3 (#9103)
web: bump the eslint group in /tests/wdio with 2 updates (#9099)
core: bump drf-spectacular from 0.27.1 to 0.27.2 (#9100)
core: bump django-model-utils from 4.4.0 to 4.5.0 (#9101)
core: bump ruff from 0.3.4 to 0.3.5 (#9102)
website/docs: update notes on SECRET_KEY (#9091)
web: fix broken locale compile (#9095)
website/integrations: add outline knowledge base (#8786)
website/docs: fix typo (#9082)
website/docs: email stage: fix example translation error (#9048)
* main:
web: bump @patternfly/elements from 2.4.0 to 3.0.0 in /web (#9089)
web: bump ts-pattern from 5.0.8 to 5.1.0 in /web (#9090)
website: bump the docusaurus group in /website with 9 updates (#9087)
web/admin: allow custom sorting for bound* tables (#9080)
* main: (23 commits)
providers/oauth2: fix interactive device flow (#9076)
website/docs: fix transports example (#9074)
events: fix log_capture (#9075)
web: bump the sentry group in /web with 2 updates (#9065)
core: bump goauthentik.io/api/v3 from 3.2024022.6 to 3.2024022.7 (#9064)
web: bump @codemirror/lang-python from 6.1.4 to 6.1.5 in /web (#9068)
web: bump the eslint group in /web with 1 update (#9066)
web: bump glob from 10.3.10 to 10.3.12 in /web (#9069)
web: bump the rollup group in /web with 3 updates (#9067)
web: bump the eslint group in /tests/wdio with 1 update (#9071)
core: bump webauthn from 2.0.0 to 2.1.0 (#9070)
core: bump sentry-sdk from 1.43.0 to 1.44.0 (#9073)
core: bump requests-mock from 1.12.0 to 1.12.1 (#9072)
web: bump API Client version (#9061)
events: rework log messages returned from API and their rendering (#8770)
website/docs: update airgapped config (#9049)
website: bump @types/react from 18.2.72 to 18.2.73 in /website (#9052)
web: bump the rollup group in /web with 3 updates (#9053)
core: bump django-filter from 24.1 to 24.2 (#9055)
core: bump requests-mock from 1.11.0 to 1.12.0 (#9056)
...
* main:
web: a few minor bugfixes and lintfixes (#9044)
website/integrations: add documentation for OIDC setup with Xen Orchestra (#9000)
website: bump @types/react from 18.2.70 to 18.2.72 in /website (#9041)
core: bump goauthentik.io/api/v3 from 3.2024022.5 to 3.2024022.6 (#9042)
web: fix markdown rendering bug for alerts (#9037)
* main:
web: bump API Client version (#9035)
website/docs: maintenance, re-add system settings (#9026)
core: bump duo-client from 5.2.0 to 5.3.0 (#9029)
website: bump express from 4.18.2 to 4.19.2 in /website (#9027)
web: bump express from 4.18.3 to 4.19.2 in /web (#9028)
web: bump the eslint group in /web with 2 updates (#9030)
core: bump goauthentik.io/api/v3 from 3.2024022.3 to 3.2024022.5 (#9031)
website: bump @types/react from 18.2.69 to 18.2.70 in /website (#9032)
web: bump the eslint group in /tests/wdio with 2 updates (#9033)
web: bump katex from 0.16.9 to 0.16.10 in /web (#9025)
translate: Updates for file locale/en/LC_MESSAGES/django.po in fr (#9023)
website/docs: include OS-specific docker-compose install instructions + minor fixes (#8975)
* main:
web: bump API Client version (#9021)
sources/ldap: add ability to disable password write on login (#8377)
web: bump API Client version (#9020)
lifecycle: migrate: ensure template schema exists before migrating (#8952)
website/integrations: Update nextcloud Admin Group Expression (#7314)
web/flow: general ux improvements (#8558)
website: bump @types/react from 18.2.67 to 18.2.69 in /website (#9016)
core: bump requests-oauthlib from 1.4.0 to 2.0.0 (#9018)
web: bump the sentry group in /web with 2 updates (#9017)
web/admin: small fixes (#9002)
website: bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /website (#9001)
core: bump ruff from 0.3.3 to 0.3.4 (#8998)
website/docs: Upgrade nginx reverse porxy config (#8947)
website/docs: improve flow inspector docs (#8993)
website/deverlop-docs website/integrations: add links to integrations template (#8995)
* main:
website/docs: add example policy to enforce unique email address (#8955)
web/admin: remove enterprise preview banner (#8991)
core: bump uvicorn from 0.28.1 to 0.29.0 (#8980)
core: bump sentry-sdk from 1.42.0 to 1.43.0 (#8981)
web: bump the babel group in /web with 3 updates (#8983)
web: bump typescript from 5.4.2 to 5.4.3 in /web (#8984)
web: bump typescript from 5.4.2 to 5.4.3 in /tests/wdio (#8986)
web: bump chromedriver from 122.0.6 to 123.0.0 in /tests/wdio (#8987)
website: bump typescript from 5.4.2 to 5.4.3 in /website (#8989)
core: bump importlib-metadata from 7.0.2 to 7.1.0 (#8982)
web: bump the wdio group in /tests/wdio with 3 updates (#8985)
website: bump postcss from 8.4.37 to 8.4.38 in /website (#8988)
* main:
website/docs: config: remove options moved to tenants (#8976)
web: bump @types/grecaptcha from 3.0.8 to 3.0.9 in /web (#8971)
web: bump country-flag-icons from 1.5.9 to 1.5.10 in /web (#8970)
web: bump the babel group in /web with 7 updates (#8969)
core: bump uvicorn from 0.28.0 to 0.28.1 (#8968)
website: bump postcss from 8.4.36 to 8.4.37 in /website (#8967)
internal: cleanup static file serving setup code (#8965)
website/integrations: portainer: match portainer settings order (#8974)
* main:
outposts/proxy: Fix invalid redirect on external hosts containing path components (#8915)
core: cache user application list under policies (#8895)
web: bump the eslint group in /web with 2 updates (#8959)
web: bump core-js from 3.36.0 to 3.36.1 in /web (#8960)
website: bump @types/react from 18.2.66 to 18.2.67 in /website (#8962)
web: bump the eslint group in /tests/wdio with 2 updates (#8963)
* main: (31 commits)
root: support redis username (#8935)
core: bump black from 24.2.0 to 24.3.0 (#8945)
web: bump the wdio group in /tests/wdio with 2 updates (#8939)
web: bump the sentry group in /web with 1 update (#8941)
website: bump postcss from 8.4.35 to 8.4.36 in /website (#8940)
core: bump twilio from 9.0.1 to 9.0.2 (#8942)
core: bump ruff from 0.3.2 to 0.3.3 (#8943)
events: discard notification if user has empty email (#8938)
ci: always run ci-main on branch pushes (#8950)
core: bump goauthentik.io/api/v3 from 3.2024022.2 to 3.2024022.3 (#8946)
website/docs: add new name "Microsft Entra ID" for Azure AD (#8930)
outposts: Enhance config options for k8s outposts (#7363)
website/docs: add link to CRUD docs (#8925)
web: bump API Client version (#8927)
outpost: improved set secret answers for flow execution (#8013)
stages/user_write: ensure user data is json-serializable (#8926)
website/docs: update example ldapsearch commands (#8906)
admin: Handle latest version unknown in admin dashboard (#8858)
core: bump coverage from 7.4.3 to 7.4.4 (#8917)
core: bump urllib3 from 1.26.18 to 2.2.1 (#8918)
...
* main:
web: bump chromedriver from 122.0.5 to 122.0.6 in /tests/wdio (#8902)
web: bump vite-tsconfig-paths from 4.3.1 to 4.3.2 in /web (#8903)
core: bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#8901)
web: provide InstallID on EnterpriseListPage (#8898)
* main:
api: capabilities: properly set can_save_media when s3 is enabled (#8896)
web: bump the rollup group in /web with 3 updates (#8891)
core: bump pydantic from 2.6.3 to 2.6.4 (#8892)
core: bump twilio from 9.0.0 to 9.0.1 (#8893)
* main:
Update _envoy_istio.md (#8888)
website/docs: new landing page for Providers (#8879)
web: bump the sentry group in /web with 1 update (#8881)
web: bump chromedriver from 122.0.4 to 122.0.5 in /tests/wdio (#8884)
web: bump the eslint group in /tests/wdio with 2 updates (#8883)
web: bump the eslint group in /web with 2 updates (#8885)
website: bump @types/react from 18.2.64 to 18.2.65 in /website (#8886)
* main:
tenants: really ensure default tenant cannot be deleted (#8875)
core: bump github.com/go-openapi/runtime from 0.27.2 to 0.28.0 (#8867)
core: bump pytest from 8.0.2 to 8.1.1 (#8868)
core: bump github.com/go-openapi/strfmt from 0.22.2 to 0.23.0 (#8869)
core: bump bandit from 1.7.7 to 1.7.8 (#8870)
core: bump packaging from 23.2 to 24.0 (#8871)
core: bump ruff from 0.3.1 to 0.3.2 (#8873)
web: bump the wdio group in /tests/wdio with 3 updates (#8865)
core: bump requests-oauthlib from 1.3.1 to 1.4.0 (#8866)
core: bump uvicorn from 0.27.1 to 0.28.0 (#8872)
core: bump django-filter from 23.5 to 24.1 (#8874)
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
2024-03-08 14:15:55 -08:00
192 changed files with 23254 additions and 5281 deletions
@ -18,10 +18,10 @@ Even if the issue is not a CVE, we still greatly appreciate your help in hardeni
(.x being the latest patch release for each version)
| Version | Supported |
| --- | --- |
| 2023.6.x | ✅ |
| 2023.8.x | ✅ |
| Version | Supported |
| --------- | --------- |
| 2023.10.x | ✅ |
| 2024.2.x | ✅ |
## Reporting a Vulnerability
@ -31,12 +31,12 @@ To report a vulnerability, send an email to[security@goauthentik.io](mailto:se
authentik reserves the right to reclassify CVSS as necessary. To determine severity, we will use the CVSS calculator from NVD (https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator). The calculated CVSS score will then be translated into one of the following categories:
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
