release: 2021.8.5

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

.bumpversion.cfg

@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 2021.8.4
+current_version = 2021.8.5
 tag = True
 commit = True
 parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-?(?P<release>.*)

.github/workflows/ci-main.yml

@@ -2,8 +2,15 @@ name: authentik-ci-main
 
 on:
   push:
+    branches:
+      - master
+      - next
+      - version-*
     paths-ignore:
       - website
+  pull_request:
+    branches:
+      - master
 
 env:
   POSTGRES_DB: authentik
@@ -18,7 +25,14 @@ jobs:
       - uses: actions/setup-python@v2
         with:
           python-version: '3.9'
+      - id: cache-pipenv
+        uses: actions/cache@v2.1.6
+        with:
+          path: ~/.local/share/virtualenvs
+          key: ${{ runner.os }}-pipenv-${{ hashFiles('**/Pipfile.lock') }}
       - name: prepare
+        env:
+          INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }}
         run: scripts/ci_prepare.sh
       - name: run pylint
         run: pipenv run pylint authentik tests lifecycle
@@ -29,7 +43,14 @@ jobs:
       - uses: actions/setup-python@v2
         with:
           python-version: '3.9'
+      - id: cache-pipenv
+        uses: actions/cache@v2.1.6
+        with:
+          path: ~/.local/share/virtualenvs
+          key: ${{ runner.os }}-pipenv-${{ hashFiles('**/Pipfile.lock') }}
       - name: prepare
+        env:
+          INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }}
         run: scripts/ci_prepare.sh
       - name: run black
         run: pipenv run black --check authentik tests lifecycle
@@ -40,7 +61,14 @@ jobs:
       - uses: actions/setup-python@v2
         with:
           python-version: '3.9'
+      - id: cache-pipenv
+        uses: actions/cache@v2.1.6
+        with:
+          path: ~/.local/share/virtualenvs
+          key: ${{ runner.os }}-pipenv-${{ hashFiles('**/Pipfile.lock') }}
       - name: prepare
+        env:
+          INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }}
         run: scripts/ci_prepare.sh
       - name: run isort
         run: pipenv run isort --check authentik tests lifecycle
@@ -51,7 +79,14 @@ jobs:
       - uses: actions/setup-python@v2
         with:
           python-version: '3.9'
+      - id: cache-pipenv
+        uses: actions/cache@v2.1.6
+        with:
+          path: ~/.local/share/virtualenvs
+          key: ${{ runner.os }}-pipenv-${{ hashFiles('**/Pipfile.lock') }}
       - name: prepare
+        env:
+          INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }}
         run: scripts/ci_prepare.sh
       - name: run bandit
         run: pipenv run bandit -r authentik tests lifecycle
@@ -78,7 +113,14 @@ jobs:
       - uses: actions/setup-python@v2
         with:
           python-version: '3.9'
+      - id: cache-pipenv
+        uses: actions/cache@v2.1.6
+        with:
+          path: ~/.local/share/virtualenvs
+          key: ${{ runner.os }}-pipenv-${{ hashFiles('**/Pipfile.lock') }}
       - name: prepare
+        env:
+          INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }}
         run: scripts/ci_prepare.sh
       - name: run migrations
         run: pipenv run python -m lifecycle.migrate
@@ -94,7 +136,14 @@ jobs:
           # Copy current, latest config to local
           cp authentik/lib/default.yml local.env.yml
           git checkout $(git describe --abbrev=0 --match 'version/*')
+      - id: cache-pipenv
+        uses: actions/cache@v2.1.6
+        with:
+          path: ~/.local/share/virtualenvs
+          key: ${{ runner.os }}-pipenv-${{ hashFiles('**/Pipfile.lock') }}
       - name: prepare
+        env:
+          INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }}
         run: scripts/ci_prepare.sh
       - name: run migrations to stable
         run: pipenv run python -m lifecycle.migrate
@@ -112,7 +161,14 @@ jobs:
       - uses: actions/setup-python@v2
         with:
           python-version: '3.9'
+      - id: cache-pipenv
+        uses: actions/cache@v2.1.6
+        with:
+          path: ~/.local/share/virtualenvs
+          key: ${{ runner.os }}-pipenv-${{ hashFiles('**/Pipfile.lock') }}
       - name: prepare
+        env:
+          INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }}
         run: scripts/ci_prepare.sh
       - uses: testspace-com/setup-testspace@v1
         with:
@@ -124,7 +180,7 @@ jobs:
       - name: run testspace
         if: ${{ always() }}
         run: |
-          testspace unittest.xml ?add
+          testspace [unittest]unittest.xml --link=codecov
       - if: ${{ always() }}
         uses: codecov/codecov-action@v2
   test-integration:
@@ -134,14 +190,20 @@ jobs:
       - uses: actions/setup-python@v2
         with:
           python-version: '3.9'
+      - id: cache-pipenv
+        uses: actions/cache@v2.1.6
+        with:
+          path: ~/.local/share/virtualenvs
+          key: ${{ runner.os }}-pipenv-${{ hashFiles('**/Pipfile.lock') }}
       - name: prepare
+        env:
+          INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }}
         run: scripts/ci_prepare.sh
       - uses: testspace-com/setup-testspace@v1
         with:
           domain: ${{github.repository_owner}}
-      - name: prepare k3d
-        run: |
-          wget -q -O - https://raw.githubusercontent.com/rancher/k3d/main/install.sh | bash
+      - name: Create k8s Kind Cluster
+        uses: helm/kind-action@v1.2.0
       - name: run integration
         run: |
           pipenv run make test-integration
@@ -149,7 +211,7 @@ jobs:
       - name: run testspace
         if: ${{ always() }}
         run: |
-          testspace unittest.xml ?add
+          testspace [integration]unittest.xml --link=codecov
       - if: ${{ always() }}
         uses: codecov/codecov-action@v2
   test-e2e:
@@ -167,11 +229,24 @@ jobs:
       - uses: testspace-com/setup-testspace@v1
         with:
           domain: ${{github.repository_owner}}
+      - id: cache-pipenv
+        uses: actions/cache@v2.1.6
+        with:
+          path: ~/.local/share/virtualenvs
+          key: ${{ runner.os }}-pipenv-${{ hashFiles('**/Pipfile.lock') }}
       - name: prepare
+        env:
+          INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }}
         run: |
           scripts/ci_prepare.sh
           docker-compose -f tests/e2e/ci.docker-compose.yml up -d
+      - id: cache-web
+        uses: actions/cache@v2.1.6
+        with:
+          path: web/dist
+          key: ${{ runner.os }}-web-${{ hashFiles('web/package-lock.json', 'web/**') }}
       - name: prepare web ui
+        if: steps.cache-web.outputs.cache-hit != 'true'
         run: |
           cd web
           npm i
@@ -183,24 +258,9 @@ jobs:
       - name: run testspace
         if: ${{ always() }}
         run: |
-          testspace unittest.xml ?add
+          testspace [e2e]unittest.xml --link=codecov
       - if: ${{ always() }}
         uses: codecov/codecov-action@v2
-  report:
-    if: ${{ always() }}
-    needs:
-      - test-unittest
-      - test-integration
-      - test-e2e
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: testspace-com/setup-testspace@v1
-        with:
-          domain: ${{github.repository_owner}}
-      - name: finish testspace
-        run: |
-          testspace ?finish
   build:
     needs:
       - lint-pylint
@@ -220,11 +280,13 @@ jobs:
         uses: docker/setup-buildx-action@v1
       - name: prepare variables
         id: ev
+        env:
+          DOCKER_USERNAME: ${{ secrets.HARBOR_USERNAME }}
         run: |
           python ./scripts/gh_do_set_branch.py
       - name: Login to Container Registry
         uses: docker/login-action@v1
-        if: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }}
+        if: ${{ steps.ev.outputs.shouldBuild == 'true' }}
         with:
           registry: beryju.org
           username: ${{ secrets.HARBOR_USERNAME }}
@@ -232,7 +294,7 @@ jobs:
       - name: Building Docker Image
         uses: docker/build-push-action@v2
         with:
-          push: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }}
+          push: ${{ steps.ev.outputs.shouldBuild == 'true' }}
           tags: |
             beryju.org/authentik/server:gh-${{ steps.ev.outputs.branchName }}
             beryju.org/authentik/server:gh-${{ steps.ev.outputs.branchName }}-${{ steps.ev.outputs.timestamp }}

.github/workflows/ci-outpost.yml

@@ -2,6 +2,13 @@ name: authentik-ci-outpost
 
 on:
   push:
+    branches:
+      - master
+      - next
+      - version-*
+  pull_request:
+    branches:
+      - master
 
 jobs:
   lint-golint:
@@ -43,11 +50,13 @@ jobs:
         uses: docker/setup-buildx-action@v1
       - name: prepare variables
         id: ev
+        env:
+          DOCKER_USERNAME: ${{ secrets.HARBOR_USERNAME }}
         run: |
           python ./scripts/gh_do_set_branch.py
       - name: Login to Container Registry
         uses: docker/login-action@v1
-        if: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }}
+        if: ${{ steps.ev.outputs.shouldBuild == 'true' }}
         with:
           registry: beryju.org
           username: ${{ secrets.HARBOR_USERNAME }}
@@ -55,7 +64,7 @@ jobs:
       - name: Building Docker Image
         uses: docker/build-push-action@v2
         with:
-          push: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }}
+          push: ${{ steps.ev.outputs.shouldBuild == 'true' }}
           tags: |
             beryju.org/authentik/outpost-${{ matrix.type }}:gh-${{ steps.ev.outputs.branchName }}
             beryju.org/authentik/outpost-${{ matrix.type }}:gh-${{ steps.ev.outputs.branchName }}-${{ steps.ev.outputs.timestamp }}

.github/workflows/ci-web.yml

@@ -2,6 +2,13 @@ name: authentik-ci-web
 
 on:
   push:
+    branches:
+      - master
+      - next
+      - version-*
+  pull_request:
+    branches:
+      - master
 
 jobs:
   lint-eslint:

.github/workflows/release-publish.yml

@@ -33,14 +33,14 @@ jobs:
         with:
           push: ${{ github.event_name == 'release' }}
           tags: |
-            beryju/authentik:2021.8.4,
+            beryju/authentik:2021.8.5,
             beryju/authentik:latest,
-            ghcr.io/goauthentik/server:2021.8.4,
+            ghcr.io/goauthentik/server:2021.8.5,
             ghcr.io/goauthentik/server:latest
           platforms: linux/amd64,linux/arm64
           context: .
       - name: Building Docker Image (stable)
-        if: ${{ github.event_name == 'release' && !contains('2021.8.4', 'rc') }}
+        if: ${{ github.event_name == 'release' && !contains('2021.8.5', 'rc') }}
         run: |
           docker pull beryju/authentik:latest
           docker tag beryju/authentik:latest beryju/authentik:stable
@@ -75,14 +75,14 @@ jobs:
         with:
           push: ${{ github.event_name == 'release' }}
           tags: |
-            beryju/authentik-proxy:2021.8.4,
+            beryju/authentik-proxy:2021.8.5,
             beryju/authentik-proxy:latest,
-            ghcr.io/goauthentik/proxy:2021.8.4,
+            ghcr.io/goauthentik/proxy:2021.8.5,
             ghcr.io/goauthentik/proxy:latest
           file: proxy.Dockerfile
           platforms: linux/amd64,linux/arm64
       - name: Building Docker Image (stable)
-        if: ${{ github.event_name == 'release' && !contains('2021.8.4', 'rc') }}
+        if: ${{ github.event_name == 'release' && !contains('2021.8.5', 'rc') }}
         run: |
           docker pull beryju/authentik-proxy:latest
           docker tag beryju/authentik-proxy:latest beryju/authentik-proxy:stable
@@ -117,14 +117,14 @@ jobs:
         with:
           push: ${{ github.event_name == 'release' }}
           tags: |
-            beryju/authentik-ldap:2021.8.4,
+            beryju/authentik-ldap:2021.8.5,
             beryju/authentik-ldap:latest,
-            ghcr.io/goauthentik/ldap:2021.8.4,
+            ghcr.io/goauthentik/ldap:2021.8.5,
             ghcr.io/goauthentik/ldap:latest
           file: ldap.Dockerfile
           platforms: linux/amd64,linux/arm64
       - name: Building Docker Image (stable)
-        if: ${{ github.event_name == 'release' && !contains('2021.8.4', 'rc') }}
+        if: ${{ github.event_name == 'release' && !contains('2021.8.5', 'rc') }}
         run: |
           docker pull beryju/authentik-ldap:latest
           docker tag beryju/authentik-ldap:latest beryju/authentik-ldap:stable
@@ -157,9 +157,9 @@ jobs:
     steps:
       - uses: actions/checkout@v2
       - name: Setup Node.js environment
-        uses: actions/setup-node@v2.4.0
+        uses: actions/setup-node@v2
         with:
-          node-version: 12.x
+          node-version: '16'
       - name: Build web api client and web ui
         run: |
           export NODE_ENV=production
@@ -175,7 +175,7 @@ jobs:
           SENTRY_PROJECT: authentik
           SENTRY_URL: https://sentry.beryju.org
         with:
-          version: authentik@2021.8.4
+          version: authentik@2021.8.5
           environment: beryjuorg-prod
           sourcemaps: './web/dist'
           url_prefix: '~/static/dist'

.github/workflows/web-api-publish.yml

@@ -12,7 +12,7 @@ jobs:
       # Setup .npmrc file to publish to npm
       - uses: actions/setup-node@v2
         with:
-          node-version: '16.x'
+          node-version: '16'
           registry-url: 'https://registry.npmjs.org'
       - name: Generate API Client
         run: make gen-web

Dockerfile

@@ -98,5 +98,6 @@ COPY --from=builder /work/authentik /authentik-proxy
 USER authentik
 ENV TMPDIR /dev/shm/
 ENV PYTHONUBUFFERED 1
+ENV prometheus_multiproc_dir /dev/shm/
 ENV PATH "/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/lifecycle"
 ENTRYPOINT [ "/lifecycle/ak" ]

Makefile

@@ -7,8 +7,6 @@ NPM_VERSION = $(shell python -m scripts.npm_version)
 all: lint-fix lint test gen
 
 test-integration:
-	k3d cluster create || exit 0
-	k3d kubeconfig write -o ~/.kube/config --overwrite
 	coverage run manage.py test -v 3 tests/integration
 
 test-e2e:
@@ -61,7 +59,7 @@ gen-outpost:
 		-i /local/schema.yml \
 		-g go \
 		-o /local/api \
-		--additional-properties=packageName=api,enumClassPrefix=true,useOneOfDiscriminatorLookup=true
+		--additional-properties=packageName=api,enumClassPrefix=true,useOneOfDiscriminatorLookup=true,disallowAdditionalPropertiesIfNotPresent=false
 	rm -f api/go.mod api/go.sum
 
 gen: gen-build gen-clean gen-web gen-outpost

Pipfile.lock

@@ -122,19 +122,19 @@
         },
         "boto3": {
             "hashes": [
-                "sha256:5116e9bdec19adcc5531a9b7b535be77d5314eef092aaf7033ace48a9be65036",
-                "sha256:658ddf4ba552f654fd4d48335fa95ff4e3e1a4e82f90021a1a1d3de4a5428ba4"
+                "sha256:4df1085f5c24504a1b1a6584947f27b67c26eda123f29d3cecce9b2fd683e09b",
+                "sha256:a7fccb61d95230322dd812629455df14167307c569077fa89d297eae73605ffb"
             ],
             "index": "pypi",
-            "version": "==1.18.34"
+            "version": "==1.18.36"
         },
         "botocore": {
             "hashes": [
-                "sha256:1b4999fb0e1a4c050c4d9118ebdaac8d83761ef32c3c0f13a25f9204045998fe",
-                "sha256:ec2cdf1c8ed64a7f392f352125d248c76103fa9d137b275b7c76836776cedf56"
+                "sha256:5b9a7d30e44b8a0a2bbbde62ae01bf6c349017e836985a0248552b00bbce7fae",
+                "sha256:e3e522fbe0bad1197aa7182451dc05f650310e77cf0a77749f6a5e82794c53de"
             ],
             "markers": "python_version >= '3.6'",
-            "version": "==1.21.34"
+            "version": "==1.21.36"
         },
         "cachetools": {
             "hashes": [
@@ -443,19 +443,19 @@
         },
         "docker": {
             "hashes": [
-                "sha256:5aafaec0d2a1de0e32010b43b5eac9f6f851c9db99a46ad32b8e44eeeb55616d",
-                "sha256:b88eef725b33c0ed59c67506631bbb09b480b7ca5a739bbbb948b446443fe914"
+                "sha256:21ec4998e90dff7a7aaaa098ca8d839c7de412b89e6f6c30908372d58fecf663",
+                "sha256:9b17f0723d83c1f3418d2aa17bf90b24dbe97deda06208dd4262fa30a6ee87eb"
             ],
             "index": "pypi",
-            "version": "==5.0.1"
+            "version": "==5.0.2"
         },
         "drf-spectacular": {
             "hashes": [
-                "sha256:98681add6671db9e6dba5f0d3dcf8aab5950cbb978497390507356e593bf082f",
-                "sha256:a430bab0f4ecfc90786b7b63bbee3f9a56094201fbed9bdfbf952e99e6469104"
+                "sha256:47ef6ec8ff48ac8aede6ec12450a55fee381cf84de969ef1724dcde5a93de6b8",
+                "sha256:d746b936cb4cddec380ea95bf91de6a6721777dfc42e0eea53b83c61a625e94e"
             ],
             "index": "pypi",
-            "version": "==0.18.1"
+            "version": "==0.18.2"
         },
         "duo-client": {
             "hashes": [
@@ -1294,20 +1294,20 @@
         },
         "xmlsec": {
             "hashes": [
-                "sha256:23f209260b37bdc2fd96af837494c47dd1e67964f077442b63acd83c0f62e212",
-                "sha256:4fb38ab0bf3e47cbae136119674a869e09d61c939b510350f369c8ac46087373",
-                "sha256:705ab5b848afdf3a5c78b1322276054c885f44dc51601e14cb883a9c86cbe20f",
-                "sha256:843d10bba4c480609da74ee11fff1ee0fc1c12821c656979f12a7a4ecb043e03",
-                "sha256:86d54b93f8278e2f0c504d0744e39a483c1c7ce9993f2ca70184cc7770faa982",
-                "sha256:8922fba55a060ee81de4a7f5efc593c5bf121047763aecf0eead02e061c9d2db",
-                "sha256:c7b49d4fce83186b89f7ce6cec765245d36a70d0acc2f3ed0ba95c735b3667da",
-                "sha256:cd2eaaff7f31784a07dd99ce81fa767313df3ba1834faa4143ee2c07000cac7a",
-                "sha256:dea5bef9b5830c36ccb7a68a0d94d49eaea4d03fbbd04179652bf661b7e6e30f",
-                "sha256:eadff662d89c80db409c69d82eb3e695e16d4a5e8ab56b5b22670a54e9c6ff20",
-                "sha256:ee233d0bc27fb8f447ca2622b0de2ac2df45b8795f02ef263825912011fe4fe9"
+                "sha256:135724cdce60e6bbd072fca6f09a21f72e2cecc59eebb4eed7740c316ecabc7b",
+                "sha256:1b4377f6d37ad714ba95a227ef40fb54ba1b22ef5170ce04c330fe45ee6ad184",
+                "sha256:2c86ac6ce570c9e04f04da0cd5e7d3db346e4b5b1d006311606368f17c756ef9",
+                "sha256:4e5f565de311afa33aaee4724566e685f951afe301212b6cf82f98cf9d8a1749",
+                "sha256:9a2b8a780093b0fe8cecae53a81a8cd9edd50c08980d374c5317c91f065042d9",
+                "sha256:ce9c681adbc87b4f06c2b16725d9b2edbdbd508117dae4288b5faf78c1406038",
+                "sha256:d22da4d3dcc559fb2e54e782f39c9ddad5f8d5b356f86a79bbb80b0a45115c97",
+                "sha256:db3e18ca883c01bbe28c9f5197c66f676c9772cf2d85f667e6122fc4d0702225",
+                "sha256:e4783f7814aa2a3e318385cce8ef87c82954b9a59535a48f67da4e2c21c08ce1",
+                "sha256:f32e54065f0404ceff71388daa7fa7df10e1fb800051dfe302d63abb0acf0020",
+                "sha256:f5d242b1a19a36078608f5d7f4d561c5ca55cac8061a323a071c06275267dc19"
             ],
             "index": "pypi",
-            "version": "==1.3.11"
+            "version": "==1.3.12"
         },
         "yarl": {
             "hashes": [

README.md

@@ -4,14 +4,14 @@
 
 ---
 
-[![](https://img.shields.io/discord/809154715984199690?label=Discord&style=for-the-badge)](https://discord.gg/jg33eMhnj6)
-![GitHub Workflow Status](https://img.shields.io/github/workflow/status/goauthentik/authentik/authentik-ci-main?label=core%20build&style=for-the-badge)
-![GitHub Workflow Status](https://img.shields.io/github/workflow/status/goauthentik/authentik/authentik-ci-web?label=web%20build&style=for-the-badge)
-![GitHub Workflow Status](https://img.shields.io/github/workflow/status/goauthentik/authentik/authentik-ci-outpost?label=outpost%20build&style=for-the-badge)
+[![Join Discord](https://img.shields.io/discord/809154715984199690?label=Discord&style=for-the-badge)](https://discord.gg/jg33eMhnj6)
+[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/goauthentik/authentik/authentik-ci-main?label=core%20build&style=for-the-badge)](https://github.com/goauthentik/authentik/actions/workflows/ci-main.yml)
+[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/goauthentik/authentik/authentik-ci-outpost?label=outpost%20build&style=for-the-badge)](https://github.com/goauthentik/authentik/actions/workflows/ci-outpost.yml)
+[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/goauthentik/authentik/authentik-ci-web?label=web%20build&style=for-the-badge)](https://github.com/goauthentik/authentik/actions/workflows/ci-web.yml)
 [![Code Coverage](https://img.shields.io/codecov/c/gh/goauthentik/authentik?style=for-the-badge)](https://codecov.io/gh/goauthentik/authentik)
+[![Testspace tests](https://img.shields.io/testspace/total/goauthentik/goauthentik:authentik/master?style=for-the-badge)](https://goauthentik.testspace.com/)
 ![Docker pulls](https://img.shields.io/docker/pulls/beryju/authentik.svg?style=for-the-badge)
 ![Latest version](https://img.shields.io/docker/v/beryju/authentik?sort=semver&style=for-the-badge)
-![LGTM Grade](https://img.shields.io/lgtm/grade/python/github/goauthentik/authentik?style=for-the-badge)
 [![](https://img.shields.io/badge/Help%20translate-transifex-blue?style=for-the-badge)](https://www.transifex.com/beryjuorg/authentik/)
 
 ## What is authentik?

SECURITY.md

@@ -6,9 +6,8 @@
 
 | Version    | Supported          |
 | ---------- | ------------------ |
-| 2021.5.x   | :white_check_mark: |
-| 2021.6.x   | :white_check_mark: |
 | 2021.7.x   | :white_check_mark: |
+| 2021.8.x   | :white_check_mark: |
 
 ## Reporting a Vulnerability
 

authentik/__init__.py

@@ -1,3 +1,3 @@
 """authentik"""
-__version__ = "2021.8.4"
+__version__ = "2021.8.5"
 ENV_GIT_HASH_KEY = "GIT_BUILD_HASH"

authentik/api/v3/urls.py

@@ -1,6 +1,6 @@
 """api v3 urls"""
 from django.urls import path
-from django.views.decorators.csrf import csrf_exempt
+from django.views.decorators.cache import cache_page
 from drf_spectacular.views import SpectacularAPIView
 from rest_framework import routers
 
@@ -225,7 +225,7 @@ urlpatterns = (
             FlowExecutorView.as_view(),
             name="flow-executor",
         ),
-        path("sentry/", csrf_exempt(SentryTunnelView.as_view()), name="sentry"),
-        path("schema/", SpectacularAPIView.as_view(), name="schema"),
+        path("sentry/", SentryTunnelView.as_view(), name="sentry"),
+        path("schema/", cache_page(86400)(SpectacularAPIView.as_view()), name="schema"),
     ]
 )

authentik/core/api/applications.py

@@ -67,7 +67,7 @@ class ApplicationSerializer(ModelSerializer):
 class ApplicationViewSet(UsedByMixin, ModelViewSet):
     """Application Viewset"""
 
-    queryset = Application.objects.all()
+    queryset = Application.objects.all().prefetch_related("provider")
     serializer_class = ApplicationSerializer
     search_fields = [
         "name",

authentik/core/api/groups.py

@@ -81,7 +81,7 @@ class GroupFilter(FilterSet):
 class GroupViewSet(UsedByMixin, ModelViewSet):
     """Group Viewset"""
 
-    queryset = Group.objects.all()
+    queryset = Group.objects.all().select_related("parent").prefetch_related("users")
     serializer_class = GroupSerializer
     search_fields = ["name", "is_superuser"]
     filterset_class = GroupFilter

authentik/events/api/notification.py

@@ -1,8 +1,13 @@
 """Notification API Views"""
 from django_filters.rest_framework import DjangoFilterBackend
+from drf_spectacular.types import OpenApiTypes
+from drf_spectacular.utils import OpenApiResponse, extend_schema
 from rest_framework import mixins
+from rest_framework.decorators import action
 from rest_framework.fields import ReadOnlyField
 from rest_framework.filters import OrderingFilter, SearchFilter
+from rest_framework.request import Request
+from rest_framework.response import Response
 from rest_framework.serializers import ModelSerializer
 from rest_framework.viewsets import GenericViewSet
 
@@ -53,3 +58,18 @@ class NotificationViewSet(
     ]
     permission_classes = [OwnerPermissions]
     filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter]
+
+    @extend_schema(
+        request=OpenApiTypes.NONE,
+        responses={
+            204: OpenApiResponse(description="Marked tasks as read successfully."),
+        },
+    )
+    @action(detail=False, methods=["post"])
+    def mark_all_seen(self, request: Request) -> Response:
+        """Mark all the user's notifications as seen"""
+        notifications = Notification.objects.filter(user=request.user)
+        for notification in notifications:
+            notification.seen = True
+        Notification.objects.bulk_update(notifications, ["seen"])
+        return Response({}, status=204)

authentik/events/apps.py

@@ -1,10 +1,7 @@
 """authentik events app"""
-from datetime import timedelta
 from importlib import import_module
 
 from django.apps import AppConfig
-from django.db import ProgrammingError
-from django.utils.timezone import now
 
 
 class AuthentikEventsConfig(AppConfig):
@@ -16,12 +13,3 @@ class AuthentikEventsConfig(AppConfig):
 
     def ready(self):
         import_module("authentik.events.signals")
-        try:
-            from authentik.events.models import Event
-
-            date_from = now() - timedelta(days=1)
-
-            for event in Event.objects.filter(created__gte=date_from):
-                event._set_prom_metrics()
-        except ProgrammingError:
-            pass

authentik/events/models.py

@@ -10,7 +10,6 @@ from django.db import models
 from django.http import HttpRequest
 from django.utils.timezone import now
 from django.utils.translation import gettext as _
-from prometheus_client import Gauge
 from requests import RequestException, post
 from structlog.stdlib import get_logger
 
@@ -28,11 +27,6 @@ from authentik.tenants.models import Tenant
 from authentik.tenants.utils import DEFAULT_TENANT
 
 LOGGER = get_logger("authentik.events")
-GAUGE_EVENTS = Gauge(
-    "authentik_events",
-    "Events in authentik",
-    ["action", "user_username", "app", "client_ip"],
-)
 
 
 def default_event_duration():
@@ -182,14 +176,6 @@ class Event(ExpiringModel):
             return
         self.context["geo"] = city
 
-    def _set_prom_metrics(self):
-        GAUGE_EVENTS.labels(
-            action=self.action,
-            user_username=self.user.get("username"),
-            app=self.app,
-            client_ip=self.client_ip,
-        ).set(self.created.timestamp())
-
     def save(self, *args, **kwargs):
         if self._state.adding:
             LOGGER.debug(
@@ -200,7 +186,6 @@ class Event(ExpiringModel):
                 user=self.user,
             )
         super().save(*args, **kwargs)
-        self._set_prom_metrics()
 
     @property
     def summary(self) -> str:

authentik/events/tests/test_api.py

@@ -4,15 +4,15 @@ from django.urls import reverse
 from rest_framework.test import APITestCase
 
 from authentik.core.models import User
-from authentik.events.models import Event, EventAction
+from authentik.events.models import Event, EventAction, Notification, NotificationSeverity
 
 
 class TestEventsAPI(APITestCase):
     """Test Event API"""
 
     def setUp(self) -> None:
-        user = User.objects.get(username="akadmin")
-        self.client.force_login(user)
+        self.user = User.objects.get(username="akadmin")
+        self.client.force_login(self.user)
 
     def test_top_n(self):
         """Test top_per_user"""
@@ -30,3 +30,14 @@ class TestEventsAPI(APITestCase):
             reverse("authentik_api:event-actions"),
         )
         self.assertEqual(response.status_code, 200)
+
+    def test_notifications(self):
+        """Test notifications"""
+        notification = Notification.objects.create(
+            user=self.user, severity=NotificationSeverity.ALERT, body="", seen=False
+        )
+        self.client.post(
+            reverse("authentik_api:notification-mark-all-seen"),
+        )
+        notification.refresh_from_db()
+        self.assertTrue(notification.seen)

authentik/outposts/channels.py

@@ -15,7 +15,7 @@ from authentik.core.channels import AuthJsonConsumer
 from authentik.outposts.models import OUTPOST_HELLO_INTERVAL, Outpost, OutpostState
 
 GAUGE_OUTPOSTS_CONNECTED = Gauge(
-    "authentik_outposts_connected", "Currently connected outposts", ["outpost", "uid"]
+    "authentik_outposts_connected", "Currently connected outposts", ["outpost", "uid", "expected"]
 )
 GAUGE_OUTPOSTS_LAST_UPDATE = Gauge(
     "authentik_outposts_last_update",
@@ -76,6 +76,7 @@ class OutpostConsumer(AuthJsonConsumer):
             GAUGE_OUTPOSTS_CONNECTED.labels(
                 outpost=self.outpost.name,
                 uid=self.last_uid,
+                expected=self.outpost.config.kubernetes_replicas,
             ).dec()
         LOGGER.debug(
             "removed outpost instance from cache",
@@ -100,6 +101,7 @@ class OutpostConsumer(AuthJsonConsumer):
             GAUGE_OUTPOSTS_CONNECTED.labels(
                 outpost=self.outpost.name,
                 uid=self.last_uid,
+                expected=self.outpost.config.kubernetes_replicas,
             ).inc()
             LOGGER.debug(
                 "added outpost instace to cache",

authentik/policies/password/models.py

@@ -59,19 +59,22 @@ class PasswordPolicy(Policy):
             password = request.context[PLAN_CONTEXT_PROMPT][self.password_field]
 
         if len(password) < self.length_min:
-            LOGGER.debug("password failed", reason="length", p=password)
+            LOGGER.debug("password failed", reason="length")
             return PolicyResult(False, self.error_message)
 
         if self.amount_lowercase > 0 and len(RE_LOWER.findall(password)) < self.amount_lowercase:
-            LOGGER.debug("password failed", reason="amount_lowercase", p=password)
+            LOGGER.debug("password failed", reason="amount_lowercase")
             return PolicyResult(False, self.error_message)
         if self.amount_uppercase > 0 and len(RE_UPPER.findall(password)) < self.amount_lowercase:
-            LOGGER.debug("password failed", reason="amount_uppercase", p=password)
-            return PolicyResult(False, self.error_message)
-        regex = re.compile(r"[%s]" % self.symbol_charset)
-        if self.amount_symbols > 0 and len(regex.findall(password)) < self.amount_symbols:
-            LOGGER.debug("password failed", reason="amount_symbols", p=password)
+            LOGGER.debug("password failed", reason="amount_uppercase")
             return PolicyResult(False, self.error_message)
+        if self.amount_symbols > 0:
+            count = 0
+            for symbol in self.symbol_charset:
+                count += password.count(symbol)
+            if count < self.amount_symbols:
+                LOGGER.debug("password failed", reason="amount_symbols")
+                return PolicyResult(False, self.error_message)
 
         return PolicyResult(True)
 

authentik/providers/ldap/api.py

@@ -29,7 +29,19 @@ class LDAPProviderViewSet(UsedByMixin, ModelViewSet):
 
     queryset = LDAPProvider.objects.all()
     serializer_class = LDAPProviderSerializer
-    filterset_fields = "__all__"
+    filterset_fields = {
+        "application": ["isnull"],
+        "name": ["iexact"],
+        "authorization_flow__slug": ["iexact"],
+        "base_dn": ["iexact"],
+        "search_group__group_uuid": ["iexact"],
+        "search_group__name": ["iexact"],
+        "certificate__kp_uuid": ["iexact"],
+        "certificate__name": ["iexact"],
+        "tls_server_name": ["iexact"],
+        "uid_start_number": ["iexact"],
+        "gid_start_number": ["iexact"],
+    }
     ordering = ["name"]
 
 

authentik/providers/proxy/api.py

@@ -80,7 +80,24 @@ class ProxyProviderViewSet(UsedByMixin, ModelViewSet):
 
     queryset = ProxyProvider.objects.all()
     serializer_class = ProxyProviderSerializer
-    filterset_fields = "__all__"
+    filterset_fields = {
+        "application": ["isnull"],
+        "name": ["iexact"],
+        "authorization_flow__slug": ["iexact"],
+        "property_mappings": ["iexact"],
+        "internal_host": ["iexact"],
+        "external_host": ["iexact"],
+        "internal_host_ssl_validation": ["iexact"],
+        "certificate__kp_uuid": ["iexact"],
+        "certificate__name": ["iexact"],
+        "skip_path_regex": ["iexact"],
+        "basic_auth_enabled": ["iexact"],
+        "basic_auth_password_attribute": ["iexact"],
+        "basic_auth_user_attribute": ["iexact"],
+        "mode": ["iexact"],
+        "redirect_uris": ["iexact"],
+        "cookie_domain": ["iexact"],
+    }
     ordering = ["name"]
 
 

authentik/root/asgi/logger.py

@@ -19,22 +19,24 @@ class ASGILogger:
 
     app: ASGIApp
 
-    status_code: int
-    start: float
-
     def __init__(self, app: ASGIApp):
         self.app = app
 
     async def __call__(self, scope: Scope, receive: Receive, send: Send) -> None:
         content_length = 0
+        status_code = 0
         request_id = ""
+        location = ""
+        start = time()
 
         async def send_hooked(message: Message) -> None:
             """Hooked send method, which records status code and content-length, and for the final
             requests logs it"""
+
             headers = dict(message.get("headers", []))
             if "status" in message:
-                self.status_code = message["status"]
+                nonlocal status_code
+                status_code = message["status"]
 
             if b"Content-Length" in headers:
                 nonlocal content_length
@@ -43,14 +45,19 @@ class ASGILogger:
             if message["type"] == "http.response.start":
                 response_headers = dict(message["headers"])
                 nonlocal request_id
+                nonlocal location
                 request_id = response_headers.get(RESPONSE_HEADER_ID.encode(), b"").decode()
+                location = response_headers.get(b"Location", b"").decode()
 
             if message["type"] == "http.response.body" and not message.get("more_body", True):
-                runtime = int((time() - self.start) * 1000)
-                self.log(scope, runtime, content_length, request_id=request_id)
+                nonlocal start
+                runtime = int((time() - start) * 1000)
+                kwargs = {"request_id": request_id}
+                if location != "":
+                    kwargs["location"] = location
+                self.log(scope, runtime, content_length, status_code, **kwargs)
             await send(message)
 
-        self.start = time()
         if scope["type"] == "lifespan":
             # https://code.djangoproject.com/ticket/31508
             # https://github.com/encode/uvicorn/issues/266
@@ -68,7 +75,7 @@ class ASGILogger:
         # Check if header has multiple values, and use the first one
         return client_ip.split(", ")[0]
 
-    def log(self, scope: Scope, content_length: int, runtime: float, **kwargs):
+    def log(self, scope: Scope, content_length: int, runtime: float, status_code: int, **kwargs):
         """Outpot access logs in a structured format"""
         host = self._get_ip(scope)
         query_string = ""
@@ -79,7 +86,7 @@ class ASGILogger:
             host=host,
             method=scope.get("method", ""),
             scheme=scope.get("scheme", ""),
-            status=self.status_code,
+            status=status_code,
             size=content_length / 1000 if content_length > 0 else 0,
             runtime=runtime,
             **kwargs,

authentik/root/middleware.py

@@ -24,7 +24,7 @@ class SessionMiddleware(UpstreamSessionMiddleware):
             # Since go does not consider localhost with http a secure origin
             # we can't set the secure flag.
             user_agent = request.META.get("HTTP_USER_AGENT", "")
-            if user_agent.startswith("authentik-outpost@"):
+            if user_agent.startswith("authentik-outpost@") or "safari" in user_agent.lower():
                 return False
             return True
         return False

authentik/root/settings.py

@@ -154,10 +154,10 @@ SPECTACULAR_SETTINGS = {
     "SCHEMA_PATH_PREFIX_TRIM": True,
     "SERVERS": [
         {
-            "url": "http://authentik.tld/api/v3/",
+            "url": "/api/v3/",
         },
         {
-            "url": "http://authentik.tld/api/v2beta/",
+            "url": "/api/v2beta/",
         },
     ],
     "CONTACT": {
@@ -372,7 +372,7 @@ CELERY_RESULT_BACKEND = (
 # Database backup
 DBBACKUP_STORAGE = "django.core.files.storage.FileSystemStorage"
 DBBACKUP_STORAGE_OPTIONS = {"location": "./backups" if DEBUG else "/backups"}
-DBBACKUP_FILENAME_TEMPLATE = "authentik-backup-{datetime}.sql"
+DBBACKUP_FILENAME_TEMPLATE = f"authentik-backup-{__version__}-{{datetime}}.sql"
 DBBACKUP_CONNECTOR_MAPPING = {
     "django_prometheus.db.backends.postgresql": "dbbackup.db.postgresql.PgDumpConnector",
 }

authentik/sources/oauth/clients/base.py

@@ -43,7 +43,6 @@ class BaseOAuthClient:
             profile_url = self.source.profile_url
         try:
             response = self.do_request("get", profile_url, token=token)
-            LOGGER.debug(response.text)
             response.raise_for_status()
         except RequestException as exc:
             LOGGER.warning("Unable to fetch user profile", exc=exc)

authentik/sources/oauth/clients/oauth2.py

@@ -65,7 +65,6 @@ class OAuth2Client(BaseOAuthClient):
                 data=args,
                 headers=self._default_headers,
             )
-            LOGGER.debug(response.text)
             response.raise_for_status()
         except RequestException as exc:
             LOGGER.warning("Unable to fetch access token", exc=exc)

authentik/sources/oauth/types/azure_ad.py

@@ -36,7 +36,6 @@ class AzureADClient(OAuth2Client):
                 profile_url,
                 headers={"Authorization": f"{token['token_type']} {token['access_token']}"},
             )
-            LOGGER.debug(response.text)
             response.raise_for_status()
         except RequestException as exc:
             LOGGER.warning("Unable to fetch user profile", exc=exc)

authentik/stages/identification/stage.py

@@ -134,6 +134,9 @@ class IdentificationStageView(ChallengeStageView):
             else:
                 model_field += "__exact"
             query |= Q(**{model_field: uid_value})
+        if not query:
+            LOGGER.debug("Empty user query", query=query)
+            return None
         users = User.objects.filter(query, is_active=True)
         if users.exists():
             LOGGER.debug("Found user", user=users.first(), query=query)

authentik/stages/identification/tests.py

@@ -136,6 +136,48 @@ class TestIdentificationStage(APITestCase):
         )
         self.assertEqual(response.status_code, 200)
 
+    def test_invalid_no_fields(self):
+        """Test invalid with username (no user fields are enabled)"""
+        self.stage.user_fields = []
+        self.stage.save()
+        form_data = {"uid_field": self.user.username}
+        response = self.client.post(
+            reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug}),
+            form_data,
+        )
+        self.assertEqual(response.status_code, 200)
+        self.assertJSONEqual(
+            force_str(response.content),
+            {
+                "type": ChallengeTypes.NATIVE.value,
+                "component": "ak-stage-identification",
+                "password_fields": False,
+                "primary_action": "Log in",
+                "response_errors": {
+                    "non_field_errors": [
+                        {"code": "invalid", "string": "Failed to " "authenticate."}
+                    ]
+                },
+                "flow_info": {
+                    "background": self.flow.background_url,
+                    "cancel_url": reverse("authentik_flows:cancel"),
+                    "title": "",
+                },
+                "sources": [
+                    {
+                        "challenge": {
+                            "component": "xak-flow-redirect",
+                            "to": "/source/oauth/login/test/",
+                            "type": ChallengeTypes.REDIRECT.value,
+                        },
+                        "icon_url": "/static/authentik/sources/.svg",
+                        "name": "test",
+                    }
+                ],
+                "user_fields": [],
+            },
+        )
+
     def test_invalid_with_invalid_email(self):
         """Test with invalid email (user doesn't exist) -> Will return to login form"""
         form_data = {"uid_field": self.user.email + "test"}

docker-compose.yml

@@ -21,7 +21,7 @@ services:
     networks:
       - internal
   server:
-    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2021.8.4}
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2021.8.5}
     restart: unless-stopped
     command: server
     environment:
@@ -44,7 +44,7 @@ services:
       - "0.0.0.0:9000:9000"
       - "0.0.0.0:9443:9443"
   worker:
-    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2021.8.4}
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2021.8.5}
     restart: unless-stopped
     command: worker
     networks:

internal/constants/constants.go

@@ -17,4 +17,4 @@ func OutpostUserAgent() string {
 	return fmt.Sprintf("authentik-outpost@%s (%s)", VERSION, BUILD())
 }
 
-const VERSION = "2021.8.4"
+const VERSION = "2021.8.5"

internal/outpost/ak/api.go

@@ -47,7 +47,7 @@ func NewAPIController(akURL url.URL, token string) *APIController {
 	config.Host = akURL.Host
 	config.Scheme = akURL.Scheme
 	config.HTTPClient = &http.Client{
-		Transport: NewTracingTransport(GetTLSTransport()),
+		Transport: NewTracingTransport(context.TODO(), GetTLSTransport()),
 	}
 	config.AddDefaultHeader("Authorization", fmt.Sprintf("Bearer %s", token))
 
@@ -107,8 +107,24 @@ func (a *APIController) Start() error {
 	return nil
 }
 
+func (a *APIController) OnRefresh() error {
+	// Because we don't know the outpost UUID, we simply do a list and pick the first
+	// The service account this token belongs to should only have access to a single outpost
+	outposts, _, err := a.Client.OutpostsApi.OutpostsInstancesList(context.Background()).Execute()
+
+	if err != nil {
+		log.WithError(err).Error("Failed to fetch outpost configuration")
+		return err
+	}
+	outpost := outposts.Results[0]
+	doGlobalSetup(outpost.Config)
+
+	log.WithField("name", outpost.Name).Debug("Fetched outpost configuration")
+	return a.Server.Refresh()
+}
+
 func (a *APIController) StartBackgorundTasks() error {
-	err := a.Server.Refresh()
+	err := a.OnRefresh()
 	if err != nil {
 		return errors.Wrap(err, "failed to run initial refresh")
 	}

internal/outpost/ak/api_ws.go

@@ -82,7 +82,7 @@ func (ac *APIController) startWSHandler() {
 		if wsMsg.Instruction == WebsocketInstructionTriggerUpdate {
 			time.Sleep(ac.reloadOffset)
 			logger.Debug("Got update trigger...")
-			err := ac.Server.Refresh()
+			err := ac.OnRefresh()
 			if err != nil {
 				logger.WithError(err).Debug("Failed to update")
 			}
@@ -118,7 +118,7 @@ func (ac *APIController) startIntervalUpdater() {
 	logger := ac.logger.WithField("loop", "interval-updater")
 	ticker := time.NewTicker(5 * time.Minute)
 	for ; true; <-ticker.C {
-		err := ac.Server.Refresh()
+		err := ac.OnRefresh()
 		if err != nil {
 			logger.WithError(err).Debug("Failed to update")
 		}

internal/outpost/ak/tracing.go

@@ -1,6 +1,7 @@
 package ak
 
 import (
+	"context"
 	"net/http"
 
 	"github.com/getsentry/sentry-go"
@@ -8,14 +9,15 @@ import (
 
 type tracingTransport struct {
 	inner http.RoundTripper
+	ctx   context.Context
 }
 
-func NewTracingTransport(inner http.RoundTripper) *tracingTransport {
-	return &tracingTransport{inner}
+func NewTracingTransport(ctx context.Context, inner http.RoundTripper) *tracingTransport {
+	return &tracingTransport{inner, ctx}
 }
 
 func (tt *tracingTransport) RoundTrip(r *http.Request) (*http.Response, error) {
-	span := sentry.StartSpan(r.Context(), "authentik.go.http_request")
+	span := sentry.StartSpan(tt.ctx, "authentik.go.http_request")
 	span.SetTag("url", r.URL.String())
 	span.SetTag("method", r.Method)
 	defer span.Finish()

internal/outpost/flow.go

@@ -16,6 +16,7 @@ import (
 	"goauthentik.io/api"
 	"goauthentik.io/internal/constants"
 	"goauthentik.io/internal/outpost/ak"
+	"goauthentik.io/internal/utils"
 )
 
 type StageComponent string
@@ -61,8 +62,10 @@ func NewFlowExecutor(ctx context.Context, flowSlug string, refConfig *api.Config
 	config.UserAgent = constants.OutpostUserAgent()
 	config.HTTPClient = &http.Client{
 		Jar:       jar,
-		Transport: ak.NewTracingTransport(ak.GetTLSTransport()),
+		Transport: ak.NewTracingTransport(ctx, ak.GetTLSTransport()),
 	}
+	token := strings.Split(refConfig.DefaultHeader["Authorization"], " ")[1]
+	config.AddDefaultHeader(HeaderAuthentikOutpostToken, token)
 	apiClient := api.NewAPIClient(config)
 	return &FlowExecutor{
 		Params:   url.Values{},
@@ -71,7 +74,7 @@ func NewFlowExecutor(ctx context.Context, flowSlug string, refConfig *api.Config
 		api:      apiClient,
 		flowSlug: flowSlug,
 		log:      l,
-		token:    strings.Split(refConfig.DefaultHeader["Authorization"], " ")[1],
+		token:    token,
 		sp:       rsp,
 	}
 }
@@ -87,13 +90,7 @@ type ChallengeInt interface {
 }
 
 func (fe *FlowExecutor) DelegateClientIP(a net.Addr) {
-	host, _, err := net.SplitHostPort(a.String())
-	if err != nil {
-		fe.log.WithError(err).Warning("Failed to get remote IP")
-		return
-	}
-	fe.api.GetConfig().AddDefaultHeader(HeaderAuthentikRemoteIP, host)
-	fe.api.GetConfig().AddDefaultHeader(HeaderAuthentikOutpostToken, fe.token)
+	fe.api.GetConfig().AddDefaultHeader(HeaderAuthentikRemoteIP, utils.GetIP(a))
 }
 
 func (fe *FlowExecutor) CheckApplicationAccess(appSlug string) (bool, error) {

internal/outpost/ldap/bind.go

@@ -9,6 +9,7 @@ import (
 	"github.com/google/uuid"
 	"github.com/nmcclain/ldap"
 	log "github.com/sirupsen/logrus"
+	"goauthentik.io/internal/utils"
 )
 
 type BindRequest struct {
@@ -33,7 +34,7 @@ func (ls *LDAPServer) Bind(bindDN string, bindPW string, conn net.Conn) (ldap.LD
 		BindDN: bindDN,
 		BindPW: bindPW,
 		conn:   conn,
-		log:    ls.log.WithField("bindDN", bindDN).WithField("requestId", rid).WithField("client", conn.RemoteAddr().String()),
+		log:    ls.log.WithField("bindDN", bindDN).WithField("requestId", rid).WithField("client", utils.GetIP(conn.RemoteAddr())),
 		id:     rid,
 		ctx:    span.Context(),
 	}

internal/outpost/ldap/instance_bind.go

@@ -11,6 +11,7 @@ import (
 	log "github.com/sirupsen/logrus"
 	"goauthentik.io/api"
 	"goauthentik.io/internal/outpost"
+	"goauthentik.io/internal/utils"
 )
 
 const ContextUserKey = "ak_user"
@@ -36,7 +37,7 @@ func (pi *ProviderInstance) getUsername(dn string) (string, error) {
 func (pi *ProviderInstance) Bind(username string, req BindRequest) (ldap.LDAPResultCode, error) {
 	fe := outpost.NewFlowExecutor(req.ctx, pi.flowSlug, pi.s.ac.Client.GetConfig(), log.Fields{
 		"bindDN":    req.BindDN,
-		"client":    req.conn.RemoteAddr().String(),
+		"client":    utils.GetIP(req.conn.RemoteAddr()),
 		"requestId": req.id,
 	})
 	fe.DelegateClientIP(req.conn.RemoteAddr())

internal/outpost/ldap/search.go

@@ -11,6 +11,7 @@ import (
 	"github.com/google/uuid"
 	"github.com/nmcclain/ldap"
 	log "github.com/sirupsen/logrus"
+	"goauthentik.io/internal/utils"
 )
 
 type SearchRequest struct {
@@ -35,7 +36,7 @@ func (ls *LDAPServer) Search(bindDN string, searchReq ldap.SearchRequest, conn n
 		SearchRequest: searchReq,
 		BindDN:        bindDN,
 		conn:          conn,
-		log:           ls.log.WithField("bindDN", bindDN).WithField("requestId", rid).WithField("client", conn.RemoteAddr().String()).WithField("filter", searchReq.Filter).WithField("baseDN", searchReq.BaseDN),
+		log:           ls.log.WithField("bindDN", bindDN).WithField("requestId", rid).WithField("client", utils.GetIP(conn.RemoteAddr())).WithField("filter", searchReq.Filter).WithField("baseDN", searchReq.BaseDN),
 		id:            rid,
 		ctx:           span.Context(),
 	}

internal/outpost/proxy/proxy.go

@@ -22,6 +22,7 @@ import (
 	"github.com/oauth2-proxy/oauth2-proxy/providers"
 	"goauthentik.io/api"
 	"goauthentik.io/internal/utils/web"
+	staticWeb "goauthentik.io/web"
 
 	log "github.com/sirupsen/logrus"
 )
@@ -121,7 +122,7 @@ func NewOAuthProxy(opts *options.Options, provider api.ProxyOutpostConfig, c *ht
 		redirectURL.Path = fmt.Sprintf("%s/callback", opts.ProxyPrefix)
 	}
 
-	logger.WithField("auth_url", opts.GetProvider().Data().LoginURL).WithField("client_id", opts.ClientID).Info("proxy instance configured")
+	logger.WithField("auth_url", opts.GetProvider().Data().LoginURL.String()).WithField("client_id", opts.ClientID).Info("proxy instance configured")
 
 	sessionChain := buildSessionChain(opts, sessionStore)
 
@@ -255,11 +256,18 @@ func (p *OAuthProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
 		p.AuthenticateOnly(rw, req)
 	case path == p.UserInfoPath:
 		p.UserInfo(rw, req)
+	case strings.HasPrefix(path, fmt.Sprintf("%s/static", p.ProxyPrefix)):
+		p.ServeStatic(rw, req)
 	default:
 		p.Proxy(rw, req)
 	}
 }
 
+func (p *OAuthProxy) ServeStatic(rw http.ResponseWriter, req *http.Request) {
+	staticFs := http.FileServer(http.FS(staticWeb.StaticDist))
+	http.StripPrefix(fmt.Sprintf("%s/static", p.ProxyPrefix), staticFs).ServeHTTP(rw, req)
+}
+
 //UserInfo endpoint outputs session email and preferred username in JSON format
 func (p *OAuthProxy) UserInfo(rw http.ResponseWriter, req *http.Request) {
 

internal/outpost/proxy/templates.go

@@ -4,25 +4,11 @@ import (
 	"html/template"
 
 	log "github.com/sirupsen/logrus"
+	"goauthentik.io/internal/outpost/proxy/templates"
 )
 
 func getTemplates() *template.Template {
-	t, err := template.New("foo").Parse(`{{define "error.html"}}
-<!DOCTYPE html>
-<html lang="en" charset="utf-8">
-<head>
-	<title>{{.Title}}</title>
-	<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
-	<style>* { font-family: sans-serif; }</style>
-</head>
-<body>
-	<h2>{{.Title}}</h2>
-	<p>{{.Message}}</p>
-	<hr>
-	<p><a href="{{.ProxyPrefix}}/sign_in">Sign In</a></p>
-	<p>Powered by <a href="https://goauthentik.io">authentik</a></p>
-</body>
-</html>{{end}}`)
+	t, err := template.New("foo").Parse(templates.ErrorTemplate)
 	if err != nil {
 		log.Fatalf("failed parsing template %s", err)
 	}

internal/outpost/proxy/templates/error.html

@@ -0,0 +1,65 @@
+{{define "error.html"}}<!DOCTYPE html>
+
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+        <title>{{.Title}}</title>
+        <link rel="shortcut icon" type="image/png" href="/akprox/static/dist/assets/icons/icon.png">
+        <link rel="stylesheet" type="text/css" href="/akprox/static/dist/patternfly.min.css">
+        <link rel="stylesheet" type="text/css" href="/akprox/static/dist/authentik.css">
+        <style>
+            .pf-c-background-image::before {
+                --ak-flow-background: url("/akprox/static/dist/assets/images/flow_background.jpg");
+            }
+        </style>
+    </head>
+    <body>
+        <div class="pf-c-background-image">
+            <svg xmlns="http://www.w3.org/2000/svg" class="pf-c-background-image__filter" width="0" height="0">
+                <filter id="image_overlay">
+                    <feColorMatrix in="SourceGraphic" type="matrix" values="1.3 0 0 0 0 0 1.3 0 0 0 0 0 1.3 0 0 0 0 0 1 0" />
+                    <feComponentTransfer color-interpolation-filters="sRGB" result="duotone">
+                        <feFuncR type="table" tableValues="0.086274509803922 0.43921568627451"></feFuncR>
+                        <feFuncG type="table" tableValues="0.086274509803922 0.43921568627451"></feFuncG>
+                        <feFuncB type="table" tableValues="0.086274509803922 0.43921568627451"></feFuncB>
+                        <feFuncA type="table" tableValues="0 1"></feFuncA>
+                    </feComponentTransfer>
+                </filter>
+            </svg>
+        </div>
+        <div class="pf-c-login">
+            <div class="ak-login-container">
+                <header class="pf-c-login__header">
+                    <div class="pf-c-brand ak-brand">
+                        <img src="/akprox/static/dist/assets/icons/icon_left_brand.svg" alt="authentik icon" />
+                    </div>
+                </header>
+                <main class="pf-c-login__main">
+                    <header class="pf-c-login__main-header">
+                        <h1 class="pf-c-title pf-m-3xl">
+                            {{ .Title }}
+                        </h1>
+                    </header>
+                    <div class="pf-c-login__main-body">
+                        {{ .Message }}
+                    </div>
+                    <div class="pf-c-login__main-body">
+                        <a href="/" class="pf-c-button pf-m-primary pf-m-block">Go to home</a>
+                    </div>
+                </main>
+                <footer class="pf-c-login__footer">
+                    <p></p>
+                    <ul class="pf-c-list pf-m-inline">
+                        <li>
+                            <a href="https://goauthentik.io">
+                                Powered by authentik
+                            </a>
+                        </li>
+                    </ul>
+                </footer>
+            </div>
+        </div>
+    </body>
+</html>
+{{end}}

internal/outpost/proxy/templates/templates.go

@@ -0,0 +1,6 @@
+package templates
+
+import _ "embed"
+
+//go:embed error.html
+var ErrorTemplate string

internal/utils/net.go

@@ -0,0 +1,13 @@
+package utils
+
+import "net"
+
+func GetIP(addr net.Addr) string {
+	switch addr := addr.(type) {
+	case *net.UDPAddr:
+		return addr.IP.String()
+	case *net.TCPAddr:
+		return addr.IP.String()
+	}
+	return ""
+}

internal/web/middleware_log.go

@@ -9,19 +9,21 @@ import (
 	"goauthentik.io/internal/utils/web"
 )
 
-func loggingMiddleware(next http.Handler) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		span := sentry.StartSpan(r.Context(), "authentik.go.request")
-		before := time.Now()
-		// Call the next handler, which can be another middleware in the chain, or the final handler.
-		next.ServeHTTP(w, r)
-		after := time.Now()
-		log.WithFields(log.Fields{
-			"remote": r.RemoteAddr,
-			"method": r.Method,
-			"took":   after.Sub(before),
-			"host":   web.GetHost(r),
-		}).Info(r.RequestURI)
-		span.Finish()
-	})
+func loggingMiddleware(l *log.Entry) func(next http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			span := sentry.StartSpan(r.Context(), "authentik.go.request")
+			before := time.Now()
+			// Call the next handler, which can be another middleware in the chain, or the final handler.
+			next.ServeHTTP(w, r)
+			after := time.Now()
+			l.WithFields(log.Fields{
+				"remote": r.RemoteAddr,
+				"method": r.Method,
+				"took":   after.Sub(before),
+				"host":   web.GetHost(r),
+			}).Info(r.RequestURI)
+			span.Finish()
+		})
+	}
 }

internal/web/web.go

@@ -30,6 +30,7 @@ type WebServer struct {
 }
 
 func NewWebServer() *WebServer {
+	l := log.WithField("logger", "authentik.g.web")
 	mainHandler := mux.NewRouter()
 	if config.G.ErrorReporting.Enabled {
 		mainHandler.Use(recoveryMiddleware())
@@ -37,14 +38,14 @@ func NewWebServer() *WebServer {
 	mainHandler.Use(handlers.ProxyHeaders)
 	mainHandler.Use(handlers.CompressHandler)
 	logginRouter := mainHandler.NewRoute().Subrouter()
-	logginRouter.Use(loggingMiddleware)
+	logginRouter.Use(loggingMiddleware(l))
 
 	ws := &WebServer{
 		LegacyProxy: true,
 
 		m:   mainHandler,
 		lh:  logginRouter,
-		log: log.WithField("logger", "authentik.g.web"),
+		log: l,
 	}
 	ws.configureStatic()
 	ws.configureProxy()

internal/web/web_static.go

@@ -1,8 +1,10 @@
 package web
 
 import (
+	"fmt"
 	"net/http"
 
+	"github.com/gorilla/mux"
 	"goauthentik.io/internal/config"
 	"goauthentik.io/internal/constants"
 	staticWeb "goauthentik.io/web"
@@ -11,21 +13,42 @@ import (
 
 func (ws *WebServer) configureStatic() {
 	statRouter := ws.lh.NewRoute().Subrouter()
+	statRouter.Use(disableIndex)
 	// Media files, always local
 	fs := http.FileServer(http.Dir(config.G.Paths.Media))
+	var distHandler http.Handler
+	var distFs http.Handler
+	var authentikHandler http.Handler
+	var helpHandler http.Handler
 	if config.G.Debug || config.G.Web.LoadLocalFiles {
 		ws.log.Debug("Using local static files")
-		statRouter.PathPrefix("/static/dist").Handler(http.StripPrefix("/static/dist", http.FileServer(http.Dir("./web/dist"))))
-		statRouter.PathPrefix("/static/authentik").Handler(http.StripPrefix("/static/authentik", http.FileServer(http.Dir("./web/authentik"))))
-		statRouter.PathPrefix("/help").Handler(http.StripPrefix("/help", http.FileServer(http.Dir("./website/help"))))
+		distFs = http.FileServer(http.Dir("./web/dist"))
+		distHandler = http.StripPrefix("/static/dist/", distFs)
+		authentikHandler = http.StripPrefix("/static/authentik/", http.FileServer(http.Dir("./web/authentik")))
+		helpHandler = http.StripPrefix("/help/", http.FileServer(http.Dir("./website/help")))
 	} else {
 		statRouter.Use(ws.staticHeaderMiddleware)
 		ws.log.Debug("Using packaged static files with aggressive caching")
-		statRouter.PathPrefix("/static/dist").Handler(http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticDist))))
-		statRouter.PathPrefix("/static/authentik").Handler(http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticAuthentik))))
-		statRouter.PathPrefix("/help").Handler(http.FileServer(http.FS(staticDocs.Help)))
+		distFs = http.FileServer(http.FS(staticWeb.StaticDist))
+		distHandler = http.StripPrefix("/static", distFs)
+		authentikHandler = http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticAuthentik)))
+		helpHandler = http.FileServer(http.FS(staticDocs.Help))
 	}
-	statRouter.PathPrefix("/media").Handler(http.StripPrefix("/media", fs))
+	statRouter.PathPrefix("/static/dist/").Handler(distHandler)
+	statRouter.PathPrefix("/static/authentik/").Handler(authentikHandler)
+	// Prevent font-loading issues on safari, which loads fonts relatively to the URL the browser is on
+	statRouter.PathPrefix("/if/flow/{flow_slug}/assets").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+		vars := mux.Vars(r)
+
+		http.StripPrefix(fmt.Sprintf("/if/flow/%s", vars["flow_slug"]), distFs).ServeHTTP(rw, r)
+	})
+	statRouter.PathPrefix("/if/admin/assets").Handler(http.StripPrefix("/if/admin", distFs))
+
+	statRouter.PathPrefix("/media/").Handler(http.StripPrefix("/media", fs))
+
+	statRouter.PathPrefix("/if/help/").Handler(helpHandler)
+	statRouter.PathPrefix("/help").Handler(http.RedirectHandler("/if/help/", http.StatusMovedPermanently))
+
 	ws.lh.Path("/robots.txt").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
 		rw.Header()["Content-Type"] = []string{"text/plain"}
 		rw.WriteHeader(200)

internal/web/web_static_utils.go

@@ -0,0 +1,17 @@
+package web
+
+import (
+	"net/http"
+	"strings"
+)
+
+func disableIndex(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if strings.HasSuffix(r.URL.Path, "/") {
+			http.NotFound(w, r)
+			return
+		}
+
+		next.ServeHTTP(w, r)
+	})
+}

lifecycle/ak

@@ -14,9 +14,12 @@ function check_if_root {
         # Get group ID of the docker socket, so we can create a matching group and
         # add ourselves to it
         DOCKER_GID=$(stat -c '%g' $SOCKET)
+        # Ensure group for the id exists
         getent group $DOCKER_GID || groupadd -f -g $DOCKER_GID docker
         usermod -a -G $DOCKER_GID authentik
-        GROUP="authentik:docker"
+        # since the name of the group might not be docker, we need to lookup the group id
+        GROUP_NAME=$(getent group $DOCKER_GID  | sed 's/:/\n/g' | head -1)
+        GROUP="authentik:${GROUP_NAME}"
     fi
     # Fix permissions of backups and media
     chown -R authentik:authentik /media /backups

proxy.Dockerfile

@@ -13,12 +13,24 @@ RUN	docker-entrypoint.sh generate \
     --additional-properties=packageName=api,enumClassPrefix=true,useOneOfDiscriminatorLookup=true && \
     rm -f /local/api/go.mod /local/api/go.sum
 
+# Stage 2: Build website
+FROM node as web-builder
+
+COPY ./web /static/
+
+ENV NODE_ENV=production
+RUN cd /static && npm i && npm run build
+
 # Stage 2: Build
 FROM golang:1.17.0 AS builder
 
 WORKDIR /go/src/goauthentik.io
 
 COPY . .
+COPY --from=web-builder /static/robots.txt /work/web/robots.txt
+COPY --from=web-builder /static/security.txt /work/web/security.txt
+COPY --from=web-builder /static/dist/ /work/web/dist/
+COPY --from=web-builder /static/authentik/ /work/web/authentik/
 COPY --from=api-builder /local/api api
 
 RUN go build -o /go/proxy ./cmd/proxy

schema.yml

@@ -1,7 +1,7 @@
 openapi: 3.0.3
 info:
   title: authentik
-  version: 2021.8.4
+  version: 2021.8.5
   description: Making authentication simple.
   contact:
     email: hello@beryju.org
@@ -3903,6 +3903,21 @@ paths:
           $ref: '#/components/schemas/ValidationError'
         '403':
           $ref: '#/components/schemas/GenericError'
+  /events/notifications/mark_all_seen/:
+    post:
+      operationId: events_notifications_mark_all_seen_create
+      description: Mark all the user's notifications as seen
+      tags:
+      - events
+      security:
+      - authentik: []
+      responses:
+        '204':
+          description: Marked tasks as read successfully.
+        '400':
+          $ref: '#/components/schemas/ValidationError'
+        '403':
+          $ref: '#/components/schemas/GenericError'
   /events/rules/:
     get:
       operationId: events_rules_list
@@ -10004,25 +10019,32 @@ paths:
       description: LDAPProvider Viewset
       parameters:
       - in: query
-        name: authorization_flow
+        name: application__isnull
+        schema:
+          type: boolean
+      - in: query
+        name: authorization_flow__slug__iexact
+        schema:
+          type: string
+      - in: query
+        name: base_dn__iexact
+        schema:
+          type: string
+      - in: query
+        name: certificate__kp_uuid__iexact
         schema:
           type: string
           format: uuid
       - in: query
-        name: base_dn
+        name: certificate__name__iexact
         schema:
           type: string
       - in: query
-        name: certificate
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: gid_start_number
+        name: gid_start_number__iexact
         schema:
           type: integer
       - in: query
-        name: name
+        name: name__iexact
         schema:
           type: string
       - name: ordering
@@ -10043,15 +10065,6 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
-      - in: query
-        name: property_mappings
-        schema:
-          type: array
-          items:
-            type: string
-            format: uuid
-        explode: true
-        style: form
       - name: search
         required: false
         in: query
@@ -10059,16 +10072,20 @@ paths:
         schema:
           type: string
       - in: query
-        name: search_group
+        name: search_group__group_uuid__iexact
         schema:
           type: string
           format: uuid
       - in: query
-        name: tls_server_name
+        name: search_group__name__iexact
         schema:
           type: string
       - in: query
-        name: uid_start_number
+        name: tls_server_name__iexact
+        schema:
+          type: string
+      - in: query
+        name: uid_start_number__iexact
         schema:
           type: integer
       tags:
@@ -10570,102 +10587,56 @@ paths:
       description: ProxyProvider Viewset
       parameters:
       - in: query
-        name: access_code_validity
+        name: application__isnull
+        schema:
+          type: boolean
+      - in: query
+        name: authorization_flow__slug__iexact
         schema:
           type: string
       - in: query
-        name: authorization_flow
+        name: basic_auth_enabled__iexact
+        schema:
+          type: boolean
+      - in: query
+        name: basic_auth_password_attribute__iexact
+        schema:
+          type: string
+      - in: query
+        name: basic_auth_user_attribute__iexact
+        schema:
+          type: string
+      - in: query
+        name: certificate__kp_uuid__iexact
         schema:
           type: string
           format: uuid
       - in: query
-        name: basic_auth_enabled
+        name: certificate__name__iexact
+        schema:
+          type: string
+      - in: query
+        name: cookie_domain__iexact
+        schema:
+          type: string
+      - in: query
+        name: external_host__iexact
+        schema:
+          type: string
+      - in: query
+        name: internal_host__iexact
+        schema:
+          type: string
+      - in: query
+        name: internal_host_ssl_validation__iexact
         schema:
           type: boolean
       - in: query
-        name: basic_auth_password_attribute
+        name: mode__iexact
         schema:
           type: string
       - in: query
-        name: basic_auth_user_attribute
-        schema:
-          type: string
-      - in: query
-        name: certificate
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: client_id
-        schema:
-          type: string
-      - in: query
-        name: client_secret
-        schema:
-          type: string
-      - in: query
-        name: client_type
-        schema:
-          type: string
-          enum:
-          - confidential
-          - public
-        description: |-
-          Confidential clients are capable of maintaining the confidentiality
-              of their credentials. Public clients are incapable.
-      - in: query
-        name: cookie_domain
-        schema:
-          type: string
-      - in: query
-        name: cookie_secret
-        schema:
-          type: string
-      - in: query
-        name: external_host
-        schema:
-          type: string
-      - in: query
-        name: include_claims_in_id_token
-        schema:
-          type: boolean
-      - in: query
-        name: internal_host
-        schema:
-          type: string
-      - in: query
-        name: internal_host_ssl_validation
-        schema:
-          type: boolean
-      - in: query
-        name: issuer_mode
-        schema:
-          type: string
-          enum:
-          - global
-          - per_provider
-        description: Configure how the issuer field of the ID Token should be filled.
-      - in: query
-        name: jwt_alg
-        schema:
-          type: string
-          title: JWT Algorithm
-          enum:
-          - HS256
-          - RS256
-        description: Algorithm used to sign the JWT Token
-      - in: query
-        name: mode
-        schema:
-          type: string
-          enum:
-          - forward_domain
-          - forward_single
-          - proxy
-        description: Enable support for forwardAuth in traefik and nginx auth_request.
-          Exclusive with internal_host.
-      - in: query
-        name: name
+        name: name__iexact
         schema:
           type: string
       - name: ordering
@@ -10687,7 +10658,7 @@ paths:
         schema:
           type: integer
       - in: query
-        name: property_mappings
+        name: property_mappings__iexact
         schema:
           type: array
           items:
@@ -10696,14 +10667,9 @@ paths:
         explode: true
         style: form
       - in: query
-        name: redirect_uris
+        name: redirect_uris__iexact
         schema:
           type: string
-      - in: query
-        name: rsa_key
-        schema:
-          type: string
-          format: uuid
       - name: search
         required: false
         in: query
@@ -10711,22 +10677,7 @@ paths:
         schema:
           type: string
       - in: query
-        name: skip_path_regex
-        schema:
-          type: string
-      - in: query
-        name: sub_mode
-        schema:
-          type: string
-          enum:
-          - hashed_user_id
-          - user_email
-          - user_upn
-          - user_username
-        description: Configure what data should be used as unique User Identifier.
-          For most cases, the default should be fine.
-      - in: query
-        name: token_validity
+        name: skip_path_regex__iexact
         schema:
           type: string
       tags:
@@ -29105,5 +29056,5 @@ components:
       in: header
       name: Authorization
 servers:
-- url: http://authentik.tld/api/v3/
-- url: http://authentik.tld/api/v2beta/
+- url: /api/v3/
+- url: /api/v2beta/

scripts/ci_prepare.sh

@@ -1,7 +1,9 @@
-#!/bin/bash
+#!/bin/bash -xe
 docker-compose -f scripts/ci.docker-compose.yml up -d
 sudo apt update
 sudo apt install -y libxmlsec1-dev pkg-config
 sudo pip install -U wheel pipenv
-pipenv install --dev
+if [[ "$INSTALL" != "true" ]]; then
+    pipenv install --dev
+fi
 pipenv run python -m scripts.generate_ci_config

scripts/gh_do_set_branch.py

@@ -11,6 +11,9 @@ if os.environ.get(env_pr_branch, "") != "":
     branch_name = os.environ[env_pr_branch]
 branch_name = branch_name.replace("refs/heads/", "").replace("/", "-")
 
+should_build = str(os.environ.get("DOCKER_USERNAME", "") != "").lower()
+
 print("##[set-output name=branchName]%s" % branch_name)
 print("##[set-output name=timestamp]%s" % int(time()))
 print("##[set-output name=sha]%s" % os.environ[sha])
+print("##[set-output name=shouldBuild]%s" % should_build)

tests/setup.sh

@@ -7,8 +7,6 @@ sudo chmod +x /usr/local/bin/docker-compose
 # Setup nodejs
 curl -sL https://deb.nodesource.com/setup_15.x | sudo -E bash -
 sudo apt-get install -y nodejs
-# Setup k3d
-curl -s https://raw.githubusercontent.com/rancher/k3d/main/install.sh | bash
 # Setup python
 sudo apt install -y python3.9 python3.9-dev python3-pip libxmlsec1-dev pkg-config
 # Setup docker

web/package.json

@@ -40,13 +40,13 @@
         ]
     },
     "dependencies": {
-        "@babel/core": "^7.15.0",
-        "@babel/plugin-proposal-decorators": "^7.14.5",
+        "@babel/core": "^7.15.5",
+        "@babel/plugin-proposal-decorators": "^7.15.4",
         "@babel/plugin-transform-runtime": "^7.15.0",
-        "@babel/preset-env": "^7.15.0",
+        "@babel/preset-env": "^7.15.4",
         "@babel/preset-typescript": "^7.15.0",
         "@fortawesome/fontawesome-free": "^5.15.4",
-        "@goauthentik/api": "^2021.8.3-1630597235",
+        "@goauthentik/api": "^2021.8.4-1630786118",
         "@lingui/cli": "^3.10.2",
         "@lingui/core": "^3.10.4",
         "@lingui/macro": "^3.10.2",
@@ -61,8 +61,8 @@
         "@types/chart.js": "^2.9.34",
         "@types/codemirror": "5.60.2",
         "@types/grecaptcha": "^3.0.3",
-        "@typescript-eslint/eslint-plugin": "^4.30.0",
-        "@typescript-eslint/parser": "^4.30.0",
+        "@typescript-eslint/eslint-plugin": "^4.31.0",
+        "@typescript-eslint/parser": "^4.31.0",
         "@webcomponents/webcomponentsjs": "^2.6.0",
         "babel-plugin-macros": "^3.1.0",
         "base64-js": "^1.5.1",

web/src/api/Sentry.ts

@@ -14,6 +14,9 @@ export function configureSentry(canDoPpi: boolean = false): Promise<Config> {
         if (config.errorReportingEnabled) {
             Sentry.init({
                 dsn: "https://a579bb09306d4f8b8d8847c052d3a1d3@sentry.beryju.org/8",
+                ignoreErrors: [
+                    /network/i,
+                ],
                 release: `authentik@${VERSION}`,
                 tunnel: "/api/v3/sentry/",
                 integrations: [

web/src/constants.ts

@@ -3,7 +3,7 @@ export const SUCCESS_CLASS = "pf-m-success";
 export const ERROR_CLASS = "pf-m-danger";
 export const PROGRESS_CLASS = "pf-m-in-progress";
 export const CURRENT_CLASS = "pf-m-current";
-export const VERSION = "2021.8.4";
+export const VERSION = "2021.8.5";
 export const PAGE_SIZE = 20;
 export const TITLE_DEFAULT = "authentik";
 export const ROUTE_SEPARATOR = ";";

web/src/elements/notifications/NotificationDrawer.ts

@@ -19,6 +19,8 @@ import AKGlobal from "../../authentik.css";
 import PFContent from "@patternfly/patternfly/components/Content/content.css";
 import { EVENT_NOTIFICATION_DRAWER_TOGGLE } from "../../constants";
 import { ActionToLabel } from "../../pages/events/utils";
+import { showMessage } from "../messages/MessageContainer";
+import { MessageLevel } from "../messages/Message";
 
 @customElement("ak-notification-drawer")
 export class NotificationDrawer extends LitElement {
@@ -31,6 +33,12 @@ export class NotificationDrawer extends LitElement {
     static get styles(): CSSResult[] {
         return [PFBase, PFButton, PFNotificationDrawer, PFContent, PFDropdown, AKGlobal].concat(
             css`
+                .pf-c-drawer__body {
+                    height: 100%;
+                }
+                .pf-c-notification-drawer__body {
+                    flex-grow: 1;
+                }
                 .pf-c-notification-drawer__header {
                     height: 114px;
                     align-items: center;
@@ -143,7 +151,7 @@ export class NotificationDrawer extends LitElement {
                                 }}
                                 class="pf-c-button pf-m-plain"
                                 type="button"
-                                aria-label="Close"
+                                aria-label=${t`Close`}
                             >
                                 <i class="fas fa-times" aria-hidden="true"></i>
                             </button>
@@ -155,6 +163,26 @@ export class NotificationDrawer extends LitElement {
                         ${this.notifications.results.map((n) => this.renderItem(n))}
                     </ul>
                 </div>
+                <div class="pf-c-notification-drawer__footer">
+                    <button
+                        @click=${() => {
+                            new EventsApi(DEFAULT_CONFIG)
+                                .eventsNotificationsMarkAllSeenCreate()
+                                .then(() => {
+                                    showMessage({
+                                        level: MessageLevel.success,
+                                        message: t`Successfully cleared notifications`,
+                                    });
+                                    this.firstUpdated();
+                                });
+                        }}
+                        class="pf-c-button pf-m-secondary pf-m-block"
+                        type="button"
+                        aria-label=${t`Clear all`}
+                    >
+                        ${t`Clear all`}
+                    </button>
+                </div>
             </div>
         </div>`;
     }

web/src/flows/stages/identification/IdentificationStage.ts

@@ -176,7 +176,7 @@ export class IdentificationStage extends BaseStage<
 
     renderInput(): TemplateResult {
         let type = "text";
-        if (!this.challenge?.userFields) {
+        if (!this.challenge?.userFields || this.challenge.userFields.length === 0) {
             return html`<p>${t`Select one of the sources below to login.`}</p>`;
         }
         const fields = (this.challenge?.userFields || []).sort();

web/src/locales/en.po

@@ -276,6 +276,7 @@ msgstr "Application(s)"
 #: src/interfaces/AdminInterface.ts
 #: src/pages/LibraryPage.ts
 #: src/pages/applications/ApplicationListPage.ts
+#: src/pages/outposts/OutpostForm.ts
 msgid "Applications"
 msgstr "Applications"
 
@@ -685,6 +686,11 @@ msgstr "Clear Flow cache"
 msgid "Clear Policy cache"
 msgstr "Clear Policy cache"
 
+#: src/elements/notifications/NotificationDrawer.ts
+#: src/elements/notifications/NotificationDrawer.ts
+msgid "Clear all"
+msgstr "Clear all"
+
 #: src/pages/flows/FlowForm.ts
 msgid "Clear background image"
 msgstr "Clear background image"
@@ -730,6 +736,7 @@ msgstr "Client Secret"
 msgid "Client type"
 msgstr "Client type"
 
+#: src/elements/notifications/NotificationDrawer.ts
 #: src/pages/outposts/OutpostDeploymentModal.ts
 #: src/pages/users/UserListPage.ts
 msgid "Close"
@@ -3186,7 +3193,6 @@ msgid "Provider(s)"
 msgstr "Provider(s)"
 
 #: src/interfaces/AdminInterface.ts
-#: src/pages/outposts/OutpostForm.ts
 #: src/pages/outposts/OutpostListPage.ts
 #: src/pages/providers/ProviderListPage.ts
 msgid "Providers"
@@ -3910,6 +3916,10 @@ msgstr "Successful"
 msgid "Successfully cleared flow cache"
 msgstr "Successfully cleared flow cache"
 
+#: src/elements/notifications/NotificationDrawer.ts
+msgid "Successfully cleared notifications"
+msgstr "Successfully cleared notifications"
+
 #: src/pages/policies/PolicyListPage.ts
 msgid "Successfully cleared policy cache"
 msgstr "Successfully cleared policy cache"

web/src/locales/pseudo-LOCALE.po

@@ -276,6 +276,7 @@ msgstr ""
 #: src/interfaces/AdminInterface.ts
 #: src/pages/LibraryPage.ts
 #: src/pages/applications/ApplicationListPage.ts
+#: src/pages/outposts/OutpostForm.ts
 msgid "Applications"
 msgstr ""
 
@@ -679,6 +680,11 @@ msgstr ""
 msgid "Clear Policy cache"
 msgstr ""
 
+#: src/elements/notifications/NotificationDrawer.ts
+#: src/elements/notifications/NotificationDrawer.ts
+msgid "Clear all"
+msgstr ""
+
 #: src/pages/flows/FlowForm.ts
 msgid "Clear background image"
 msgstr ""
@@ -724,6 +730,7 @@ msgstr ""
 msgid "Client type"
 msgstr ""
 
+#: src/elements/notifications/NotificationDrawer.ts
 #: src/pages/outposts/OutpostDeploymentModal.ts
 #: src/pages/users/UserListPage.ts
 msgid "Close"
@@ -3178,7 +3185,6 @@ msgid "Provider(s)"
 msgstr ""
 
 #: src/interfaces/AdminInterface.ts
-#: src/pages/outposts/OutpostForm.ts
 #: src/pages/outposts/OutpostListPage.ts
 #: src/pages/providers/ProviderListPage.ts
 msgid "Providers"
@@ -3902,6 +3908,10 @@ msgstr ""
 msgid "Successfully cleared flow cache"
 msgstr ""
 
+#: src/elements/notifications/NotificationDrawer.ts
+msgid "Successfully cleared notifications"
+msgstr ""
+
 #: src/pages/policies/PolicyListPage.ts
 msgid "Successfully cleared policy cache"
 msgstr ""

web/src/pages/outposts/OutpostForm.ts

@@ -56,6 +56,7 @@ export class OutpostForm extends ModelForm<Outpost, string> {
                 return new ProvidersApi(DEFAULT_CONFIG)
                     .providersProxyList({
                         ordering: "pk",
+                        applicationIsnull: false,
                     })
                     .then((providers) => {
                         return providers.results.map((provider) => {
@@ -68,7 +69,7 @@ export class OutpostForm extends ModelForm<Outpost, string> {
                                 value=${ifDefined(provider.pk)}
                                 ?selected=${selected}
                             >
-                                ${provider.verboseName} ${provider.name}
+                                ${provider.assignedApplicationName} (${provider.name})
                             </option>`;
                         });
                     });
@@ -76,6 +77,7 @@ export class OutpostForm extends ModelForm<Outpost, string> {
                 return new ProvidersApi(DEFAULT_CONFIG)
                     .providersLdapList({
                         ordering: "pk",
+                        applicationIsnull: false,
                     })
                     .then((providers) => {
                         return providers.results.map((provider) => {
@@ -88,7 +90,7 @@ export class OutpostForm extends ModelForm<Outpost, string> {
                                 value=${ifDefined(provider.pk)}
                                 ?selected=${selected}
                             >
-                                ${provider.verboseName} ${provider.name}
+                                ${provider.assignedApplicationName} (${provider.name})
                             </option>`;
                         });
                     });
@@ -165,7 +167,7 @@ export class OutpostForm extends ModelForm<Outpost, string> {
                 </p>
             </ak-form-element-horizontal>
             <ak-form-element-horizontal
-                label=${t`Providers`}
+                label=${t`Applications`}
                 ?required=${!this.embedded}
                 name="providers"
             >

web/src/pages/tokens/TokenForm.ts

@@ -62,7 +62,7 @@ export class TokenForm extends ModelForm<Token, string> {
                                 return users.results.map((user) => {
                                     return html`<option
                                         value=${user.pk}
-                                        ?selected=${this.instance?.user === user}
+                                        ?selected=${this.instance?.user === user.pk}
                                     >
                                         ${user.username}
                                     </option>`;

website/docs/installation/beta.mdx

@@ -32,7 +32,7 @@ authentik:
   outposts:
     docker_image_base: beryju.org/authentik/outpost-%(type)s:gh-%(build_hash)s
 image:
-  name: beryju.org/authentik/server
+  repository: beryju.org/authentik/server
   tag: gh-next
   # pullPolicy: Always to ensure you always get the latest version
   pullPolicy: Always

website/docs/installation/configuration.md

@@ -53,6 +53,10 @@ To use an S3-compatible storage, set the following settings.
 
 ## authentik Settings
 
+### AUTHENTIK_SECRET_KEY
+
+Secret key used for cookie singing and unique user IDs, don't change this after the first install.
+
 ### AUTHENTIK_LOG_LEVEL
 
 Log level for the server and worker containers. Possible values: debug, info, warning, error

website/docs/installation/docker-compose.md

@@ -12,9 +12,9 @@ This installation method is for test-setups and small-scale productive setups.
 
 ## Preparation
 
-Download the latest `docker-compose.yml` from [here](https://raw.githubusercontent.com/goauthentik/authentik/version/2021.8.4/docker-compose.yml). Place it in a directory of your choice.
+Download the latest `docker-compose.yml` from [here](https://raw.githubusercontent.com/goauthentik/authentik/version/2021.8.5/docker-compose.yml). Place it in a directory of your choice.
 
-To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.8.4 >> .env`
+To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.8.5 >> .env`
 
 If this is a fresh authentik install run the following commands to generate a password:
 

website/docs/integrations/services/vikunja/index.md

@@ -30,23 +30,23 @@ Only settings that have been modified from default have been listed.
 :::
 
 **Protocol Settings**
-- Name: vikjuna
+- Name: Vikunja
 - Client type: Confidential
 - Client ID: Copy and Save this for Later
 - Client Secret: Copy and Save this for later
-- Redirect URIs/Origins: 
+- Redirect URIs/Origins:
 ```
 https://vik.company/auth/openid
-https://vik.company/auth/openid/vikjuna
-```                     
+https://vik.company/auth/openid/Vikunja
+```
 
-![](./vikjuna1.png)
+![](./vikunja1.png)
 
 ### Step 2
 
-Edit/Create you `config.yml` file for Vikjuna
+Edit/Create you `config.yml` file for Vikunja
 
-Incorproate the following example Auth block into your `config.yml`
+Incorporate the following example Auth block into your `config.yml`
 
 ```bash
 auth:
@@ -61,7 +61,7 @@ auth:
   # If the email is not public in those cases, authenticating will fail.
   # **Note 2:** The frontend expects to be redirected after authentication by the third party
   # to <frontend-url>/auth/openid/<auth key>. Please make sure to configure the redirect url with your third party
-  # auth service accordingy if you're using the default vikunja frontend.
+  # auth service accordingly if you're using the default Vikunja frontend.
   # Take a look at the [default config file](https://kolaente.dev/vikunja/api/src/branch/main/config.yml.sample) for more information about how to configure openid authentication.
   openid:
     # Enable or disable OpenID Connect authentication
@@ -72,7 +72,7 @@ auth:
     # A list of enabled providers
     providers:
       # The name of the provider as it will appear in the frontend.
-      - name: vikjuna
+      - name: vikunja
         # The auth url to send users to if they want to authenticate using OpenID Connect.
         authurl: https://authentik.company/application/o/vikunja/
         # The client ID used to authenticate Vikunja at the OpenID Connect provider.

website/docs/maintenance/backups/index.md

@@ -17,27 +17,26 @@ Local backups can be created by running the following command in your authentik
 ```
 docker-compose run --rm worker backup
 # Or for kubernetes
-kubectl exec -it authentik-worker-.... -- ./lifecycle/bootstrap.sh backup
+kubectl exec -it deployment/authentik-worker -c authentik -- ak backup
 ```
 
 This will dump the current database into the `./backups` folder. By defaults, the last 10 Backups are kept.
 
 ### Restore
 
+:::warning
+Currently, it is only supported to restore backups into the same version they have been taken from. Different versions *might* work, but this is not guarantee.
+Instead, install the version the backup was taken with, restore the backup and then upgrade.
+:::
+
 Run this command in your authentik installation directory
 
-```
-docker-compose run --rm worker restore
-# Or for kubernetes
-kubectl exec -it authentik-worker-.... -- ./lifecycle/bootstrap.sh restore
-```
-
-This will prompt you to restore from your last backup. If you want to restore from a specific file, use the `-i` flag with the filename:
+The filename can be found by either looking into the `./backups` directory or using S3.
 
 ```
 docker-compose run --rm worker restore -i default-2020-10-03-115557.psql
 # Or for kubernetes
-kubectl exec -it authentik-worker-.... -- ./lifecycle/bootstrap.sh restore -i default-2020-10-03-115557.psql
+kubectl exec -it deployment/authentik-worker -c authentik -- ak restore -i default-2020-10-03-115557.psql
 ```
 
 After you've restored the backup, it is recommended to restart all services with `docker-compose restart` or `kubectl restart deployment --all`.

website/docs/outposts/manual-deploy-docker-compose.md

@@ -11,7 +11,7 @@ version: "3.5"
 
 services:
   authentik_proxy:
-    image: ghcr.io/goauthentik/proxy:2021.8.4
+    image: ghcr.io/goauthentik/proxy:2021.8.5
     ports:
       - 4180:4180
       - 4443:4443
@@ -21,7 +21,7 @@ services:
       AUTHENTIK_TOKEN: token-generated-by-authentik
   # Or, for the LDAP Outpost
   authentik_proxy:
-    image: ghcr.io/goauthentik/ldap:2021.8.4
+    image: ghcr.io/goauthentik/ldap:2021.8.5
     ports:
       - 389:3389
     environment:

website/docs/outposts/manual-deploy-kubernetes.md

@@ -14,7 +14,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.8.4
+    app.kubernetes.io/version: 2021.8.5
   name: authentik-outpost-api
 stringData:
   authentik_host: "__AUTHENTIK_URL__"
@@ -29,7 +29,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.8.4
+    app.kubernetes.io/version: 2021.8.5
   name: authentik-outpost
 spec:
   ports:
@@ -54,7 +54,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.8.4
+    app.kubernetes.io/version: 2021.8.5
   name: authentik-outpost
 spec:
   selector:
@@ -62,14 +62,14 @@ spec:
       app.kubernetes.io/instance: __OUTPOST_NAME__
       app.kubernetes.io/managed-by: goauthentik.io
       app.kubernetes.io/name: authentik-proxy
-      app.kubernetes.io/version: 2021.8.4
+      app.kubernetes.io/version: 2021.8.5
   template:
     metadata:
       labels:
         app.kubernetes.io/instance: __OUTPOST_NAME__
         app.kubernetes.io/managed-by: goauthentik.io
         app.kubernetes.io/name: authentik-proxy
-        app.kubernetes.io/version: 2021.8.4
+        app.kubernetes.io/version: 2021.8.5
     spec:
       containers:
         - env:
@@ -88,7 +88,7 @@ spec:
               secretKeyRef:
                 key: authentik_host_insecure
                 name: authentik-outpost-api
-        image: ghcr.io/goauthentik/proxy:2021.8.4
+        image: ghcr.io/goauthentik/proxy:2021.8.5
         name: proxy
         ports:
           - containerPort: 4180
@@ -110,7 +110,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.8.4
+    app.kubernetes.io/version: 2021.8.5
   name: authentik-outpost
 spec:
   rules:

website/docs/releases/v2021.8.md

@@ -116,6 +116,27 @@ slug: "2021.8"
 - web/admin: fix list of webauthn devices not updating after rename
 - web/flows: fix FlowExecutor not updating when challenge changes from outside
 
+## Fixed in 2021.8.5
+
+- api: add additional filters for ldap and proxy providers
+- api: cache schema, fix server urls
+- core: minor query optimization
+- events: add mark_all_seen
+- events: remove authentik_events gauge
+- internal: disable directory listing on static files
+- internal: fix font loading errors on safari
+- internal: fix web requests not having a logger set
+- outpost: fix spans being sent without parent context
+- outposts: add expected outpost replica count to metrics
+- outposts/ldap: improve logging of client IPs
+- policies/password: fix symbols not being checked correctly
+- root: fix is_secure with safari on debug environments
+- root: include authentik version in backup naming
+- stages/identification: fix empty user_fields query returning first user
+- web/admin: fix user selection in token form
+- web/admin: show applications instead of providers in outpost form
+- web/flows: fix display error when using IdentificationStage without input fields
+
 ## Upgrading
 
 This release does not introduce any new requirements.

website/docs/troubleshooting/emails.md

@@ -19,5 +19,5 @@ docker-compose exec -it worker ./manage.py test_email [...]
 To run this command with Kubernetes, use
 
 ```
-kubectl exec -it authentik-worker-xxxxx -- ./manage.py test_email [...]
+kubectl exec -it deployment/authentik-worker -c authentik -- ./manage.py test_email [...]
 ```

website/docs/troubleshooting/login.md

@@ -17,7 +17,7 @@ docker-compose run --rm server create_recovery_key 10 akadmin
 or, for Kubernetes, run
 
 ```
-kubectl exec -it authentik-web-<hash> -- ./manage.py create_recovery_key 10 akadmin
+kubectl exec -it deployment/authentik-web -c authentik -- ak create_recovery_key 10 akadmin
 ```
 
 This will output a link, that can be used to instantly gain access to authentik as the user specified above. The link is valid for amount of years specified above, in this case, 10 years.

website/docs/troubleshooting/missing_permission.md

@@ -11,7 +11,7 @@ If it does, you can run the following command to ensure all permissions exist:
 ```
 docker-compose run --rm worker repair_permissions
 # Or for kubernetes
-kubectl exec -it authentik-worker-.... -- ak repair_permissions
+kubectl exec -it deployment/authentik-worker -c authentik -- ak repair_permissions
 ```
 
 If the error persists after running this command, please open an Issue on [GitHub](https://github.com/goauthentik/authentik/issues/)

website/package-lock.json

@@ -8,8 +8,8 @@
             "name": "authentik-docs",
             "version": "0.0.0",
             "dependencies": {
-                "@docusaurus/plugin-client-redirects": "2.0.0-beta.5",
-                "@docusaurus/preset-classic": "2.0.0-beta.5",
+                "@docusaurus/plugin-client-redirects": "2.0.0-beta.6",
+                "@docusaurus/preset-classic": "2.0.0-beta.6",
                 "@mdx-js/react": "^1.6.22",
                 "@sentry/react": "^6.12.0",
                 "@sentry/tracing": "^6.12.0",
@@ -1934,9 +1934,9 @@
             }
         },
         "node_modules/@docusaurus/core": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/core/-/core-2.0.0-beta.5.tgz",
-            "integrity": "sha512-LERPgERVmui0Fb/aIEsd0/1O8VMWW2+vokoPJFHsCswNkk+63C+Ko6luu2z1QoXhbUGAVEJKTb4Z2NAZ5eSF5Q==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/core/-/core-2.0.0-beta.6.tgz",
+            "integrity": "sha512-XMeI+lJKeJBGYBNOfO/Tc+5FMf21E5p1xZjfe75cgYcfZdERZ+W7aemXquwReno8xxHb4Rnfmi9dxkbOLDjqDA==",
             "dependencies": {
                 "@babel/core": "^7.12.16",
                 "@babel/generator": "^7.12.15",
@@ -1948,12 +1948,12 @@
                 "@babel/runtime": "^7.12.5",
                 "@babel/runtime-corejs3": "^7.12.13",
                 "@babel/traverse": "^7.12.13",
-                "@docusaurus/cssnano-preset": "2.0.0-beta.5",
+                "@docusaurus/cssnano-preset": "2.0.0-beta.6",
                 "@docusaurus/react-loadable": "5.5.0",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-common": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-common": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "@slorber/static-site-generator-webpack-plugin": "^4.0.0",
                 "@svgr/webpack": "^5.5.0",
                 "autoprefixer": "^10.2.5",
@@ -2030,9 +2030,9 @@
             }
         },
         "node_modules/@docusaurus/cssnano-preset": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/cssnano-preset/-/cssnano-preset-2.0.0-beta.5.tgz",
-            "integrity": "sha512-qbGj3X5jcAuA/Nr6EKGRFUGYnMXAuuBg0PyJpKGXLi9/wuIGGuuO/FED2L3f9AONWXZmZuwtKQGXeGtVN8sKEg==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/cssnano-preset/-/cssnano-preset-2.0.0-beta.6.tgz",
+            "integrity": "sha512-RCizp2NAbADopkX5nUz1xrAbU6hGZzziQk9RdSDGJLzMgVCN6RDotq9odS8VgzNa9x2Lx3WN527UxeEbzc2GVQ==",
             "dependencies": {
                 "cssnano-preset-advanced": "^5.1.1",
                 "postcss": "^8.2.15",
@@ -2040,14 +2040,14 @@
             }
         },
         "node_modules/@docusaurus/mdx-loader": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/mdx-loader/-/mdx-loader-2.0.0-beta.5.tgz",
-            "integrity": "sha512-6e1SPIIEuXomdpYnP3dkAu/6Y6aInu5vRBBc1GjLvy1RzrX1NTLdQtNdjjaEctP0eyddkyc9tkQwH0p2Wav8Zw==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/mdx-loader/-/mdx-loader-2.0.0-beta.6.tgz",
+            "integrity": "sha512-yO6N+OESR77WZ/pXz7muOJGLletYYksx7s7wrwrr0x+A8tzdSwiHZ9op0NyjjpW5AnItU/WQQfcjv37qv4K6HA==",
             "dependencies": {
                 "@babel/parser": "^7.12.16",
                 "@babel/traverse": "^7.12.13",
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
                 "@mdx-js/mdx": "^1.6.21",
                 "@mdx-js/react": "^1.6.21",
                 "chalk": "^4.1.1",
@@ -2072,15 +2072,15 @@
             }
         },
         "node_modules/@docusaurus/plugin-client-redirects": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-client-redirects/-/plugin-client-redirects-2.0.0-beta.5.tgz",
-            "integrity": "sha512-tWYde0PLUULMW7tCVWxZosjLvE42MLOrt6QGz1YVGzOrSCkY54hozn5zJgRASdzh+9zdtdJbq52cIv7284ET9g==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-client-redirects/-/plugin-client-redirects-2.0.0-beta.6.tgz",
+            "integrity": "sha512-/tryRByGwuPjrqHf5cSh1VS9oUX+SVHF8ElW8N7CDiTDyjUagffxTumKDMvZiWEzv0++l/MRwSc/PkZk0mOBWQ==",
             "dependencies": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-common": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-common": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "chalk": "^4.1.1",
                 "eta": "^1.11.0",
                 "fs-extra": "^10.0.0",
@@ -2097,15 +2097,15 @@
             }
         },
         "node_modules/@docusaurus/plugin-content-blog": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-blog/-/plugin-content-blog-2.0.0-beta.5.tgz",
-            "integrity": "sha512-gZmsBKibSE6/0LeGtpPtcRCvbl8XnRwsWhDGVf13CswnKSwmyE7FWq1ymAzgA4xJx//UamaRzZB9449+l2HVCg==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-blog/-/plugin-content-blog-2.0.0-beta.6.tgz",
+            "integrity": "sha512-ohfMt7+rPiFQImc4Clpvc9m/1yWUQAjpG3e/coJywlJYbDXvi1pmH0VKkDUMBSe/35Wtz9457DYgNFG81lhV7Q==",
             "dependencies": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/mdx-loader": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/mdx-loader": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "chalk": "^4.1.1",
                 "escape-string-regexp": "^4.0.0",
                 "feed": "^4.2.2",
@@ -2128,15 +2128,15 @@
             }
         },
         "node_modules/@docusaurus/plugin-content-docs": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-docs/-/plugin-content-docs-2.0.0-beta.5.tgz",
-            "integrity": "sha512-9WXa+UK4/oOnGdk2aWLfE/151v6tf4jgxgRSM+V9jH9FQiluG5APDz0lH62wSTZbl8PjflK5BBhl17tCjGvvgQ==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-docs/-/plugin-content-docs-2.0.0-beta.6.tgz",
+            "integrity": "sha512-cM5WWogWmX+qKPKv332eDWGRVVT5OjskbmFKe2QimwoaON3Cv6XY8Fo2xdYopqGIU0r0z8dVtRmoGS0ji7zB7w==",
             "dependencies": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/mdx-loader": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/mdx-loader": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "chalk": "^4.1.1",
                 "combine-promises": "^1.1.0",
                 "escape-string-regexp": "^4.0.0",
@@ -2186,15 +2186,15 @@
             }
         },
         "node_modules/@docusaurus/plugin-content-pages": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-pages/-/plugin-content-pages-2.0.0-beta.5.tgz",
-            "integrity": "sha512-1amYXgCc+ZqU8KScwG5zXWIGcy9OdrmmhB6LUuE+vfn+jVOdn8oVTkR8JTVMqmvLhyxmL30ixO06UsstQvKAJQ==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-pages/-/plugin-content-pages-2.0.0-beta.6.tgz",
+            "integrity": "sha512-N6wARzOA8gTFeBXZSKbAN5s1Ej6R/pVg+J946E8GCYefXTFikTNRQ8+OPhax4MRzgzoOvhTQbLbRCSoAzSmjig==",
             "dependencies": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/mdx-loader": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/mdx-loader": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "globby": "^11.0.2",
                 "lodash": "^4.17.20",
                 "remark-admonitions": "^1.2.1",
@@ -2210,13 +2210,14 @@
             }
         },
         "node_modules/@docusaurus/plugin-debug": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-debug/-/plugin-debug-2.0.0-beta.5.tgz",
-            "integrity": "sha512-ITrgRNic+NY9HMzUKzYhh6Mz/tgKQjdJYVizA/kbP5pkjB8FunE+0B12km9UNBzuT4ETGdNKgQGAqzrcrjpnag==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-debug/-/plugin-debug-2.0.0-beta.6.tgz",
+            "integrity": "sha512-TJXDBR2Gr/mhBrcj+/4+rTShSm/Qg56Jfezbm/2fFvuPgVlUwy6oj08s2/kYSTmkfG7G+c4iX1GBHjtyo1KxZA==",
             "dependencies": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "fs-extra": "^9.1.0",
                 "react-json-view": "^1.21.3",
                 "tslib": "^2.1.0"
             },
@@ -2228,12 +2229,26 @@
                 "react-dom": "^16.8.4 || ^17.0.0"
             }
         },
-        "node_modules/@docusaurus/plugin-google-analytics": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-analytics/-/plugin-google-analytics-2.0.0-beta.5.tgz",
-            "integrity": "sha512-ncG+SCafoqFhtOMJwk9IZbzZCdy1bgmOjNCSfF6mmDp9laYYJBplBtqItIBQTuycIyKCxznKzi2q8l9989uMrA==",
+        "node_modules/@docusaurus/plugin-debug/node_modules/fs-extra": {
+            "version": "9.1.0",
+            "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
+            "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
             "dependencies": {
-                "@docusaurus/core": "2.0.0-beta.5"
+                "at-least-node": "^1.0.0",
+                "graceful-fs": "^4.2.0",
+                "jsonfile": "^6.0.1",
+                "universalify": "^2.0.0"
+            },
+            "engines": {
+                "node": ">=10"
+            }
+        },
+        "node_modules/@docusaurus/plugin-google-analytics": {
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-analytics/-/plugin-google-analytics-2.0.0-beta.6.tgz",
+            "integrity": "sha512-AHbMNPN3gkWXYFnmHL9MBcRODByAgzHZoH/5v3xwbSV2FOZo6kx4Hp94I6oFM0o5mp+i6X7slDncgGTWSGxCMg==",
+            "dependencies": {
+                "@docusaurus/core": "2.0.0-beta.6"
             },
             "engines": {
                 "node": ">=12.13.0"
@@ -2244,11 +2259,11 @@
             }
         },
         "node_modules/@docusaurus/plugin-google-gtag": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-gtag/-/plugin-google-gtag-2.0.0-beta.5.tgz",
-            "integrity": "sha512-FMWAXCLCUwEk7wykOAcM6vs3tHWVIU/T1PElqcoD7fh9521ocZ/5L8yyWWfJ+nX/90TVs+7nOFY0vNl2I2MYZg==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-gtag/-/plugin-google-gtag-2.0.0-beta.6.tgz",
+            "integrity": "sha512-uJyQ30sXbVRS3TGtVJFA0s1ozrluuREu6NK2Z3TLtKpeT2NTe5iaqXN0Xp749hr3bjbgpEe6gMixVh//jg503w==",
             "dependencies": {
-                "@docusaurus/core": "2.0.0-beta.5"
+                "@docusaurus/core": "2.0.0-beta.6"
             },
             "engines": {
                 "node": ">=12.13.0"
@@ -2259,15 +2274,15 @@
             }
         },
         "node_modules/@docusaurus/plugin-sitemap": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-sitemap/-/plugin-sitemap-2.0.0-beta.5.tgz",
-            "integrity": "sha512-QcIIMNmyMnOm5q/zyzidixNIB+yE7/ouUi/62wr5+ZkO/rvvObVe+r9Tdl90SmvsJH17y290EWEy9kunoRyG0w==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-sitemap/-/plugin-sitemap-2.0.0-beta.6.tgz",
+            "integrity": "sha512-jpTaODqyCgg+20RtMw8gSvCKQOvH18FpKhIu6FG+z4zgHP33qaJouVM7/1ZKPrfNt4z7xDOyBNUzzdmpssHA8A==",
             "dependencies": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-common": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-common": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "fs-extra": "^10.0.0",
                 "sitemap": "^7.0.0",
                 "tslib": "^2.2.0"
@@ -2281,20 +2296,20 @@
             }
         },
         "node_modules/@docusaurus/preset-classic": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/preset-classic/-/preset-classic-2.0.0-beta.5.tgz",
-            "integrity": "sha512-hcPLYwMEMDuc/lNloDRh3SKpZneQLaz0Zj8CI7jsislp4iBz9QtbWZzruoXsJe7noSfqsBcTJqRlNw7/UwEyTA==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/preset-classic/-/preset-classic-2.0.0-beta.6.tgz",
+            "integrity": "sha512-riqQRcNssNH7oto8nAjYIO79/ZucidexHTDlgD+trP56ploHLJp4kIlxb44IGOmx3es8/z4egWtM+acY/39N2Q==",
             "dependencies": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-blog": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-docs": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-pages": "2.0.0-beta.5",
-                "@docusaurus/plugin-debug": "2.0.0-beta.5",
-                "@docusaurus/plugin-google-analytics": "2.0.0-beta.5",
-                "@docusaurus/plugin-google-gtag": "2.0.0-beta.5",
-                "@docusaurus/plugin-sitemap": "2.0.0-beta.5",
-                "@docusaurus/theme-classic": "2.0.0-beta.5",
-                "@docusaurus/theme-search-algolia": "2.0.0-beta.5"
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-blog": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-docs": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-pages": "2.0.0-beta.6",
+                "@docusaurus/plugin-debug": "2.0.0-beta.6",
+                "@docusaurus/plugin-google-analytics": "2.0.0-beta.6",
+                "@docusaurus/plugin-google-gtag": "2.0.0-beta.6",
+                "@docusaurus/plugin-sitemap": "2.0.0-beta.6",
+                "@docusaurus/theme-classic": "2.0.0-beta.6",
+                "@docusaurus/theme-search-algolia": "2.0.0-beta.6"
             },
             "engines": {
                 "node": ">=12.13.0"
@@ -2316,19 +2331,19 @@
             }
         },
         "node_modules/@docusaurus/theme-classic": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/theme-classic/-/theme-classic-2.0.0-beta.5.tgz",
-            "integrity": "sha512-AtBifB1mRMI5W0ORlY5M/QEnHUB/wvGLRkLegBbgBAiTy2IGr99GUXRRminQI2AQuFTwYAMLQoSVSeJ0w1q49g==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/theme-classic/-/theme-classic-2.0.0-beta.6.tgz",
+            "integrity": "sha512-fMb6gAKUdaojInZabimIJE+yPWs8dQfmZII7v/LHmgxafh/FylmrBkKhyJfa2ix4QRibo9E01LGX44/aKzemxw==",
             "dependencies": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-blog": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-docs": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-pages": "2.0.0-beta.5",
-                "@docusaurus/theme-common": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-common": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-blog": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-docs": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-pages": "2.0.0-beta.6",
+                "@docusaurus/theme-common": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-common": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "@mdx-js/mdx": "^1.6.21",
                 "@mdx-js/react": "^1.6.21",
                 "chalk": "^4.1.1",
@@ -2336,7 +2351,7 @@
                 "copy-text-to-clipboard": "^3.0.1",
                 "fs-extra": "^10.0.0",
                 "globby": "^11.0.2",
-                "infima": "0.2.0-alpha.31",
+                "infima": "0.2.0-alpha.33",
                 "lodash": "^4.17.20",
                 "parse-numeric-range": "^1.2.0",
                 "postcss": "^8.2.15",
@@ -2355,15 +2370,15 @@
             }
         },
         "node_modules/@docusaurus/theme-common": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/theme-common/-/theme-common-2.0.0-beta.5.tgz",
-            "integrity": "sha512-6XEM8NzpR2Q42qkhPdI46M/7lLcZcOCgqmQfmj319sGmKkfhPuYPuIUvNqorxldZqLYuV8/9q7WAPjAgj+wawA==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/theme-common/-/theme-common-2.0.0-beta.6.tgz",
+            "integrity": "sha512-53nFWMjpFdyHEvBfQQQoDm9rNKgGangy7vSp1B/F3+uRyYAItE7O4l8MdOALXFALlddiiPYvCtI1qGx2dnzndA==",
             "dependencies": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-blog": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-docs": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-pages": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-blog": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-docs": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-pages": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
                 "clsx": "^1.1.1",
                 "fs-extra": "^10.0.0",
                 "tslib": "^2.1.0"
@@ -2378,15 +2393,15 @@
             }
         },
         "node_modules/@docusaurus/theme-search-algolia": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/theme-search-algolia/-/theme-search-algolia-2.0.0-beta.5.tgz",
-            "integrity": "sha512-+3XG4SHJ4xukvv/WDKRejf3qSTVa3ufOv6hlZ32H8RAmfJmI/Rmsm/oueB86xBw/OkznIXx6M8HzchfYCHWxSA==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/theme-search-algolia/-/theme-search-algolia-2.0.0-beta.6.tgz",
+            "integrity": "sha512-GaaYdf6EEKL3jwmt9LRyiMtNvobOhw4vGuYJKbJcgba/M75kOJSbZPRrhALBAe6o4gOYbV44afzFC/jUUp7dsA==",
             "dependencies": {
                 "@docsearch/react": "^3.0.0-alpha.39",
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/theme-common": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/theme-common": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "algoliasearch": "^4.8.4",
                 "algoliasearch-helper": "^3.3.4",
                 "clsx": "^1.1.1",
@@ -2402,9 +2417,9 @@
             }
         },
         "node_modules/@docusaurus/types": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/types/-/types-2.0.0-beta.5.tgz",
-            "integrity": "sha512-WtwR5O67cTK6wo9KnSxqBpgC26M6Z90PgX5Gun/Re8Ix+GVEqIzzev9C/2P2Da2TW0sgSkjWNr1tHaNxNMPLkQ==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/types/-/types-2.0.0-beta.6.tgz",
+            "integrity": "sha512-TrwxyI93XTZEhOmdEI8FPKDbGV61zE9PzXCdE1alwz1NOV+YXwcv+9sRTZEVLqBpr+TIja+IeeS6mxnyen/Ptg==",
             "dependencies": {
                 "commander": "^5.1.0",
                 "joi": "^17.4.0",
@@ -2414,11 +2429,11 @@
             }
         },
         "node_modules/@docusaurus/utils": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/utils/-/utils-2.0.0-beta.5.tgz",
-            "integrity": "sha512-hIzuARFMqXqljTdbF19bYRw+fqqK2gHlzepeC9uJfLLaGmirPFDPjr+BN9oiajBhNx2CgvJVl/66lEx4hrd7uQ==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/utils/-/utils-2.0.0-beta.6.tgz",
+            "integrity": "sha512-S72/o7VDaTvrXJy+NpfuctghGGoMW30m94PMkrL3I6V+o5eE2Uzax7dbM++moclmHvi0/Khv+TXmRIQs6ZvwgQ==",
             "dependencies": {
-                "@docusaurus/types": "2.0.0-beta.5",
+                "@docusaurus/types": "2.0.0-beta.6",
                 "@types/github-slugger": "^1.3.0",
                 "chalk": "^4.1.1",
                 "escape-string-regexp": "^4.0.0",
@@ -2435,11 +2450,11 @@
             }
         },
         "node_modules/@docusaurus/utils-common": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/utils-common/-/utils-common-2.0.0-beta.5.tgz",
-            "integrity": "sha512-LUHEfZ9QGwBCpmGfLiPz5ENipxicsBlzIu+jUuB6I+ljX4Cd2OFkjDVmL0kjHR80sh0KJzNizpjsVj3l3jN9RA==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/utils-common/-/utils-common-2.0.0-beta.6.tgz",
+            "integrity": "sha512-MKm6bJxvsYWRl072jLR60z+71tTWSxoERh2eTmCYlegFnu3Tby3HOC8I3jDcC6VpVuoDGsBGNoQbOgy2LqQbXQ==",
             "dependencies": {
-                "@docusaurus/types": "2.0.0-beta.5",
+                "@docusaurus/types": "2.0.0-beta.6",
                 "tslib": "^2.2.0"
             },
             "engines": {
@@ -2447,11 +2462,11 @@
             }
         },
         "node_modules/@docusaurus/utils-validation": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/utils-validation/-/utils-validation-2.0.0-beta.5.tgz",
-            "integrity": "sha512-VWj1BRYejcGewWP3BKSm3a5dVzQWA9w9MDQUCylR2NxywOxonoUPo9nz5g9bN+C3rwuelfA5u3MORu2q2+rbLw==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/utils-validation/-/utils-validation-2.0.0-beta.6.tgz",
+            "integrity": "sha512-v0nk9bpawUd2JFDFyiHDmZuMG+/O1UvxtxvcRbvrxrul+rlzD7Q9CGxMgW3Grp2OCKQ4yFXRidBIccwqON5AVw==",
             "dependencies": {
-                "@docusaurus/utils": "2.0.0-beta.5",
+                "@docusaurus/utils": "2.0.0-beta.6",
                 "chalk": "^4.1.1",
                 "joi": "^17.4.0",
                 "tslib": "^2.1.0"
@@ -3632,6 +3647,14 @@
             "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
             "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k="
         },
+        "node_modules/at-least-node": {
+            "version": "1.0.0",
+            "resolved": "https://registry.npmjs.org/at-least-node/-/at-least-node-1.0.0.tgz",
+            "integrity": "sha512-+q/t7Ekv1EDY2l6Gda6LLiX14rU9TV20Wa3ofeQmwPFZbOMo9DXrLbOjFaaclkXKWidIaopwAObQDqwWtGUjqg==",
+            "engines": {
+                "node": ">= 4.0.0"
+            }
+        },
         "node_modules/atob": {
             "version": "2.1.2",
             "resolved": "https://registry.npmjs.org/atob/-/atob-2.1.2.tgz",
@@ -7907,9 +7930,9 @@
             }
         },
         "node_modules/infima": {
-            "version": "0.2.0-alpha.31",
-            "resolved": "https://registry.npmjs.org/infima/-/infima-0.2.0-alpha.31.tgz",
-            "integrity": "sha512-ggOAeyiQIFKZeYnH9lbhDBHFZhcYOa0LFKSMLgot33X21aJRu7ruwVUVwYg4kJnZRLGLeAjC5BVgLxKoLixuNQ==",
+            "version": "0.2.0-alpha.33",
+            "resolved": "https://registry.npmjs.org/infima/-/infima-0.2.0-alpha.33.tgz",
+            "integrity": "sha512-iLZI8/vGTbbhbeFhlWv1zwvrqfNDLAayuEdqZqNqCyGuh0IW469dRIRm0FLZ98YyLikt2njzuKfy6xUrBWRXcg==",
             "engines": {
                 "node": ">=12"
             }
@@ -16897,9 +16920,9 @@
             }
         },
         "@docusaurus/core": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/core/-/core-2.0.0-beta.5.tgz",
-            "integrity": "sha512-LERPgERVmui0Fb/aIEsd0/1O8VMWW2+vokoPJFHsCswNkk+63C+Ko6luu2z1QoXhbUGAVEJKTb4Z2NAZ5eSF5Q==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/core/-/core-2.0.0-beta.6.tgz",
+            "integrity": "sha512-XMeI+lJKeJBGYBNOfO/Tc+5FMf21E5p1xZjfe75cgYcfZdERZ+W7aemXquwReno8xxHb4Rnfmi9dxkbOLDjqDA==",
             "requires": {
                 "@babel/core": "^7.12.16",
                 "@babel/generator": "^7.12.15",
@@ -16911,12 +16934,12 @@
                 "@babel/runtime": "^7.12.5",
                 "@babel/runtime-corejs3": "^7.12.13",
                 "@babel/traverse": "^7.12.13",
-                "@docusaurus/cssnano-preset": "2.0.0-beta.5",
+                "@docusaurus/cssnano-preset": "2.0.0-beta.6",
                 "@docusaurus/react-loadable": "5.5.0",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-common": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-common": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "@slorber/static-site-generator-webpack-plugin": "^4.0.0",
                 "@svgr/webpack": "^5.5.0",
                 "autoprefixer": "^10.2.5",
@@ -16983,9 +17006,9 @@
             }
         },
         "@docusaurus/cssnano-preset": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/cssnano-preset/-/cssnano-preset-2.0.0-beta.5.tgz",
-            "integrity": "sha512-qbGj3X5jcAuA/Nr6EKGRFUGYnMXAuuBg0PyJpKGXLi9/wuIGGuuO/FED2L3f9AONWXZmZuwtKQGXeGtVN8sKEg==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/cssnano-preset/-/cssnano-preset-2.0.0-beta.6.tgz",
+            "integrity": "sha512-RCizp2NAbADopkX5nUz1xrAbU6hGZzziQk9RdSDGJLzMgVCN6RDotq9odS8VgzNa9x2Lx3WN527UxeEbzc2GVQ==",
             "requires": {
                 "cssnano-preset-advanced": "^5.1.1",
                 "postcss": "^8.2.15",
@@ -16993,14 +17016,14 @@
             }
         },
         "@docusaurus/mdx-loader": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/mdx-loader/-/mdx-loader-2.0.0-beta.5.tgz",
-            "integrity": "sha512-6e1SPIIEuXomdpYnP3dkAu/6Y6aInu5vRBBc1GjLvy1RzrX1NTLdQtNdjjaEctP0eyddkyc9tkQwH0p2Wav8Zw==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/mdx-loader/-/mdx-loader-2.0.0-beta.6.tgz",
+            "integrity": "sha512-yO6N+OESR77WZ/pXz7muOJGLletYYksx7s7wrwrr0x+A8tzdSwiHZ9op0NyjjpW5AnItU/WQQfcjv37qv4K6HA==",
             "requires": {
                 "@babel/parser": "^7.12.16",
                 "@babel/traverse": "^7.12.13",
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
                 "@mdx-js/mdx": "^1.6.21",
                 "@mdx-js/react": "^1.6.21",
                 "chalk": "^4.1.1",
@@ -17018,15 +17041,15 @@
             }
         },
         "@docusaurus/plugin-client-redirects": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-client-redirects/-/plugin-client-redirects-2.0.0-beta.5.tgz",
-            "integrity": "sha512-tWYde0PLUULMW7tCVWxZosjLvE42MLOrt6QGz1YVGzOrSCkY54hozn5zJgRASdzh+9zdtdJbq52cIv7284ET9g==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-client-redirects/-/plugin-client-redirects-2.0.0-beta.6.tgz",
+            "integrity": "sha512-/tryRByGwuPjrqHf5cSh1VS9oUX+SVHF8ElW8N7CDiTDyjUagffxTumKDMvZiWEzv0++l/MRwSc/PkZk0mOBWQ==",
             "requires": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-common": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-common": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "chalk": "^4.1.1",
                 "eta": "^1.11.0",
                 "fs-extra": "^10.0.0",
@@ -17036,15 +17059,15 @@
             }
         },
         "@docusaurus/plugin-content-blog": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-blog/-/plugin-content-blog-2.0.0-beta.5.tgz",
-            "integrity": "sha512-gZmsBKibSE6/0LeGtpPtcRCvbl8XnRwsWhDGVf13CswnKSwmyE7FWq1ymAzgA4xJx//UamaRzZB9449+l2HVCg==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-blog/-/plugin-content-blog-2.0.0-beta.6.tgz",
+            "integrity": "sha512-ohfMt7+rPiFQImc4Clpvc9m/1yWUQAjpG3e/coJywlJYbDXvi1pmH0VKkDUMBSe/35Wtz9457DYgNFG81lhV7Q==",
             "requires": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/mdx-loader": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/mdx-loader": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "chalk": "^4.1.1",
                 "escape-string-regexp": "^4.0.0",
                 "feed": "^4.2.2",
@@ -17060,15 +17083,15 @@
             }
         },
         "@docusaurus/plugin-content-docs": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-docs/-/plugin-content-docs-2.0.0-beta.5.tgz",
-            "integrity": "sha512-9WXa+UK4/oOnGdk2aWLfE/151v6tf4jgxgRSM+V9jH9FQiluG5APDz0lH62wSTZbl8PjflK5BBhl17tCjGvvgQ==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-docs/-/plugin-content-docs-2.0.0-beta.6.tgz",
+            "integrity": "sha512-cM5WWogWmX+qKPKv332eDWGRVVT5OjskbmFKe2QimwoaON3Cv6XY8Fo2xdYopqGIU0r0z8dVtRmoGS0ji7zB7w==",
             "requires": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/mdx-loader": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/mdx-loader": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "chalk": "^4.1.1",
                 "combine-promises": "^1.1.0",
                 "escape-string-regexp": "^4.0.0",
@@ -17107,15 +17130,15 @@
             }
         },
         "@docusaurus/plugin-content-pages": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-pages/-/plugin-content-pages-2.0.0-beta.5.tgz",
-            "integrity": "sha512-1amYXgCc+ZqU8KScwG5zXWIGcy9OdrmmhB6LUuE+vfn+jVOdn8oVTkR8JTVMqmvLhyxmL30ixO06UsstQvKAJQ==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-content-pages/-/plugin-content-pages-2.0.0-beta.6.tgz",
+            "integrity": "sha512-N6wARzOA8gTFeBXZSKbAN5s1Ej6R/pVg+J946E8GCYefXTFikTNRQ8+OPhax4MRzgzoOvhTQbLbRCSoAzSmjig==",
             "requires": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/mdx-loader": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/mdx-loader": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "globby": "^11.0.2",
                 "lodash": "^4.17.20",
                 "remark-admonitions": "^1.2.1",
@@ -17124,63 +17147,77 @@
             }
         },
         "@docusaurus/plugin-debug": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-debug/-/plugin-debug-2.0.0-beta.5.tgz",
-            "integrity": "sha512-ITrgRNic+NY9HMzUKzYhh6Mz/tgKQjdJYVizA/kbP5pkjB8FunE+0B12km9UNBzuT4ETGdNKgQGAqzrcrjpnag==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-debug/-/plugin-debug-2.0.0-beta.6.tgz",
+            "integrity": "sha512-TJXDBR2Gr/mhBrcj+/4+rTShSm/Qg56Jfezbm/2fFvuPgVlUwy6oj08s2/kYSTmkfG7G+c4iX1GBHjtyo1KxZA==",
             "requires": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "fs-extra": "^9.1.0",
                 "react-json-view": "^1.21.3",
                 "tslib": "^2.1.0"
+            },
+            "dependencies": {
+                "fs-extra": {
+                    "version": "9.1.0",
+                    "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
+                    "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
+                    "requires": {
+                        "at-least-node": "^1.0.0",
+                        "graceful-fs": "^4.2.0",
+                        "jsonfile": "^6.0.1",
+                        "universalify": "^2.0.0"
+                    }
+                }
             }
         },
         "@docusaurus/plugin-google-analytics": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-analytics/-/plugin-google-analytics-2.0.0-beta.5.tgz",
-            "integrity": "sha512-ncG+SCafoqFhtOMJwk9IZbzZCdy1bgmOjNCSfF6mmDp9laYYJBplBtqItIBQTuycIyKCxznKzi2q8l9989uMrA==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-analytics/-/plugin-google-analytics-2.0.0-beta.6.tgz",
+            "integrity": "sha512-AHbMNPN3gkWXYFnmHL9MBcRODByAgzHZoH/5v3xwbSV2FOZo6kx4Hp94I6oFM0o5mp+i6X7slDncgGTWSGxCMg==",
             "requires": {
-                "@docusaurus/core": "2.0.0-beta.5"
+                "@docusaurus/core": "2.0.0-beta.6"
             }
         },
         "@docusaurus/plugin-google-gtag": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-gtag/-/plugin-google-gtag-2.0.0-beta.5.tgz",
-            "integrity": "sha512-FMWAXCLCUwEk7wykOAcM6vs3tHWVIU/T1PElqcoD7fh9521ocZ/5L8yyWWfJ+nX/90TVs+7nOFY0vNl2I2MYZg==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-google-gtag/-/plugin-google-gtag-2.0.0-beta.6.tgz",
+            "integrity": "sha512-uJyQ30sXbVRS3TGtVJFA0s1ozrluuREu6NK2Z3TLtKpeT2NTe5iaqXN0Xp749hr3bjbgpEe6gMixVh//jg503w==",
             "requires": {
-                "@docusaurus/core": "2.0.0-beta.5"
+                "@docusaurus/core": "2.0.0-beta.6"
             }
         },
         "@docusaurus/plugin-sitemap": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-sitemap/-/plugin-sitemap-2.0.0-beta.5.tgz",
-            "integrity": "sha512-QcIIMNmyMnOm5q/zyzidixNIB+yE7/ouUi/62wr5+ZkO/rvvObVe+r9Tdl90SmvsJH17y290EWEy9kunoRyG0w==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/plugin-sitemap/-/plugin-sitemap-2.0.0-beta.6.tgz",
+            "integrity": "sha512-jpTaODqyCgg+20RtMw8gSvCKQOvH18FpKhIu6FG+z4zgHP33qaJouVM7/1ZKPrfNt4z7xDOyBNUzzdmpssHA8A==",
             "requires": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-common": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-common": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "fs-extra": "^10.0.0",
                 "sitemap": "^7.0.0",
                 "tslib": "^2.2.0"
             }
         },
         "@docusaurus/preset-classic": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/preset-classic/-/preset-classic-2.0.0-beta.5.tgz",
-            "integrity": "sha512-hcPLYwMEMDuc/lNloDRh3SKpZneQLaz0Zj8CI7jsislp4iBz9QtbWZzruoXsJe7noSfqsBcTJqRlNw7/UwEyTA==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/preset-classic/-/preset-classic-2.0.0-beta.6.tgz",
+            "integrity": "sha512-riqQRcNssNH7oto8nAjYIO79/ZucidexHTDlgD+trP56ploHLJp4kIlxb44IGOmx3es8/z4egWtM+acY/39N2Q==",
             "requires": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-blog": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-docs": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-pages": "2.0.0-beta.5",
-                "@docusaurus/plugin-debug": "2.0.0-beta.5",
-                "@docusaurus/plugin-google-analytics": "2.0.0-beta.5",
-                "@docusaurus/plugin-google-gtag": "2.0.0-beta.5",
-                "@docusaurus/plugin-sitemap": "2.0.0-beta.5",
-                "@docusaurus/theme-classic": "2.0.0-beta.5",
-                "@docusaurus/theme-search-algolia": "2.0.0-beta.5"
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-blog": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-docs": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-pages": "2.0.0-beta.6",
+                "@docusaurus/plugin-debug": "2.0.0-beta.6",
+                "@docusaurus/plugin-google-analytics": "2.0.0-beta.6",
+                "@docusaurus/plugin-google-gtag": "2.0.0-beta.6",
+                "@docusaurus/plugin-sitemap": "2.0.0-beta.6",
+                "@docusaurus/theme-classic": "2.0.0-beta.6",
+                "@docusaurus/theme-search-algolia": "2.0.0-beta.6"
             }
         },
         "@docusaurus/react-loadable": {
@@ -17192,19 +17229,19 @@
             }
         },
         "@docusaurus/theme-classic": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/theme-classic/-/theme-classic-2.0.0-beta.5.tgz",
-            "integrity": "sha512-AtBifB1mRMI5W0ORlY5M/QEnHUB/wvGLRkLegBbgBAiTy2IGr99GUXRRminQI2AQuFTwYAMLQoSVSeJ0w1q49g==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/theme-classic/-/theme-classic-2.0.0-beta.6.tgz",
+            "integrity": "sha512-fMb6gAKUdaojInZabimIJE+yPWs8dQfmZII7v/LHmgxafh/FylmrBkKhyJfa2ix4QRibo9E01LGX44/aKzemxw==",
             "requires": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-blog": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-docs": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-pages": "2.0.0-beta.5",
-                "@docusaurus/theme-common": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-common": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-blog": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-docs": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-pages": "2.0.0-beta.6",
+                "@docusaurus/theme-common": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-common": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "@mdx-js/mdx": "^1.6.21",
                 "@mdx-js/react": "^1.6.21",
                 "chalk": "^4.1.1",
@@ -17212,7 +17249,7 @@
                 "copy-text-to-clipboard": "^3.0.1",
                 "fs-extra": "^10.0.0",
                 "globby": "^11.0.2",
-                "infima": "0.2.0-alpha.31",
+                "infima": "0.2.0-alpha.33",
                 "lodash": "^4.17.20",
                 "parse-numeric-range": "^1.2.0",
                 "postcss": "^8.2.15",
@@ -17224,30 +17261,30 @@
             }
         },
         "@docusaurus/theme-common": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/theme-common/-/theme-common-2.0.0-beta.5.tgz",
-            "integrity": "sha512-6XEM8NzpR2Q42qkhPdI46M/7lLcZcOCgqmQfmj319sGmKkfhPuYPuIUvNqorxldZqLYuV8/9q7WAPjAgj+wawA==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/theme-common/-/theme-common-2.0.0-beta.6.tgz",
+            "integrity": "sha512-53nFWMjpFdyHEvBfQQQoDm9rNKgGangy7vSp1B/F3+uRyYAItE7O4l8MdOALXFALlddiiPYvCtI1qGx2dnzndA==",
             "requires": {
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-blog": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-docs": "2.0.0-beta.5",
-                "@docusaurus/plugin-content-pages": "2.0.0-beta.5",
-                "@docusaurus/types": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-blog": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-docs": "2.0.0-beta.6",
+                "@docusaurus/plugin-content-pages": "2.0.0-beta.6",
+                "@docusaurus/types": "2.0.0-beta.6",
                 "clsx": "^1.1.1",
                 "fs-extra": "^10.0.0",
                 "tslib": "^2.1.0"
             }
         },
         "@docusaurus/theme-search-algolia": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/theme-search-algolia/-/theme-search-algolia-2.0.0-beta.5.tgz",
-            "integrity": "sha512-+3XG4SHJ4xukvv/WDKRejf3qSTVa3ufOv6hlZ32H8RAmfJmI/Rmsm/oueB86xBw/OkznIXx6M8HzchfYCHWxSA==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/theme-search-algolia/-/theme-search-algolia-2.0.0-beta.6.tgz",
+            "integrity": "sha512-GaaYdf6EEKL3jwmt9LRyiMtNvobOhw4vGuYJKbJcgba/M75kOJSbZPRrhALBAe6o4gOYbV44afzFC/jUUp7dsA==",
             "requires": {
                 "@docsearch/react": "^3.0.0-alpha.39",
-                "@docusaurus/core": "2.0.0-beta.5",
-                "@docusaurus/theme-common": "2.0.0-beta.5",
-                "@docusaurus/utils": "2.0.0-beta.5",
-                "@docusaurus/utils-validation": "2.0.0-beta.5",
+                "@docusaurus/core": "2.0.0-beta.6",
+                "@docusaurus/theme-common": "2.0.0-beta.6",
+                "@docusaurus/utils": "2.0.0-beta.6",
+                "@docusaurus/utils-validation": "2.0.0-beta.6",
                 "algoliasearch": "^4.8.4",
                 "algoliasearch-helper": "^3.3.4",
                 "clsx": "^1.1.1",
@@ -17256,9 +17293,9 @@
             }
         },
         "@docusaurus/types": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/types/-/types-2.0.0-beta.5.tgz",
-            "integrity": "sha512-WtwR5O67cTK6wo9KnSxqBpgC26M6Z90PgX5Gun/Re8Ix+GVEqIzzev9C/2P2Da2TW0sgSkjWNr1tHaNxNMPLkQ==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/types/-/types-2.0.0-beta.6.tgz",
+            "integrity": "sha512-TrwxyI93XTZEhOmdEI8FPKDbGV61zE9PzXCdE1alwz1NOV+YXwcv+9sRTZEVLqBpr+TIja+IeeS6mxnyen/Ptg==",
             "requires": {
                 "commander": "^5.1.0",
                 "joi": "^17.4.0",
@@ -17268,11 +17305,11 @@
             }
         },
         "@docusaurus/utils": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/utils/-/utils-2.0.0-beta.5.tgz",
-            "integrity": "sha512-hIzuARFMqXqljTdbF19bYRw+fqqK2gHlzepeC9uJfLLaGmirPFDPjr+BN9oiajBhNx2CgvJVl/66lEx4hrd7uQ==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/utils/-/utils-2.0.0-beta.6.tgz",
+            "integrity": "sha512-S72/o7VDaTvrXJy+NpfuctghGGoMW30m94PMkrL3I6V+o5eE2Uzax7dbM++moclmHvi0/Khv+TXmRIQs6ZvwgQ==",
             "requires": {
-                "@docusaurus/types": "2.0.0-beta.5",
+                "@docusaurus/types": "2.0.0-beta.6",
                 "@types/github-slugger": "^1.3.0",
                 "chalk": "^4.1.1",
                 "escape-string-regexp": "^4.0.0",
@@ -17286,20 +17323,20 @@
             }
         },
         "@docusaurus/utils-common": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/utils-common/-/utils-common-2.0.0-beta.5.tgz",
-            "integrity": "sha512-LUHEfZ9QGwBCpmGfLiPz5ENipxicsBlzIu+jUuB6I+ljX4Cd2OFkjDVmL0kjHR80sh0KJzNizpjsVj3l3jN9RA==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/utils-common/-/utils-common-2.0.0-beta.6.tgz",
+            "integrity": "sha512-MKm6bJxvsYWRl072jLR60z+71tTWSxoERh2eTmCYlegFnu3Tby3HOC8I3jDcC6VpVuoDGsBGNoQbOgy2LqQbXQ==",
             "requires": {
-                "@docusaurus/types": "2.0.0-beta.5",
+                "@docusaurus/types": "2.0.0-beta.6",
                 "tslib": "^2.2.0"
             }
         },
         "@docusaurus/utils-validation": {
-            "version": "2.0.0-beta.5",
-            "resolved": "https://registry.npmjs.org/@docusaurus/utils-validation/-/utils-validation-2.0.0-beta.5.tgz",
-            "integrity": "sha512-VWj1BRYejcGewWP3BKSm3a5dVzQWA9w9MDQUCylR2NxywOxonoUPo9nz5g9bN+C3rwuelfA5u3MORu2q2+rbLw==",
+            "version": "2.0.0-beta.6",
+            "resolved": "https://registry.npmjs.org/@docusaurus/utils-validation/-/utils-validation-2.0.0-beta.6.tgz",
+            "integrity": "sha512-v0nk9bpawUd2JFDFyiHDmZuMG+/O1UvxtxvcRbvrxrul+rlzD7Q9CGxMgW3Grp2OCKQ4yFXRidBIccwqON5AVw==",
             "requires": {
-                "@docusaurus/utils": "2.0.0-beta.5",
+                "@docusaurus/utils": "2.0.0-beta.6",
                 "chalk": "^4.1.1",
                 "joi": "^17.4.0",
                 "tslib": "^2.1.0"
@@ -18232,6 +18269,11 @@
             "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
             "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k="
         },
+        "at-least-node": {
+            "version": "1.0.0",
+            "resolved": "https://registry.npmjs.org/at-least-node/-/at-least-node-1.0.0.tgz",
+            "integrity": "sha512-+q/t7Ekv1EDY2l6Gda6LLiX14rU9TV20Wa3ofeQmwPFZbOMo9DXrLbOjFaaclkXKWidIaopwAObQDqwWtGUjqg=="
+        },
         "atob": {
             "version": "2.1.2",
             "resolved": "https://registry.npmjs.org/atob/-/atob-2.1.2.tgz",
@@ -21471,9 +21513,9 @@
             "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg=="
         },
         "infima": {
-            "version": "0.2.0-alpha.31",
-            "resolved": "https://registry.npmjs.org/infima/-/infima-0.2.0-alpha.31.tgz",
-            "integrity": "sha512-ggOAeyiQIFKZeYnH9lbhDBHFZhcYOa0LFKSMLgot33X21aJRu7ruwVUVwYg4kJnZRLGLeAjC5BVgLxKoLixuNQ=="
+            "version": "0.2.0-alpha.33",
+            "resolved": "https://registry.npmjs.org/infima/-/infima-0.2.0-alpha.33.tgz",
+            "integrity": "sha512-iLZI8/vGTbbhbeFhlWv1zwvrqfNDLAayuEdqZqNqCyGuh0IW469dRIRm0FLZ98YyLikt2njzuKfy6xUrBWRXcg=="
         },
         "inflight": {
             "version": "1.0.6",

website/package.json

@@ -12,8 +12,8 @@
         "serve": "docusaurus serve"
     },
     "dependencies": {
-        "@docusaurus/plugin-client-redirects": "2.0.0-beta.5",
-        "@docusaurus/preset-classic": "2.0.0-beta.5",
+        "@docusaurus/plugin-client-redirects": "2.0.0-beta.6",
+        "@docusaurus/preset-classic": "2.0.0-beta.6",
         "@mdx-js/react": "^1.6.22",
         "@sentry/react": "^6.12.0",
         "@sentry/tracing": "^6.12.0",