Releases: goauthentik/authentik
Release 2024.10.0-rc1
See https://docs.goauthentik.io/docs/releases/2024.10
What's Changed
- translate: Updates for file web/xliff/en.xlf in zh-Hans by @transifex-integration in #11071
- translate: Updates for file web/xliff/en.xlf in zh_CN by @transifex-integration in #11070
- website/docs: prepare release notes for 2024.8 by @BeryJu in #11011
- web: bump rollup from 4.21.0 to 4.21.1 in /web/sfe by @dependabot in #11083
- web: bump rollup from 4.21.0 to 4.21.1 in /web by @dependabot in #11082
- web: bump typescript-eslint from 8.2.0 to 8.3.0 in /web by @dependabot in #11081
- core: bump twilio from 9.2.3 to 9.2.4 by @dependabot in #11079
- core: bump watchdog from 4.0.2 to 5.0.0 by @dependabot in #11078
- core, web: update translations by @authentik-automation in #11076
- web: bump the rollup group across 1 directory with 3 updates by @dependabot in #11080
- providers/oauth2: audit_ignore last_login change for generated service account by @BeryJu in #11085
- web: bump @patternfly/elements from 4.0.0 to 4.0.1 in /web by @dependabot in #11094
- core: bump pdoc from 14.6.0 to 14.6.1 by @dependabot in #11092
- core: bump github.com/jellydator/ttlcache/v3 from 3.2.1 to 3.3.0 by @dependabot in #11091
- website/docs: fix nginx ingress auth-signin example by @diegmonti in #11096
- website: bump webpack from 5.89.0 to 5.94.0 in /website by @dependabot in #11098
- web: bump @sentry/browser from 8.26.0 to 8.27.0 in /web in the sentry group across 1 directory by @dependabot in #11093
- website/docs: a couple of minor rewrite things by @BeryJu in #11099
- website/docs: add info about external users by @tanberry in #11106
- website/docs: 2024.8 release notes: reword group sync disable and fix typo by @rissson in #11103
- enterprise: fix incorrect comparison for latest validity date by @BeryJu in #11109
- web: bump the swc group across 2 directories with 11 updates by @dependabot in #11115
- core: bump selenium from 4.23.1 to 4.24.0 by @dependabot in #11114
- core: bump google-api-python-client from 2.142.0 to 2.143.0 by @dependabot in #11113
- core: bump importlib-metadata from 8.0.0 to 8.4.0 by @dependabot in #11112
- ci: fix failing release attestation by @BeryJu in #11107
- core: bump twisted from 24.3.0 to 24.7.0 by @dependabot in #11119
- website/integrations: Fix Nextcloud SAML Docs for SLO by @naruyan in #11118
- web: fix e2e tests to work with latest WebdriverIO and authentik 2024.8 by @kensternberg-authentik in #11105
- website/docs: fix outdated docs and typos by @gergosimonyi in #11020
- websites/docs: minor tweaks to rel notes by @tanberry in #11123
- core: bump ruff from 0.6.2 to 0.6.3 by @dependabot in #11128
- website: bump prism-react-renderer from 2.3.1 to 2.4.0 in /website by @dependabot in #11127
- core, web: update translations by @authentik-automation in #11126
- web: fix dual-select with dynamic selection by @kensternberg-authentik in #11133
- web: bump rollup from 4.21.1 to 4.21.2 in /web/sfe by @dependabot in #11148
- web: bump rollup from 4.21.1 to 4.21.2 in /web by @dependabot in #11147
- web: bump chromedriver from 128.0.0 to 128.0.1 in /tests/wdio by @dependabot in #11146
- web: bump the swc group across 2 directories with 11 updates by @dependabot in #11145
- website: bump @types/react from 18.3.4 to 18.3.5 in /website by @dependabot in #11142
- website: bump postcss from 8.4.41 to 8.4.43 in /website by @dependabot in #11141
- core: bump deepmerge from 1.1.1 to 2.0 by @dependabot in #11140
- stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs by @authentik-automation in #11138
- translate: Updates for file web/xliff/en.xlf in zh-Hans by @transifex-integration in #11137
- translate: Updates for file web/xliff/en.xlf in zh_CN by @transifex-integration in #11136
- website: bump postcss from 8.4.43 to 8.4.44 in /website by @dependabot in #11150
- web: bump the rollup group across 1 directory with 3 updates by @dependabot in #11144
- website/docs: update immich OAuth Redirect URI by @andrebrait in #11135
- website/docs: update release notes by @BeryJu in #11151
- web: bump typescript-eslint from 8.3.0 to 8.4.0 in /web by @dependabot in #11163
- web: bump mermaid from 11.0.2 to 11.1.0 in /web by @dependabot in #11162
- web: bump the swc group across 2 directories with 11 updates by @dependabot in #11161
- web: bump @spotlightjs/spotlight from 2.3.1 to 2.3.2 in /web in the sentry group across 1 directory by @dependabot in #11159
- core: bump watchdog from 5.0.0 to 5.0.1 by @dependabot in #11158
- core: bump pytest-django from 4.8.0 to 4.9.0 by @dependabot in #11157
- core, web: update translations by @authentik-automation in #11156
- translate: Updates for file locale/en/LC_MESSAGES/django.po in ru by @transifex-integration in #11153
- root: version 2024.8 backport by @BeryJu in #11166
- web: bump API Client version by @authentik-automation in #11168
- web: Adjust Wdio MaxInstances, add Knip by @kensternberg-authentik in #11089
- providers/ldap: fix migration assuming search group is set by @BeryJu in #11170
- web/admin: fix error in Outpost creation form by @BeryJu in #11173
- core: fix change_user_type always requiring usernames by @BeryJu in #11177
- root: backport s3 storage changes by @BeryJu in #11181
- web: bump @types/node from 22.5.2 to 22.5.3 in /web by @dependabot in #11195
- web: bump wireit from 0.14.8 to 0.14.9 in /web by @dependabot in #11194
- web: bump knip from 5.29.1 to 5.29.2 in /web by @dependabot in #11193
- web: bump yaml from 2.5.0 to 2.5.1 in /web by @dependabot in #11192
- web: bump @sentry/browser from 8.27.0 to 8.28.0 in /web in the sentry group across 1 directory by @dependabot in #11191
- core: bump watchdog from 5.0.1 to 5.0.2 by @dependabot in #11189
- core: bump django from 5.0.8 to 5.0.9 by @dependabot in #11188
- core: bump goauthentik.io/api/v3 from 3.2024064.1 to 3.2024080.1 by @dependabot in #11187
- ci: bump peter-evans/create-pull-request from 6 to 7 by @dependabot in #11186
- core: bump cryptography from 43.0.0 to 43.0.1 by @dependabot in #11185
- web/admin: fix misc dual select on different forms by @BeryJu in #11203
- website/docs: add note about terraform provider by @BeryJu in #11206
- web/admin: fix missing Sync object button SCIM Provider by @BeryJu in #11211
- providers/ldap: fix incorrect permission check for search access by @BeryJu in #11217
- web/admin: improve error handling by @BeryJu in https://github.com/goauthentik/auth...
Release 2024.8.3
See https://docs.goauthentik.io/docs/releases/2024.8#fixed-in-202483
What's Changed
- events: always use expiry from current tenant for events, not only when creating from HTTP request (cherry-pick #11415) by @gcp-cherry-pick-bot in #11416
- providers/proxy: fix traefik label generation (cherry-pick #11460) by @gcp-cherry-pick-bot in #11480
- web/admin: fix Authentication flow being required (cherry-pick #11496) by @gcp-cherry-pick-bot in #11497
- sources/ldap: fix mapping check, fix debug endpoint (cherry-pick #11442) by @gcp-cherry-pick-bot in #11498
- sources/ldap: fix ms_ad userAccountControl not checking for lockout (cherry-pick #11532) by @gcp-cherry-pick-bot in #11534
- security: fix CVE-2024-47077 (cherry-pick #11535) by @gcp-cherry-pick-bot in #11537
- security: fix CVE-2024-47070 (cherry-pick #11536) by @gcp-cherry-pick-bot in #11539
Full Changelog: version/2024.8.2...version/2024.8.3
Release 2024.6.5
See https://docs.goauthentik.io/docs/releases/2024.6#fixed-in-202465
What's Changed
- security: fix CVE-2024-47077 (cherry-pick #11535) by @gcp-cherry-pick-bot in #11538
- security: fix CVE-2024-47070 (cherry-pick #11536) by @gcp-cherry-pick-bot in #11540
Full Changelog: version/2024.6.4...version/2024.6.5
Release 2024.8.2
See https://docs.goauthentik.io/docs/releases/2024.8#fixed-in-202482
What's Changed
- core: ensure proxy provider is correctly looked up (cherry-pick #11267) by @gcp-cherry-pick-bot in #11269
- root: fix ensure
outpost_connection_discovery
runs on worker startup (cherry-pick #11260) by @gcp-cherry-pick-bot in #11270 - core: ensure all providers have correct priority (cherry-pick #11280) by @gcp-cherry-pick-bot in #11281
- events: optimise marking events as seen (cherry-pick #11297) by @gcp-cherry-pick-bot in #11299
- web/admin: fix notification property mapping forms (cherry-pick #11298) by @gcp-cherry-pick-bot in #11300
- core: fix permission check for scoped impersonation (cherry-pick #11315) by @gcp-cherry-pick-bot in #11316
- enterprise: show specific error if Install ID is invalid in license (cherry-pick #11317) by @gcp-cherry-pick-bot in #11319
- sources/ldap: fix missing search attribute (cherry-pick #11125) by @gcp-cherry-pick-bot in #11340
- enterprise: fix API mixin license validity check (cherry-pick #11331) by @gcp-cherry-pick-bot in #11342
- providers/proxy: fix URL path getting lost when partial URL is given to rd= (cherry-pick #11354) by @gcp-cherry-pick-bot in #11355
Full Changelog: version/2024.8.1...version/2024.8.2
Release 2024.8.1
See https://docs.goauthentik.io/docs/releases/2024.8#fixed-in-202481
What's Changed
- providers/ldap: fix migration assuming search group is set (cherry-pick #11170) by @gcp-cherry-pick-bot in #11172
- web/admin: fix error in Outpost creation form (cherry-pick #11173) by @gcp-cherry-pick-bot in #11175
- core: fix change_user_type always requiring usernames (cherry-pick #11177) by @gcp-cherry-pick-bot in #11178
- root: backport s3 storage changes (cherry-pick #11181) by @gcp-cherry-pick-bot in #11183
- core: bump cryptography from 43.0.0 to 43.0.1 (cherry-pick #11185) by @gcp-cherry-pick-bot in #11202
- website/docs: add note about terraform provider (cherry-pick #11206) by @gcp-cherry-pick-bot in #11208
- web/admin: fix missing Sync object button SCIM Provider (cherry-pick #11211) by @gcp-cherry-pick-bot in #11213
- providers/ldap: fix incorrect permission check for search access (cherry-pick #11217) by @gcp-cherry-pick-bot in #11218
- web/admin: improve error handling (cherry-pick #11212) by @gcp-cherry-pick-bot in #11219
- providers/ldap: rework search_group migration to work with read replicas (cherry-pick #11228) by @gcp-cherry-pick-bot in #11229
- core: fix missing argument name escaping for property mapping (cherry-pick #11231) by @gcp-cherry-pick-bot in #11252
- internal: fix go paginator not setting page correctly (cherry-pick #11253) by @gcp-cherry-pick-bot in #11255
- web/users: show - if device was registered before we started saving the time (cherry-pick #11256) by @gcp-cherry-pick-bot in #11257
Full Changelog: version/2024.8.0...version/2024.8.1
Release 2024.8.0
See https://docs.goauthentik.io/docs/releases/2024.8
What's Changed
- website/docs: 2024.8 release notes: reword group sync disable and fix typo (cherry-pick #11103) by @gcp-cherry-pick-bot in #11108
- enterprise: fix incorrect comparison for latest validity date (cherry-pick #11109) by @gcp-cherry-pick-bot in #11110
- ci: fix failing release attestation (cherry-pick #11107) by @gcp-cherry-pick-bot in #11120
- web: fix dual-select with dynamic selection (cherry-pick #11133) by @gcp-cherry-pick-bot in #11134
Full Changelog: version/2024.8.0-rc2...version/2024.8.0
Release 2024.8.0-rc2
See https://docs.goauthentik.io/docs/releases/2024.8
What's Changed
- providers/oauth2: audit_ignore last_login change for generated service account (cherry-pick #11085) by @gcp-cherry-pick-bot in #11086
Full Changelog: version/2024.8.0-rc1...version/2024.8.0-rc2
Release 2024.8.0-rc1
See https://docs.goauthentik.io/docs/releases/2024.8
What's Changed
- admin: system api: fix FIPS status schema by @rissson in #10110
- website/docs: Specify Synology DSM Account type to use by @jannickfahlbusch in #10111
- web: bump API Client version by @authentik-automation in #10113
- website/docs: update 2024.6 release notes with latest changes by @rissson in #10109
- website/docs: add more info about multiple replicas by @tanberry in #10117
- policies/reputation: fix existing reputation update by @rissson in #10124
- stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs by @authentik-automation in #10119
- translate: Updates for file web/xliff/en.xlf in zh_CN by @transifex-integration in #10120
- translate: Updates for file web/xliff/en.xlf in zh-Hans by @transifex-integration in #10121
- core, web: update translations by @authentik-automation in #10118
- core: bump goauthentik.io/api/v3 from 3.2024042.11 to 3.2024042.13 by @dependabot in #10134
- core: bump ruff from 0.4.8 to 0.4.9 by @dependabot in #10128
- core, web: update translations by @authentik-automation in #10127
- core: bump github.com/spf13/cobra from 1.8.0 to 1.8.1 by @dependabot in #10133
- web: bump chromedriver from 126.0.0 to 126.0.1 in /tests/wdio by @dependabot in #10136
- core: bump github.com/gorilla/sessions from 1.2.2 to 1.3.0 by @dependabot in #10135
- web: bump @patternfly/elements from 3.0.1 to 3.0.2 in /web by @dependabot in #10132
- website: bump react-tooltip from 5.26.4 to 5.27.0 in /website by @dependabot in #10129
- web: fix early modal stack depletion by @kensternberg-authentik in #10068
- website/integations/services: Slack integration docs by @tanberry in #9933
- core: include version in built JS files by @BeryJu in #9558
- web: fix needed because recent upgrade to task breaks spinner button by @kensternberg-authentik in #10142
- web: bump ws from 8.16.0 to 8.17.1 in /web by @dependabot in #10149
- web: bump the storybook group in /web with 7 updates by @dependabot in #10147
- ci: bump docker/build-push-action from 5 to 6 by @dependabot in #10144
- core: bump urllib3 from 2.2.1 to 2.2.2 by @dependabot in #10143
- root: use custom model serializer that saves m2m without bulk by @BeryJu in #10139
- root: makefile: add codespell to make website by @rissson in #10116
- web: fix docker build for non-release versions by @rissson in #10154
- website/integrations: gitlab: better service description by @4d62 in #9923
- website/docs: Describe where to apply the auto setup env vars by @m1212e in #9863
- website/integrations: jellyfin: add OIDC configuration by @Redlonghead in #9538
- web: bump the wdio group in /tests/wdio with 4 updates by @dependabot in #10160
- web: bump chromedriver from 126.0.1 to 126.0.2 in /tests/wdio by @dependabot in #10161
- core: bump twilio from 9.1.1 to 9.2.0 by @dependabot in #10162
- website/docs: update 2024.6 release notes with latest changes by @rissson in #10167
- website/docs: 2024.6 release notes: add note about group names by @rissson in #10170
- core: fix error when raising SkipObject in mapping by @BeryJu in #10153
- website/docs: update 2024.6 release notes with latest changes by @rissson in #10174
- website/docs: update template reference by @emmanuel-ferdman in #10166
- web: bump @sentry/browser from 8.9.2 to 8.10.0 in /web in the sentry group by @dependabot in #10185
- core: bump google-api-python-client from 2.133.0 to 2.134.0 by @dependabot in #10183
- web: bump glob from 10.4.1 to 10.4.2 in /web by @dependabot in #10163
- core: rework base for SkipObject exception to better support control flow exceptions by @BeryJu in #10186
- website/docs: Remove hyphen in read replica in Release Notes by @tanberry in #10178
- website/docs: Fix nginx proxy_pass directive documentation by @fotinakis in #10181
- core: bump selenium from 4.21.0 to 4.22.0 by @dependabot in #10194
- core: bump ruff from 0.4.9 to 0.4.10 by @dependabot in #10193
- web: bump typescript from 5.4.5 to 5.5.2 in /tests/wdio by @dependabot in #10192
- web: bump typescript from 5.4.5 to 5.5.2 in /web by @dependabot in #10191
- website: bump typescript from 5.4.5 to 5.5.2 in /website by @dependabot in #10190
- web: bump @sentry/browser from 8.10.0 to 8.11.0 in /web in the sentry group by @dependabot in #10204
- web: bump chromedriver from 126.0.2 to 126.0.3 in /tests/wdio by @dependabot in #10203
- core: bump twilio from 9.2.0 to 9.2.1 by @dependabot in #10202
- core: bump coverage from 7.5.3 to 7.5.4 by @dependabot in #10201
- web/flows: update flow background by @BeryJu in #10206
- website/docs: fix #9552 openssl rand base64 line wrap by @jogerj in #10211
- website/integrations: fix typo in documentation for OIDC setup with Paperless-ngx by @rwh85 in #10218
- security: fix CVE-2024-38371 by @BeryJu in #10229
- security: fix CVE-2024-37905 by @BeryJu in #10230
- core: bump debugpy from 1.8.1 to 1.8.2 by @dependabot in #10225
- web: bump @sentry/browser from 8.11.0 to 8.12.0 in /web in the sentry group by @dependabot in #10226
- core: bump webauthn from 2.1.0 to 2.2.0 by @dependabot in #10224
- web: bump chromedriver from 126.0.3 to 126.0.4 in /tests/wdio by @dependabot in #10223
- core: bump pdoc from 14.5.0 to 14.5.1 by @dependabot in #10221
- website/docs: update 2024.6 release notes with latest changes by @rissson in #10228
- website/docs: update 2024.2 release notes with security fixes by @rissson in #10232
- website/docs: update 2024.4 release notes with latest changes by @rissson in #10231
- website/docs: update 2024.6 release notes with latest changes (cherry-pick #10228) by @gcp-cherry-pick-bot in #10243
- website/docs: remove RC disclaimer from 2024.6 release notes by @rissson in #10245
- website/docs: remove RC disclaimer from 2024.6 release notes (cherry-pick #10245) by @gcp-cherry-pick-bot in #10246
- security: update supported versions by @rissson in #10247
- security: update supported versions (cherry-pick #10247) by @gcp-cherry-pick-bot in #10248
- website/docs: update geoip and asn example to use the proper syntax by @rissson in #10249
- website/docs: update the Welcome page by @tanberry in #10222
- website/docs: update geoip and asn example to use the proper syntax (cherry-pick #10249) by @gcp-cherry-pick-bot in #10250
- web: bump API Client version by @authentik-automation in #10252
- web/flows: remove continue button from AutoSubmit stage by @BeryJu in #10253
- we...
Release 2024.6.4
See https://docs.goauthentik.io/docs/releases/2024.6#fixed-in-202464
What's Changed
- web/admin: fix selectable card colour in dark theme (cherry-pick #10794) by @gcp-cherry-pick-bot in #10795
- sources/ldap: Add enabled filter for ldap_password_validate signal (cherry-pick #10823) by @gcp-cherry-pick-bot in #10825
- security: fix CVE-2024-42490 (cherry-pick #11022) by @gcp-cherry-pick-bot in #11025
Full Changelog: version/2024.6.3...version/2024.6.4
Release 2024.4.4
See https://docs.goauthentik.io/docs/releases/2024.4#fixed-in-202444
What's Changed
- website/docs: update 2024.4 release notes with latest changes (cherry-pick #10231) by @gcp-cherry-pick-bot in #10244
- security: fix CVE-2024-42490 (cherry-pick #11022) by @gcp-cherry-pick-bot in #11024
Full Changelog: version/2024.4.3...version/2024.4.4