Skip to content

PR to pull from dexidp dex master.#1

Open
anuviswa wants to merge 2815 commits intoanuviswa:merge_from_masterfrom
dexidp:master
Open

PR to pull from dexidp dex master.#1
anuviswa wants to merge 2815 commits intoanuviswa:merge_from_masterfrom
dexidp:master

Conversation

@anuviswa
Copy link
Owner

@anuviswa anuviswa commented Mar 19, 2020

No description provided.

dependabot bot and others added 30 commits September 15, 2025 04:02
@dependabot
build(deps): bump sigstore/cosign-installer from 3.9.2 to 3.10.0
f6f906d 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.2 to 3.10.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](sigstore/cosign-installer@d58896d...d7543c9)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: 3.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@Zash
ADOPTERS: Update Elastisys entry for product rename
796f5ce 
Signed-off-by: Kim Alvefur <kim.alvefur@elastisys.com>
@sagikazarmark
Merge pull request #4327 from Zash/welkin
25d7061 
ADOPTERS: Update Elastisys entry for product rename
@sagikazarmark
Merge pull request #4299 from dexidp/dependabot/go_modules/examples/g…
40c20c3 
…ithub.com/dexidp/dex/api/v2-2.4.0

build(deps): bump github.com/dexidp/dex/api/v2 from 2.3.0 to 2.4.0 in /examples
@sagikazarmark
Merge pull request #4304 from dexidp/dependabot/github_actions/action…
595babf 
…s/setup-go-6.0.0

build(deps): bump actions/setup-go from 5.5.0 to 6.0.0
@sagikazarmark
Merge pull request #4305 from dexidp/dependabot/github_actions/aquase…
4d1ba88 
…curity/trivy-action-0.33.1

build(deps): bump aquasecurity/trivy-action from 0.33.0 to 0.33.1
@sagikazarmark
Merge pull request #4307 from dexidp/dependabot/docker/golang-1.25.1-…
84a009c 
…alpine3.22

build(deps): bump golang from 1.25.0-alpine3.22 to 1.25.1-alpine3.22
@sagikazarmark
Merge pull request #4313 from dexidp/dependabot/docker/distroless/sta…
32c77d6 
…tic-debian12-e8a4044

build(deps): bump distroless/static-debian12 from `a9f88e0` to `e8a4044`
@sagikazarmark
Merge pull request #4314 from dexidp/dependabot/github_actions/oras-p…
5091567 
…roject/setup-oras-1.2.4

build(deps): bump oras-project/setup-oras from 1.2.3 to 1.2.4
@sagikazarmark
Merge pull request #4320 from dexidp/dependabot/github_actions/github…
7cca78d 
…/codeql-action-3.30.3

build(deps): bump github/codeql-action from 3.29.11 to 3.30.3
@sagikazarmark
Merge pull request #4324 from dexidp/dependabot/github_actions/sigsto…
0726feb 
…re/cosign-installer-3.10.0

build(deps): bump sigstore/cosign-installer from 3.9.2 to 3.10.0
@sagikazarmark
Merge pull request #4302 from dexidp/dependabot/go_modules/github.com…
8e1d68a 
…/spf13/cobra-1.10.1

build(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1
@sagikazarmark
Merge pull request #4309 from dexidp/dependabot/go_modules/github.com…
d56447e 
…/prometheus/client_golang-1.23.2

build(deps): bump github.com/prometheus/client_golang from 1.23.0 to 1.23.2
@sagikazarmark
Merge pull request #4317 from dexidp/dependabot/docker/tonistiigi/xx-…
614ff0b 
…1.7.0

build(deps): bump tonistiigi/xx from 1.6.1 to 1.7.0
@sagikazarmark
Merge pull request #4310 from dexidp/dependabot/go_modules/golang.org…
4f62237 
…/x/oauth2-0.31.0

build(deps): bump golang.org/x/oauth2 from 0.30.0 to 0.31.0
@sagikazarmark
Merge pull request #4311 from dexidp/dependabot/go_modules/examples/g…
ea20d6e 
…olang.org/x/oauth2-0.31.0

build(deps): bump golang.org/x/oauth2 from 0.30.0 to 0.31.0 in /examples
@dependabot
build(deps): bump anchore/sbom-action from 0.20.5 to 0.20.6
50bf779 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.5 to 0.20.6.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](anchore/sbom-action@da167ea...f8bdd1d)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-version: 0.20.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump golang.org/x/net from 0.43.0 to 0.44.0
1fa6594 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.43.0 to 0.44.0.
- [Commits](golang/net@v0.43.0...v0.44.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.44.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump google.golang.org/protobuf from 1.36.8 to 1.36.9
65b4f82 
Bumps google.golang.org/protobuf from 1.36.8 to 1.36.9.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump github/codeql-action from 3.30.3 to 3.30.4
d277f65 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.3 to 3.30.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@192325c...303c0ae)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.30.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@sagikazarmark
Merge pull request #4339 from dexidp/dependabot/github_actions/github…
a07da5c 
…/codeql-action-3.30.4

build(deps): bump github/codeql-action from 3.30.3 to 3.30.4
@sagikazarmark
Merge pull request #4335 from dexidp/dependabot/go_modules/google.gol…
d242c9d 
…ang.org/protobuf-1.36.9

build(deps): bump google.golang.org/protobuf from 1.36.8 to 1.36.9
@sagikazarmark
Merge pull request #4334 from dexidp/dependabot/go_modules/golang.org…
bfe2375 
…/x/net-0.44.0

build(deps): bump golang.org/x/net from 0.43.0 to 0.44.0
@sagikazarmark
Merge pull request #4332 from dexidp/dependabot/github_actions/anchor…
d768071 
…e/sbom-action-0.20.6

build(deps): bump anchore/sbom-action from 0.20.5 to 0.20.6
@dependabot
build(deps): bump actions/cache from 4.2.4 to 4.3.0
7d7d21a 
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.4 to 4.3.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@0400d5f...0057852)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump the etcd group with 2 updates
ecaa916 
Bumps the etcd group with 2 updates: [go.etcd.io/etcd/client/pkg/v3](https://github.com/etcd-io/etcd) and [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd).


Updates `go.etcd.io/etcd/client/pkg/v3` from 3.6.4 to 3.6.5
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](etcd-io/etcd@v3.6.4...v3.6.5)

Updates `go.etcd.io/etcd/client/v3` from 3.6.4 to 3.6.5
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](etcd-io/etcd@v3.6.4...v3.6.5)

---
updated-dependencies:
- dependency-name: go.etcd.io/etcd/client/pkg/v3
  dependency-version: 3.6.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: etcd
- dependency-name: go.etcd.io/etcd/client/v3
  dependency-version: 3.6.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: etcd
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump docker/login-action from 3.5.0 to 3.6.0
accd2bf 
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@184bdaa...5e57cd1)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: 3.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3
4c682b5 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.2 to 2.4.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ossf/scorecard-action@05b42c6...4eaacf0)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-version: 2.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump google.golang.org/grpc in /examples
53c2511 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.75.0 to 1.76.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.75.0...v1.76.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-version: 1.76.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump google.golang.org/api from 0.248.0 to 0.252.0
9ab8d96 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.248.0 to 0.252.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.248.0...v0.252.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-version: 0.252.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
nabokihms and others added 30 commits February 16, 2026 15:33
@nabokihms
Add steps to fetch and extract OCI image tarball (#4552)
adec8b4 
Added steps to fetch and extract OCI image tarball.

Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com>
@nabokihms
feat: enhance git-version script to generate pseudo-versions with tim…
955142b 
…estamp (#4553)

Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
@nabokihms
build(deps): update gRPC to v1.79.1 and other dependencies (#4554)
dce4638 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
@dependabot
build(deps): bump helm/kind-action from 1.13.0 to 1.14.0 (#4557)
be13b1f 
Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/helm/kind-action/releases)
- [Commits](helm/kind-action@92086f6...ef37e7f)

---
updated-dependencies:
- dependency-name: helm/kind-action
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump google.golang.org/api from 0.266.0 to 0.267.0 (#4558)
69f9b7e 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.266.0 to 0.267.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.266.0...v0.267.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-version: 0.267.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@nabokihms
feat: validate redirect URIs and safely append parameters (#4559)
29c7b6f 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
@dependabot
build(deps): bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 (#4562)
548b0f5
@nabokihms
feat: add skopeo copy command to transfer image from OCI layout (#4564)
0108be9 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
@dependabot
build(deps): bump actions/dependency-review-action from 4.8.2 to 4.8.3 (
49c8228 
#4563)

Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.8.2 to 4.8.3.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](actions/dependency-review-action@3c4e3dc...05fe457)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-version: 4.8.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@nabokihms
feat: add debug step to check image metadata in workflow (#4566)
0807930 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
@nabokihms
feat: refactor example-app with a new config (#4569)
5d27abc 
This is a preparation for KubeCon 2026:
1. Restyle the app
2. Refactor advanced configuration options
3. Move embedded templates and css to separate files

Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
@johnvan7
Add support to PKCE in OIDC connector (#3777)
25591ee 
Signed-off-by: johnvan7 <giovanni.vella98@gmail.com>
Signed-off-by: Giovanni Vella <giovanni.vella98@gmail.com>
@aljoshare
fix(server): respond with forbidden if failed to authenticate (#4200)
83697b0 
Signed-off-by: Aljoscha Bollmann <aljoscha.bollmann@proton.me>
@nabokihms
test: update HandleCallback after merging OIDC PKCE (#4572)
cf17fc6 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
@nabokihms
feat: implement device code flow in example-app (#4570)
8db7699 
This is a KubeCon 2026 preparation:
1. Add device flow to the example-app
2. Add userinfo checker
3. Refactor the structure

Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
@dependabot
build(deps): bump aquasecurity/trivy-action from 0.34.0 to 0.34.1 (#4574
51c66d2 
)
@dependabot
build(deps): bump github/codeql-action from 4.32.3 to 4.32.4 (#4573)
ec26e19
@nabokihms
feat: enhance test commands to support GitHub Actions formatting (#4575)
bcc2283 
With the number of tests growing, it is harder and harder to find errors in the test output. Gotestsum is a well-known runner for tests helping to format the output fot both local runs and GitHub Actions.

Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
@dependabot
build(deps): bump google.golang.org/api from 0.267.0 to 0.268.0 (#4577)
0963bbe
@backkem
fix(mysql): quote groups reserved word in query replacer (#4580)
a6962a8 
`groups` is a reserved word in MySQL >= 8.0.2, causing migration 13
to fail with a syntax error on `ALTER TABLE password ADD COLUMN groups`.

Fixes #4579

Signed-off-by: Michiel De Backker <mail@backkem.me>
@dependabot
build(deps): bump google.golang.org/api from 0.268.0 to 0.269.0 (#4582)
2ecf64e
@dependabot
build(deps): bump actions/setup-go from 6.2.0 to 6.3.0 (#4584)
4c3dffd 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.2.0 to 6.3.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@7a3fe6c...4b73464)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump anchore/sbom-action from 0.22.2 to 0.23.0 (#4587)
9cd6668 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.22.2 to 0.23.0.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](anchore/sbom-action@28d7154...17ae174)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-version: 0.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump golang.org/x/net from 0.50.0 to 0.51.0 (#4586)
c0daa71 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.50.0 to 0.51.0.
- [Commits](golang/net@v0.50.0...v0.51.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.51.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump actions/attest-build-provenance from 3.2.0 to 4.0.0 (
3295c72 
…#4585)

Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3.2.0 to 4.0.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](actions/attest-build-provenance@96278af...e4d4f7c)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@loafoe @nabokihms
fix: clean up in-memory connector before create (#4529)
49dcb4d 
Signed-off-by: Andy Lo-A-Foe <andy.loafoe@gmail.com>
Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>
@nabokihms
feat: Disallow unknown config fields (#4531)
d78d744 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
@Jabejixo
feat: saml support refresh tokens (#4565)
4311931 
Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>
@matzegebbe
fix(connector): update authproxy and oauth to match CallbackConnector…
44e2749 
… interface (#4589)

The PKCE support added in v2.45.0 changed the CallbackConnector interface
signatures but missed updating the authproxy and oauth connectors. This
caused a type assertion failure in handleConnectorLogin(), resulting in
"Requested resource does not exist" errors when using these connectors.

Update LoginURL to return (string, []byte, error) and HandleCallback to
accept a []byte connData parameter for both connectors and their tests.

Signed-off-by: Mathias Gebbe <mathias.gebbe@gmail.com>
@nabokihms
feat(connector): add compile-time checks for connector interfaces (#4591
47e84db 
)

Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.