dependabot[bot]
|
adb5454913
|
build(deps): bump alpine from 3.16.1 to 3.16.2
Bumps alpine from 3.16.1 to 3.16.2.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-08-10 04:04:29 +00:00 |
|
Bob Callaway
|
fcfbb1ecb0
|
Add HMAC protection on /approval endpoint
Signed-off-by: Bob Callaway <bcallaway@google.com>
|
2022-07-29 19:45:18 -04:00 |
|
dependabot[bot]
|
4bcdcf8e1e
|
build(deps): bump aquasecurity/trivy-action from 0.6.0 to 0.6.1 (#2604)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.6.0 to 0.6.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.6.0...0.6.1)
---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-07-28 15:39:50 +03:00 |
|
dependabot[bot]
|
3df7c489ce
|
build(deps): bump google.golang.org/api from 0.86.0 to 0.89.0 (#2605)
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.86.0 to 0.89.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.86.0...v0.89.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-07-28 15:39:14 +03:00 |
|
dependabot[bot]
|
ce11154529
|
build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.2 to 3.4.4 (#2606)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.4.2 to 3.4.4.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.4.2...v3.4.4)
---
updated-dependencies:
- dependency-name: github.com/go-ldap/ldap/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-07-28 15:38:35 +03:00 |
|
Bob Callaway
|
e1a407830d
|
add config to explicitly set scopes for microsoft connector (#2582)
Signed-off-by: Bob Callaway <bcallaway@google.com>
|
2022-07-27 19:03:29 +03:00 |
|
Bob Callaway
|
83e2df821e
|
add PKCE support to device code flow (#2575)
Signed-off-by: Bob Callaway <bobcallaway@users.noreply.github.com>
|
2022-07-27 19:02:18 +03:00 |
|
dependabot[bot]
|
454122ca22
|
build(deps): bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 (#2599)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0)
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-07-26 13:52:10 +04:00 |
|
Björn Busse
|
4a0218e87c
|
grpc-client: Do not crash on empty response (#2584)
Signed-off-by: Björn Busse <bj.rn@baerlin.eu>
|
2022-07-25 23:30:22 +04:00 |
|
Joe Knight
|
27c25d00be
|
Add domainHint parameter to Microsoft Connector (#2586)
Signed-off-by: Joe Knight <josephtknight@users.noreply.github.com>
|
2022-07-25 23:12:55 +04:00 |
|
dependabot[bot]
|
367487d7c5
|
build(deps): bump golang from 1.18.3-alpine3.15 to 1.18.4-alpine3.15 (#2592)
Bumps golang from 1.18.3-alpine3.15 to 1.18.4-alpine3.15.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-07-25 23:11:24 +04:00 |
|
dependabot[bot]
|
3b7e56035a
|
build(deps): bump alpine from 3.16.0 to 3.16.1 (#2598)
Bumps alpine from 3.16.0 to 3.16.1.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-07-25 23:11:06 +04:00 |
|
dependabot[bot]
|
f53fab6b06
|
build(deps): bump aquasecurity/trivy-action from 0.5.1 to 0.6.0 (#2602)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.5.1 to 0.6.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.5.1...0.6.0)
---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-07-25 23:10:46 +04:00 |
|
dhaus67
|
100246328b
|
Use GitLab's refresh_token during Refresh. (#2352)
Signed-off-by: Daniel Haus <dhaus@redhat.com>
|
2022-07-20 13:16:12 +04:00 |
|
Maksim Nabokikh
|
d564cc7200
|
Merge pull request #2591 from chancez/patch-1
Add expiry.refreshToken settings to config.yaml.dist
|
2022-07-18 23:23:16 +04:00 |
|
Chance Zibolski
|
a3e2946cfc
|
Add expiry.refreshToken settings to config.yaml.dist
Signed-off-by: Chance Zibolski <chance.zibolski@gmail.com>
|
2022-07-13 15:45:21 -07:00 |
|
Maksim Nabokikh
|
f49e7bc218
|
Merge pull request #2560 from dexidp/dependabot/go_modules/github.com/spf13/cobra-1.5.0
build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0
|
2022-07-04 23:03:15 +04:00 |
|
Maksim Nabokikh
|
9ebcd651ff
|
Merge pull request #2574 from dexidp/dependabot/go_modules/google.golang.org/api-0.86.0
build(deps): bump google.golang.org/api from 0.82.0 to 0.86.0
|
2022-07-04 22:27:42 +04:00 |
|
dependabot[bot]
|
1aaa7fa0b7
|
build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.4.0...v1.5.0)
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-07-04 18:22:22 +00:00 |
|
Maksim Nabokikh
|
c561318baa
|
Merge pull request #2565 from dexidp/dependabot/github_actions/mheap/github-action-required-labels-2
build(deps): bump mheap/github-action-required-labels from 1 to 2
|
2022-07-04 22:21:19 +04:00 |
|
Maksim Nabokikh
|
5066414735
|
Merge pull request #2576 from dexidp/dependabot/github_actions/aquasecurity/trivy-action-0.5.1
build(deps): bump aquasecurity/trivy-action from 0.4.0 to 0.5.1
|
2022-07-04 22:20:59 +04:00 |
|
Maksim Nabokikh
|
731d0d7d9d
|
Merge pull request #2577 from dexidp/dependabot/go_modules/github.com/stretchr/testify-1.8.0
build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.8.0
|
2022-07-04 22:20:20 +04:00 |
|
Márk Sági-Kazár
|
1cc26fab2f
|
Merge pull request #2468 from flant/cwe-79-device-code
fix: prevent cross-site scripting for the device flow
|
2022-06-30 22:52:33 +03:00 |
|
dependabot[bot]
|
f34529b13f
|
build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.8.0
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.2 to 1.8.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.2...v1.8.0)
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-30 04:09:21 +00:00 |
|
dependabot[bot]
|
ffec99287b
|
build(deps): bump aquasecurity/trivy-action from 0.4.0 to 0.5.1
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.4.0 to 0.5.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.4.0...0.5.1)
---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-30 04:09:00 +00:00 |
|
dependabot[bot]
|
ea46fc39ca
|
build(deps): bump google.golang.org/api from 0.82.0 to 0.86.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.82.0 to 0.86.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.82.0...v0.86.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-29 04:07:24 +00:00 |
|
dependabot[bot]
|
e253fa8efb
|
build(deps): bump mheap/github-action-required-labels from 1 to 2
Bumps [mheap/github-action-required-labels](https://github.com/mheap/github-action-required-labels) from 1 to 2.
- [Release notes](https://github.com/mheap/github-action-required-labels/releases)
- [Commits](https://github.com/mheap/github-action-required-labels/compare/v1...v2)
---
updated-dependencies:
- dependency-name: mheap/github-action-required-labels
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-22 04:09:16 +00:00 |
|
Márk Sági-Kazár
|
c538f3d6a2
|
Merge pull request #2557 from dexidp/dependabot/github_actions/aquasecurity/trivy-action-0.4.0
build(deps): bump aquasecurity/trivy-action from 0.3.0 to 0.4.0
|
2022-06-16 18:41:20 +02:00 |
|
dependabot[bot]
|
33483aa179
|
build(deps): bump aquasecurity/trivy-action from 0.3.0 to 0.4.0
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.3.0...0.4.0)
---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-16 04:06:00 +00:00 |
|
Maksim Nabokikh
|
b6c4112c88
|
Merge pull request #2555 from dexidp/dependabot/github_actions/helm/kind-action-1.3.0
build(deps): bump helm/kind-action from 1.2.0 to 1.3.0
|
2022-06-15 20:00:30 +04:00 |
|
dependabot[bot]
|
60228d8fd8
|
build(deps): bump helm/kind-action from 1.2.0 to 1.3.0
Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/helm/kind-action/releases)
- [Commits](https://github.com/helm/kind-action/compare/v1.2.0...v1.3.0)
---
updated-dependencies:
- dependency-name: helm/kind-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-15 04:05:46 +00:00 |
|
Maksim Nabokikh
|
b07c8b1d8d
|
Merge pull request #2524 from aristanetworks/mkelly-limit-gc-size
Limit the amount of objects we attempt to GC on each cycle
|
2022-06-10 09:22:00 +04:00 |
|
Michael Kelly
|
9079c31637
|
Fix formatting
Signed-off-by: Michael Kelly <mkelly@arista.com>
|
2022-06-09 08:21:13 -07:00 |
|
Michael Kelly
|
a51d12056f
|
Tweaks based on review comments
Signed-off-by: Michael Kelly <mkelly@arista.com>
|
2022-06-09 08:21:03 -07:00 |
|
Michael Kelly
|
6c99a9b99d
|
s/getUrl/getURL
golang prefers URL not Url
Signed-off-by: Michael Kelly <mkelly@arista.com>
|
2022-06-09 08:20:48 -07:00 |
|
Mark Sagi-Kazar
|
3836196af2
|
chore: update gitignore
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
|
2022-06-07 13:39:54 +02:00 |
|
Márk Sági-Kazár
|
b578e4d8e5
|
Merge pull request #2551 from dexidp/update-grpc
chore(deps): update grpc
|
2022-06-07 13:38:13 +02:00 |
|
Mark Sagi-Kazar
|
8360cbfbde
|
chore(deps): update grpc
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
|
2022-06-07 12:53:03 +02:00 |
|
Márk Sági-Kazár
|
465be883a3
|
Merge pull request #2550 from dexidp/dependabot/go_modules/github.com/stretchr/testify-1.7.2
build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2
|
2022-06-07 12:50:39 +02:00 |
|
dependabot[bot]
|
870395971e
|
build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2)
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-07 04:06:47 +00:00 |
|
Márk Sági-Kazár
|
ebb27418c4
|
Merge pull request #2548 from dexidp/dependabot/docker/golang-1.18.3-alpine3.15
build(deps): bump golang from 1.18.2-alpine3.15 to 1.18.3-alpine3.15
|
2022-06-03 10:25:27 +02:00 |
|
dependabot[bot]
|
15a516684b
|
Merge pull request #2543 from dexidp/dependabot/go_modules/google.golang.org/grpc-1.47.0
|
2022-06-02 10:28:35 +00:00 |
|
dependabot[bot]
|
dcb25d0c3d
|
build(deps): bump google.golang.org/grpc from 1.46.2 to 1.47.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.46.2 to 1.47.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.46.2...v1.47.0)
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-02 09:54:02 +00:00 |
|
dependabot[bot]
|
59b69352e0
|
Merge pull request #2549 from dexidp/dependabot/go_modules/google.golang.org/api-0.82.0
|
2022-06-02 09:53:09 +00:00 |
|
dependabot[bot]
|
89d1c51e9b
|
build(deps): bump google.golang.org/api from 0.81.0 to 0.82.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.81.0 to 0.82.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.81.0...v0.82.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-02 04:06:00 +00:00 |
|
dependabot[bot]
|
a0fd469e47
|
build(deps): bump golang from 1.18.2-alpine3.15 to 1.18.3-alpine3.15
Bumps golang from 1.18.2-alpine3.15 to 1.18.3-alpine3.15.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-02 04:05:41 +00:00 |
|
Maksim Nabokikh
|
b6cc099305
|
Merge pull request #2290 from bobcallaway/issue2289
correctly handle path escaping for connector IDs
|
2022-05-31 16:03:12 +04:00 |
|
Bob Callaway
|
6eeba947f1
|
Merge remote-tracking branch 'upstream/master' into issue2289
|
2022-05-30 11:52:05 -04:00 |
|
Maksim Nabokikh
|
a858ffbcf2
|
Merge pull request #2538 from loopholelabs/2537-fix-json-response
Device Code Flow does not return application/json in Content-Type header
|
2022-05-30 17:55:24 +04:00 |
|
Shivansh Vij
|
65592d0b5a
|
Updating test cases
Fixes https://github.com/dexidp/dex/issues/2537
Signed-off-by: Shivansh Vij <shivanshvij@outlook.com>
|
2022-05-26 15:54:54 -04:00 |
|