dependabot[bot]
|
47d029a51b
|
Merge pull request #2110 from dexidp/dependabot/docker/golang-1.16.4-alpine3.13
|
2021-05-17 15:47:59 +00:00 |
|
Márk Sági-Kazár
|
18d1f70cee
|
Merge pull request #1861 from concourse/pr/bcrypt-for-client-secret-sync
Use constant time comparison for client secret verification
|
2021-05-17 17:27:42 +02:00 |
|
Rui Yang
|
fe8085b886
|
remove client secret encryption option
constant time compare for client secret verification will be kept
Signed-off-by: Rui Yang <ruiya@vmware.com>
|
2021-05-17 10:16:50 -04:00 |
|
dependabot[bot]
|
283dd89f4d
|
Merge pull request #2123 from dexidp/dependabot/go_modules/github.com/lib/pq-1.10.2
|
2021-05-17 07:41:26 +00:00 |
|
dependabot[bot]
|
c65652ed8f
|
build(deps): bump github.com/lib/pq from 1.10.1 to 1.10.2
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.10.1...v1.10.2)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-05-17 07:11:13 +00:00 |
|
Rui Yang
|
ecea593ddd
|
fix a bug in hash comparison function
the client secret coming in should be hashed and the one in storage
is the one in plaintext
Signed-off-by: Rui Yang <ruiya@vmware.com>
|
2021-05-14 13:32:27 -04:00 |
|
dependabot[bot]
|
47bdbdb1a2
|
build(deps): bump golang from 1.16.3-alpine3.13 to 1.16.4-alpine3.13
Bumps golang from 1.16.3-alpine3.13 to 1.16.4-alpine3.13.
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-05-07 06:46:19 +00:00 |
|
Maksim Nabokikh
|
81c4dc7994
|
Merge pull request #1906 from flant/ent-sqlite
feat: Add ent-based sqlite3 storage
|
2021-05-05 18:19:25 +04:00 |
|
Márk Sági-Kazár
|
ba2cec3f72
|
Merge pull request #2103 from flant/add-new-maintainer
Add @nabokihms to the maintainers list
|
2021-05-04 21:22:49 +02:00 |
|
dependabot[bot]
|
fcca5f4b4f
|
Merge pull request #2104 from dexidp/dependabot/go_modules/google.golang.org/api-0.46.0
|
2021-05-04 09:18:05 +00:00 |
|
dependabot[bot]
|
b1292bd630
|
build(deps): bump google.golang.org/api from 0.45.0 to 0.46.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.45.0 to 0.46.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.45.0...v0.46.0)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-05-04 06:59:24 +00:00 |
|
m.nabokikh
|
8553309db3
|
Add obsolete tokens, resolve conflicts, bump ent
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
|
2021-05-02 12:43:21 +04:00 |
|
Márk Sági-Kazár
|
94a2b3ed87
|
Merge pull request #2010 from flant/switch-device-token-endpoint-to-token
fix: use /token endpoint to get tokens with device flow
|
2021-05-01 13:24:55 +02:00 |
|
m.nabokikh
|
24fa4def5b
|
chore: update ent
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
|
2021-04-30 17:48:16 +04:00 |
|
m.nabokikh
|
2e61860d5a
|
Add ent autogenerated code
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
|
2021-04-30 17:47:54 +04:00 |
|
m.nabokikh
|
11859166d0
|
feat: Add ent-based sqlite3 storage
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
|
2021-04-30 17:47:54 +04:00 |
|
Stephen Augustus
|
674631c9ab
|
Merge pull request #2090 from dexidp/security-policy
Initial security policy
|
2021-04-27 20:33:21 -04:00 |
|
Márk Sági-Kazár
|
47b0a2bdf9
|
Merge pull request #2100 from dexidp/mysql-port
Fix MySQL connection to use the provided port
|
2021-04-28 01:23:41 +02:00 |
|
Mark Sagi-Kazar
|
e2b56d0a09
|
fix(storage/mysql): add missing port to the address
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
|
2021-04-27 14:09:21 +02:00 |
|
m.nabokikh
|
4561214ab2
|
Add @nabokihms to maintainers list
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
|
2021-04-27 13:11:15 +04:00 |
|
dependabot[bot]
|
afa6f1e03e
|
Merge pull request #2099 from dexidp/dependabot/go_modules/github.com/felixge/httpsnoop-1.0.2
|
2021-04-26 09:09:08 +00:00 |
|
Mark Sagi-Kazar
|
df9fc78d2d
|
ci: run mysql tests on non-standard port
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
|
2021-04-26 11:01:24 +02:00 |
|
Mark Sagi-Kazar
|
bf8c35ad2d
|
docs: update readme linking to the security policy
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
|
2021-04-26 10:59:17 +02:00 |
|
Mark Sagi-Kazar
|
59fcab281e
|
docs: initial security policy
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
|
2021-04-26 10:59:15 +02:00 |
|
dependabot[bot]
|
05b61a3d86
|
build(deps): bump github.com/felixge/httpsnoop from 1.0.1 to 1.0.2
Bumps [github.com/felixge/httpsnoop](https://github.com/felixge/httpsnoop) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/felixge/httpsnoop/releases)
- [Commits](https://github.com/felixge/httpsnoop/compare/v1.0.1...v1.0.2)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-04-26 08:50:00 +00:00 |
|
Márk Sági-Kazár
|
551229a986
|
Merge pull request #1846 from flant/refresh-token-expiration-policy
feat: Add refresh token expiration and rotation settings
|
2021-04-24 11:03:40 +02:00 |
|
Márk Sági-Kazár
|
b1ac799073
|
Merge pull request #1912 from wellplayedgames/microsoft-prompt-type
Support setting the prompt type for the Microsoft connector
|
2021-04-24 10:58:43 +02:00 |
|
dependabot[bot]
|
31c18e557a
|
Merge pull request #2094 from dexidp/dependabot/go_modules/github.com/lib/pq-1.10.1
|
2021-04-22 08:26:07 +00:00 |
|
dependabot[bot]
|
5bc3cb2ad3
|
build(deps): bump github.com/lib/pq from 1.10.0 to 1.10.1
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.10.0...v1.10.1)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-04-22 06:54:28 +00:00 |
|
dependabot[bot]
|
efd9839fd2
|
Merge pull request #2093 from dexidp/dependabot/go_modules/google.golang.org/api-0.45.0
|
2021-04-21 10:23:32 +00:00 |
|
dependabot[bot]
|
fa3a4d7f6b
|
build(deps): bump google.golang.org/api from 0.43.0 to 0.45.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.43.0 to 0.45.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.43.0...v0.45.0)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-04-21 06:55:25 +00:00 |
|
Márk Sági-Kazár
|
0b9b588c96
|
Merge pull request #2089 from flant/remove-go-dev-badge-from-readme
chore: remove go dev badge from README
|
2021-04-17 21:20:47 +02:00 |
|
m.nabokikh
|
026d979073
|
chore: remove go dev badge from README
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
|
2021-04-17 10:24:02 +04:00 |
|
dependabot[bot]
|
e4065013a4
|
Merge pull request #2085 from dexidp/dependabot/docker/alpine-3.13.5
|
2021-04-15 08:18:38 +00:00 |
|
dependabot[bot]
|
d4a2a362ab
|
Merge pull request #2086 from dexidp/dependabot/go_modules/github.com/mattn/go-sqlite3-1.14.7
|
2021-04-15 08:18:07 +00:00 |
|
dependabot[bot]
|
de6d1bea56
|
build(deps): bump github.com/mattn/go-sqlite3 from 1.14.6 to 1.14.7
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.6...v1.14.7)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-04-15 06:57:54 +00:00 |
|
dependabot[bot]
|
8fbbd4cec9
|
build(deps): bump alpine from 3.13.4 to 3.13.5
Bumps alpine from 3.13.4 to 3.13.5.
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-04-15 06:53:00 +00:00 |
|
Márk Sági-Kazár
|
b79d9a84bc
|
Merge pull request #2072 from dexidp/dependency-updates
Update dependencies
|
2021-04-08 17:50:52 +02:00 |
|
Mark Sagi-Kazar
|
03db309337
|
chore(deps): update dependencies
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
|
2021-04-07 14:45:53 +02:00 |
|
Márk Sági-Kazár
|
c7549cce5b
|
Merge pull request #2071 from dexidp/dependabot/go_modules/github.com/go-ldap/ldap/v3-3.3.0
build(deps): bump github.com/go-ldap/ldap/v3 from 3.2.4 to 3.3.0
|
2021-04-06 10:15:37 +02:00 |
|
dependabot[bot]
|
656798c8bd
|
build(deps): bump github.com/go-ldap/ldap/v3 from 3.2.4 to 3.3.0
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.4 to 3.3.0.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.4...v3.3.0)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-04-06 07:01:29 +00:00 |
|
m.nabokikh
|
beb8911cf7
|
chore: add note about units to expire config
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
|
2021-04-02 16:12:43 +04:00 |
|
dependabot[bot]
|
b73c406d21
|
Merge pull request #2069 from dexidp/dependabot/docker/golang-1.16.3-alpine3.13
|
2021-04-02 07:14:55 +00:00 |
|
dependabot[bot]
|
4b924f1d86
|
build(deps): bump golang from 1.16.2-alpine3.13 to 1.16.3-alpine3.13
Bumps golang from 1.16.2-alpine3.13 to 1.16.3-alpine3.13.
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-04-02 06:54:24 +00:00 |
|
dependabot[bot]
|
55352575b8
|
Merge pull request #2066 from dexidp/dependabot/docker/alpine-3.13.4
|
2021-04-01 11:20:38 +00:00 |
|
Márk Sági-Kazár
|
d2eb1b04dc
|
Merge pull request #2067 from dexidp/dependabot/go_modules/github.com/go-sql-driver/mysql-1.6.0
build(deps): bump github.com/go-sql-driver/mysql from 1.5.0 to 1.6.0
|
2021-04-01 13:18:21 +02:00 |
|
dependabot[bot]
|
0f4ad150ce
|
build(deps): bump github.com/go-sql-driver/mysql from 1.5.0 to 1.6.0
Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/go-sql-driver/mysql/releases)
- [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-sql-driver/mysql/compare/v1.5.0...v1.6.0)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-04-01 07:23:52 +00:00 |
|
dependabot[bot]
|
b57c8fa75b
|
build(deps): bump alpine from 3.13.3 to 3.13.4
Bumps alpine from 3.13.3 to 3.13.4.
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-04-01 07:16:05 +00:00 |
|
dependabot[bot]
|
1076081f79
|
Merge pull request #2064 from dexidp/dependabot/docker/alpine-3.13.3
|
2021-03-26 10:41:31 +00:00 |
|
dependabot[bot]
|
f5a29bcdbb
|
build(deps): bump alpine from 3.13.2 to 3.13.3
Bumps alpine from 3.13.2 to 3.13.3.
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-03-26 06:48:52 +00:00 |
|