Márk Sági-Kazár
cdcf7a4694
Update PULL_REQUEST_TEMPLATE.md
2021-05-30 04:00:44 +02:00
Maksim Nabokikh
5d996661ea
Merge pull request #2144 from flant/bump-linter-version
...
Bump golag-ci lint version to 1.40.1
2021-05-27 21:50:23 +04:00
m.nabokikh
4b54433ec2
Bump golag-ci lint version to 1.40.1
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-27 19:27:06 +04:00
Márk Sági-Kazár
95941506f5
Merge pull request #2142 from dexidp/update-etcd
...
chore(deps): update etcd
2021-05-26 17:59:26 +02:00
Mark Sagi-Kazar
8dbd0c6536
chore(deps): update etcd
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-05-26 17:11:04 +02:00
Márk Sági-Kazár
aef61cea8d
Merge pull request #2141 from dexidp/update-gosundheit
...
Update gosundheit
2021-05-26 17:05:40 +02:00
Mark Sagi-Kazar
0bef10ef80
chore(deps): update gosundheit
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-05-26 14:50:35 +02:00
Márk Sági-Kazár
5451188e29
Merge pull request #2124 from dexidp/update-etcd
...
Update etcd to 3.5.0-beta.3
2021-05-26 13:38:40 +02:00
Mark Sagi-Kazar
ca02fc16bd
chore(deps): update etcd
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-05-26 13:16:05 +02:00
dependabot[bot]
4a874cce89
Merge pull request #2130 from dexidp/dependabot/go_modules/google.golang.org/grpc-1.38.0
2021-05-20 12:35:09 +00:00
dependabot[bot]
461c5f687d
build(deps): bump google.golang.org/grpc from 1.37.0 to 1.38.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.37.0 to 1.38.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.37.0...v1.38.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-20 12:14:11 +00:00
dependabot[bot]
4e4dad023c
Merge pull request #2131 from dexidp/dependabot/go_modules/google.golang.org/api-0.47.0
2021-05-20 12:08:43 +00:00
dependabot[bot]
1220017f6c
build(deps): bump google.golang.org/api from 0.46.0 to 0.47.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.46.0 to 0.47.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.46.0...v0.47.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-20 06:20:51 +00:00
Maksim Nabokikh
20875c972e
Discard package "version" ( #2107 )
...
* Discard package "version"
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
* Inject api version
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
* Pass version arg to the dex API
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-18 00:55:24 +02:00
dependabot[bot]
47d029a51b
Merge pull request #2110 from dexidp/dependabot/docker/golang-1.16.4-alpine3.13
2021-05-17 15:47:59 +00:00
Márk Sági-Kazár
18d1f70cee
Merge pull request #1861 from concourse/pr/bcrypt-for-client-secret-sync
...
Use constant time comparison for client secret verification
2021-05-17 17:27:42 +02:00
Rui Yang
fe8085b886
remove client secret encryption option
...
constant time compare for client secret verification will be kept
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-05-17 10:16:50 -04:00
dependabot[bot]
283dd89f4d
Merge pull request #2123 from dexidp/dependabot/go_modules/github.com/lib/pq-1.10.2
2021-05-17 07:41:26 +00:00
dependabot[bot]
c65652ed8f
build(deps): bump github.com/lib/pq from 1.10.1 to 1.10.2
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.1...v1.10.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-17 07:11:13 +00:00
Rui Yang
ecea593ddd
fix a bug in hash comparison function
...
the client secret coming in should be hashed and the one in storage
is the one in plaintext
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-05-14 13:32:27 -04:00
dependabot[bot]
47bdbdb1a2
build(deps): bump golang from 1.16.3-alpine3.13 to 1.16.4-alpine3.13
...
Bumps golang from 1.16.3-alpine3.13 to 1.16.4-alpine3.13.
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-07 06:46:19 +00:00
Maksim Nabokikh
81c4dc7994
Merge pull request #1906 from flant/ent-sqlite
...
feat: Add ent-based sqlite3 storage
2021-05-05 18:19:25 +04:00
Márk Sági-Kazár
ba2cec3f72
Merge pull request #2103 from flant/add-new-maintainer
...
Add @nabokihms to the maintainers list
2021-05-04 21:22:49 +02:00
dependabot[bot]
fcca5f4b4f
Merge pull request #2104 from dexidp/dependabot/go_modules/google.golang.org/api-0.46.0
2021-05-04 09:18:05 +00:00
dependabot[bot]
b1292bd630
build(deps): bump google.golang.org/api from 0.45.0 to 0.46.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.45.0 to 0.46.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.45.0...v0.46.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-04 06:59:24 +00:00
m.nabokikh
8553309db3
Add obsolete tokens, resolve conflicts, bump ent
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-02 12:43:21 +04:00
Márk Sági-Kazár
94a2b3ed87
Merge pull request #2010 from flant/switch-device-token-endpoint-to-token
...
fix: use /token endpoint to get tokens with device flow
2021-05-01 13:24:55 +02:00
m.nabokikh
24fa4def5b
chore: update ent
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-04-30 17:48:16 +04:00
m.nabokikh
2e61860d5a
Add ent autogenerated code
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-04-30 17:47:54 +04:00
m.nabokikh
11859166d0
feat: Add ent-based sqlite3 storage
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-04-30 17:47:54 +04:00
Stephen Augustus
674631c9ab
Merge pull request #2090 from dexidp/security-policy
...
Initial security policy
2021-04-27 20:33:21 -04:00
Márk Sági-Kazár
47b0a2bdf9
Merge pull request #2100 from dexidp/mysql-port
...
Fix MySQL connection to use the provided port
2021-04-28 01:23:41 +02:00
Mark Sagi-Kazar
e2b56d0a09
fix(storage/mysql): add missing port to the address
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-04-27 14:09:21 +02:00
m.nabokikh
4561214ab2
Add @nabokihms to maintainers list
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-04-27 13:11:15 +04:00
dependabot[bot]
afa6f1e03e
Merge pull request #2099 from dexidp/dependabot/go_modules/github.com/felixge/httpsnoop-1.0.2
2021-04-26 09:09:08 +00:00
Mark Sagi-Kazar
df9fc78d2d
ci: run mysql tests on non-standard port
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-04-26 11:01:24 +02:00
Mark Sagi-Kazar
bf8c35ad2d
docs: update readme linking to the security policy
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-04-26 10:59:17 +02:00
Mark Sagi-Kazar
59fcab281e
docs: initial security policy
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-04-26 10:59:15 +02:00
dependabot[bot]
05b61a3d86
build(deps): bump github.com/felixge/httpsnoop from 1.0.1 to 1.0.2
...
Bumps [github.com/felixge/httpsnoop](https://github.com/felixge/httpsnoop ) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/felixge/httpsnoop/releases )
- [Commits](https://github.com/felixge/httpsnoop/compare/v1.0.1...v1.0.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-26 08:50:00 +00:00
Márk Sági-Kazár
551229a986
Merge pull request #1846 from flant/refresh-token-expiration-policy
...
feat: Add refresh token expiration and rotation settings
2021-04-24 11:03:40 +02:00
Márk Sági-Kazár
b1ac799073
Merge pull request #1912 from wellplayedgames/microsoft-prompt-type
...
Support setting the prompt type for the Microsoft connector
2021-04-24 10:58:43 +02:00
dependabot[bot]
31c18e557a
Merge pull request #2094 from dexidp/dependabot/go_modules/github.com/lib/pq-1.10.1
2021-04-22 08:26:07 +00:00
dependabot[bot]
5bc3cb2ad3
build(deps): bump github.com/lib/pq from 1.10.0 to 1.10.1
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.0...v1.10.1 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-22 06:54:28 +00:00
dependabot[bot]
efd9839fd2
Merge pull request #2093 from dexidp/dependabot/go_modules/google.golang.org/api-0.45.0
2021-04-21 10:23:32 +00:00
dependabot[bot]
fa3a4d7f6b
build(deps): bump google.golang.org/api from 0.43.0 to 0.45.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.43.0 to 0.45.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.43.0...v0.45.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-21 06:55:25 +00:00
Márk Sági-Kazár
0b9b588c96
Merge pull request #2089 from flant/remove-go-dev-badge-from-readme
...
chore: remove go dev badge from README
2021-04-17 21:20:47 +02:00
m.nabokikh
026d979073
chore: remove go dev badge from README
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-04-17 10:24:02 +04:00
dependabot[bot]
e4065013a4
Merge pull request #2085 from dexidp/dependabot/docker/alpine-3.13.5
2021-04-15 08:18:38 +00:00
dependabot[bot]
d4a2a362ab
Merge pull request #2086 from dexidp/dependabot/go_modules/github.com/mattn/go-sqlite3-1.14.7
2021-04-15 08:18:07 +00:00
dependabot[bot]
de6d1bea56
build(deps): bump github.com/mattn/go-sqlite3 from 1.14.6 to 1.14.7
...
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3 ) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/mattn/go-sqlite3/releases )
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.6...v1.14.7 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-15 06:57:54 +00:00