mirror of
https://github.com/zitadel/oidc.git
synced 2026-01-26 21:29:01 -06:00
df140a781bc36dc84c6aa8830bbfa85b5ccf82aa
729 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
dependabot[bot]
|
df140a781b |
chore(deps): bump codecov/codecov-action from 5.5.0 to 5.5.1 (#799)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.5.0 to 5.5.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v5.5.1</h2> <h2>What's Changed</h2> <ul> <li>build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/codecov/codecov-action/pull/1833">codecov/codecov-action#1833</a></li> <li>build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/codecov/codecov-action/pull/1861">codecov/codecov-action#1861</a></li> <li>Document a <code>codecov-cli</code> version reference example by <a href="https://github.com/webknjaz"><code>@webknjaz</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1774">codecov/codecov-action#1774</a></li> <li>docs: fix typo in README by <a href="https://github.com/datalater"><code>@datalater</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1866">codecov/codecov-action#1866</a></li> <li>fix: update to use local app/ dir by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1872">codecov/codecov-action#1872</a></li> <li>build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/codecov/codecov-action/pull/1867">codecov/codecov-action#1867</a></li> <li>build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/codecov/codecov-action/pull/1868">codecov/codecov-action#1868</a></li> <li>fix: overwrite pr number on fork by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1871">codecov/codecov-action#1871</a></li> <li>chore(release): 5.5.1 by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1873">codecov/codecov-action#1873</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/datalater"><code>@datalater</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1866">codecov/codecov-action#1866</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v5.5.0...v5.5.1">https://github.com/codecov/codecov-action/compare/v5.5.0...v5.5.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p> <blockquote> <h2>v5.5.1</h2> <h3>What's Changed</h3> <ul> <li>fix: overwrite pr number on fork by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1871">codecov/codecov-action#1871</a></li> <li>build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by <code>@app/dependabot</code> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1868">codecov/codecov-action#1868</a></li> <li>build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by <code>@app/dependabot</code> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1867">codecov/codecov-action#1867</a></li> <li>fix: update to use local app/ dir by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1872">codecov/codecov-action#1872</a></li> <li>docs: fix typo in README by <a href="https://github.com/datalater"><code>@datalater</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1866">codecov/codecov-action#1866</a></li> <li>Document a <code>codecov-cli</code> version reference example by <a href="https://github.com/webknjaz"><code>@webknjaz</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1774">codecov/codecov-action#1774</a></li> <li>build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by <code>@app/dependabot</code> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1861">codecov/codecov-action#1861</a></li> <li>build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by <code>@app/dependabot</code> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1833">codecov/codecov-action#1833</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1">https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
1d0e340190 |
chore(deps): bump golang.org/x/text from 0.28.0 to 0.29.0 (#797)
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.28.0 to 0.29.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
60fd782966 |
chore(deps): bump golang.org/x/oauth2 from 0.30.0 to 0.31.0 (#796)
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.30.0 to 0.31.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Tim Möhlmann
|
c85da539c0 |
chore(go): add support for 1.25 (#798)
- Add Go 1.25 to the test matrix - Oldest supported Go version is now 1.24, as required for https://github.com/zitadel/oidc/pull/796 - Fix non-constant format string build errors ### Definition of Ready - [x] I am happy with the code - [x] Short description of the feature/issue is added in the pr description - [x] PR is linked to the corresponding user story - [x] Acceptance criteria are met - [x] All open todos and follow ups are defined in a new ticket and justified - [x] Deviations from the acceptance criteria and design are agreed with the PO and documented. - [x] No debug or dead code - [x] My code has no repetitions - [x] Critical parts are tested automatically - [x] Where possible E2E tests are implemented - [x] Documentation/examples are up-to-date - [x] All non-functional requirements are met - [x] Functionality of the acceptance criteria is checked manually on the dev system. |
||
|
dependabot[bot]
|
de1a600893 |
chore(deps): bump cycjimmy/semantic-release-action from 4 to 5 (#795)
Bumps [cycjimmy/semantic-release-action](https://github.com/cycjimmy/semantic-release-action) from 4 to 5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cycjimmy/semantic-release-action/releases">cycjimmy/semantic-release-action's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h1><a href="https://github.com/cycjimmy/semantic-release-action/compare/v4.2.2...v5.0.0">5.0.0</a> (2025-08-30)</h1> <h3>Features</h3> <ul> <li>update node version on runner to 24 (<a href=" |
||
|
dependabot[bot]
|
98378b0b16 |
chore(deps): bump go.opentelemetry.io/otel/trace from 1.37.0 to 1.38.0 (#793)
Bumps [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) from 1.37.0 to 1.38.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md">go.opentelemetry.io/otel/trace's changelog</a>.</em></p> <blockquote> <h2>[1.38.0/0.60.0/0.14.0/0.0.13] 2025-08-29</h2> <p>This release is the last to support [Go 1.23]. The next release will require at least [Go 1.24].</p> <h3>Added</h3> <ul> <li>Add native histogram exemplar support in <code>go.opentelemetry.io/otel/exporters/prometheus</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6772">#6772</a>)</li> <li>Add template attribute functions to the <code>go.opentelmetry.io/otel/semconv/v1.34.0</code> package. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6939">#6939</a>) <ul> <li><code>ContainerLabel</code></li> <li><code>DBOperationParameter</code></li> <li><code>DBSystemParameter</code></li> <li><code>HTTPRequestHeader</code></li> <li><code>HTTPResponseHeader</code></li> <li><code>K8SCronJobAnnotation</code></li> <li><code>K8SCronJobLabel</code></li> <li><code>K8SDaemonSetAnnotation</code></li> <li><code>K8SDaemonSetLabel</code></li> <li><code>K8SDeploymentAnnotation</code></li> <li><code>K8SDeploymentLabel</code></li> <li><code>K8SJobAnnotation</code></li> <li><code>K8SJobLabel</code></li> <li><code>K8SNamespaceAnnotation</code></li> <li><code>K8SNamespaceLabel</code></li> <li><code>K8SNodeAnnotation</code></li> <li><code>K8SNodeLabel</code></li> <li><code>K8SPodAnnotation</code></li> <li><code>K8SPodLabel</code></li> <li><code>K8SReplicaSetAnnotation</code></li> <li><code>K8SReplicaSetLabel</code></li> <li><code>K8SStatefulSetAnnotation</code></li> <li><code>K8SStatefulSetLabel</code></li> <li><code>ProcessEnvironmentVariable</code></li> <li><code>RPCConnectRPCRequestMetadata</code></li> <li><code>RPCConnectRPCResponseMetadata</code></li> <li><code>RPCGRPCRequestMetadata</code></li> <li><code>RPCGRPCResponseMetadata</code></li> </ul> </li> <li>Add <code>ErrorType</code> attribute helper function to the <code>go.opentelmetry.io/otel/semconv/v1.34.0</code> package. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6962">#6962</a>)</li> <li>Add <code>WithAllowKeyDuplication</code> in <code>go.opentelemetry.io/otel/sdk/log</code> which can be used to disable deduplication for log records. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6968">#6968</a>)</li> <li>Add <code>WithCardinalityLimit</code> option to configure the cardinality limit in <code>go.opentelemetry.io/otel/sdk/metric</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6996">#6996</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7065">#7065</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7081">#7081</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7164">#7164</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7165">#7165</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7179">#7179</a>)</li> <li>Add <code>Clone</code> method to <code>Record</code> in <code>go.opentelemetry.io/otel/log</code> that returns a copy of the record with no shared state. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7001">#7001</a>)</li> <li>Add experimental self-observability span and batch span processor metrics in <code>go.opentelemetry.io/otel/sdk/trace</code>. Check the <code>go.opentelemetry.io/otel/sdk/trace/internal/x</code> package documentation for more information. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7027">#7027</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6393">#6393</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7209">#7209</a>)</li> <li>The <code>go.opentelemetry.io/otel/semconv/v1.36.0</code> package. The package contains semantic conventions from the <code>v1.36.0</code> version of the OpenTelemetry Semantic Conventions. See the <a href="https://github.com/open-telemetry/opentelemetry-go/blob/main/semconv/v1.36.0/MIGRATION.md">migration documentation</a> for information on how to upgrade from <code>go.opentelemetry.io/otel/semconv/v1.34.0.</code>(<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7032">#7032</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7041">#7041</a>)</li> <li>Add support for configuring Prometheus name translation using <code>WithTranslationStrategy</code> option in <code>go.opentelemetry.io/otel/exporters/prometheus</code>. The current default translation strategy when UTF-8 mode is enabled is <code>NoUTF8EscapingWithSuffixes</code>, but a future release will change the default strategy to <code>UnderscoreEscapingWithSuffixes</code> for compliance with the specification. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7111">#7111</a>)</li> <li>Add experimental self-observability log metrics in <code>go.opentelemetry.io/otel/sdk/log</code>. Check the <code>go.opentelemetry.io/otel/sdk/log/internal/x</code> package documentation for more information. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7121">#7121</a>)</li> <li>Add experimental self-observability trace exporter metrics in <code>go.opentelemetry.io/otel/exporters/stdout/stdouttrace</code>.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
044894f686 |
chore(deps): bump github.com/go-chi/chi/v5 from 5.2.2 to 5.2.3 (#790)
Bumps [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) from 5.2.2 to 5.2.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-chi/chi/releases">github.com/go-chi/chi/v5's releases</a>.</em></p> <blockquote> <h2>v5.2.3</h2> <h2>What's Changed</h2> <ul> <li>Add pathvalue example to README and implement PathValue handler. by <a href="https://github.com/catatsuy"><code>@catatsuy</code></a> in <a href="https://redirect.github.com/go-chi/chi/pull/985">go-chi/chi#985</a></li> <li>Allow multiple whitespace between method & pattern by <a href="https://github.com/JRaspass"><code>@JRaspass</code></a> in <a href="https://redirect.github.com/go-chi/chi/pull/1013">go-chi/chi#1013</a></li> <li>Avoid potential nil dereference by <a href="https://github.com/ProjectMutilation"><code>@ProjectMutilation</code></a> in <a href="https://redirect.github.com/go-chi/chi/pull/1008">go-chi/chi#1008</a></li> <li>feat(mux): support http.Request.Pattern in Go 1.23 by <a href="https://github.com/Gusted"><code>@Gusted</code></a> in <a href="https://redirect.github.com/go-chi/chi/pull/986">go-chi/chi#986</a></li> <li>fix/608 - Fix flaky Throttle middleware test by synchronizing token usage by <a href="https://github.com/OtavioBernardes"><code>@OtavioBernardes</code></a> in <a href="https://redirect.github.com/go-chi/chi/pull/1016">go-chi/chi#1016</a></li> <li>Optimize throttle middleware by avoiding unnecessary timer creation by <a href="https://github.com/vasayxtx"><code>@vasayxtx</code></a> in <a href="https://redirect.github.com/go-chi/chi/pull/1011">go-chi/chi#1011</a></li> <li>Simplify wildcard replacement in route patterns by <a href="https://github.com/srpvpn"><code>@srpvpn</code></a> in <a href="https://redirect.github.com/go-chi/chi/pull/1012">go-chi/chi#1012</a></li> <li>Replace methodTypString func with reverseMethodMap by <a href="https://github.com/JRaspass"><code>@JRaspass</code></a> in <a href="https://redirect.github.com/go-chi/chi/pull/1018">go-chi/chi#1018</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ProjectMutilation"><code>@ProjectMutilation</code></a> made their first contribution in <a href="https://redirect.github.com/go-chi/chi/pull/1008">go-chi/chi#1008</a></li> <li><a href="https://github.com/Gusted"><code>@Gusted</code></a> made their first contribution in <a href="https://redirect.github.com/go-chi/chi/pull/986">go-chi/chi#986</a></li> <li><a href="https://github.com/OtavioBernardes"><code>@OtavioBernardes</code></a> made their first contribution in <a href="https://redirect.github.com/go-chi/chi/pull/1016">go-chi/chi#1016</a></li> <li><a href="https://github.com/srpvpn"><code>@srpvpn</code></a> made their first contribution in <a href="https://redirect.github.com/go-chi/chi/pull/1012">go-chi/chi#1012</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-chi/chi/compare/v5.2.2...v5.2.3">https://github.com/go-chi/chi/compare/v5.2.2...v5.2.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
200cec7e81 |
chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1 (#789)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.11.0 to 1.11.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/stretchr/testify/releases">github.com/stretchr/testify's releases</a>.</em></p> <blockquote> <h2>v1.11.1</h2> <p>This release fixes <a href="https://redirect.github.com/stretchr/testify/issues/1785">#1785</a> introduced in v1.11.0 where expected argument values implementing the stringer interface (<code>String() string</code>) with a method which mutates their value, when passed to mock.Mock.On (<code>m.On("Method", <expected>).Return()</code>) or actual argument values passed to mock.Mock.Called may no longer match one another where they previously did match. The behaviour prior to v1.11.0 where the stringer is always called is restored. Future testify releases may not call the stringer method at all in this case.</p> <h2>What's Changed</h2> <ul> <li>Backport <a href="https://redirect.github.com/stretchr/testify/issues/1786">#1786</a> to release/1.11: mock: revert to pre-v1.11.0 argument matching behavior for mutating stringers by <a href="https://github.com/brackendawson"><code>@brackendawson</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1788">stretchr/testify#1788</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/stretchr/testify/compare/v1.11.0...v1.11.1">https://github.com/stretchr/testify/compare/v1.11.0...v1.11.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
b22db5e4c0 |
chore(deps): bump codecov/codecov-action from 5.4.3 to 5.5.0 (#788)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.4.3 to 5.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v5.5.0</h2> <h2>What's Changed</h2> <ul> <li>build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/codecov/codecov-action/pull/1829">codecov/codecov-action#1829</a></li> <li>docs: Refine OIDC docs by <a href="https://github.com/spalmurray"><code>@spalmurray</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1837">codecov/codecov-action#1837</a></li> <li>fix: Typo in README by <a href="https://github.com/spalmurray"><code>@spalmurray</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1838">codecov/codecov-action#1838</a></li> <li>fix: check reqs exist by <a href="https://github.com/joseph-sentry"><code>@joseph-sentry</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1835">codecov/codecov-action#1835</a></li> <li>Pin actions/github-script by Git SHA by <a href="https://github.com/martincostello"><code>@martincostello</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1859">codecov/codecov-action#1859</a></li> <li>feat: upgrade wrapper to 0.2.4 by <a href="https://github.com/jviall"><code>@jviall</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1864">codecov/codecov-action#1864</a></li> <li>chore(release): 5.5.0 by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1865">codecov/codecov-action#1865</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/spalmurray"><code>@spalmurray</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1837">codecov/codecov-action#1837</a></li> <li><a href="https://github.com/martincostello"><code>@martincostello</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1859">codecov/codecov-action#1859</a></li> <li><a href="https://github.com/jviall"><code>@jviall</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1864">codecov/codecov-action#1864</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v5.4.3...v5.5.0">https://github.com/codecov/codecov-action/compare/v5.4.3...v5.5.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p> <blockquote> <h2>v5.5.0</h2> <h3>What's Changed</h3> <ul> <li>feat: upgrade wrapper to 0.2.4 by <a href="https://github.com/jviall"><code>@jviall</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1864">codecov/codecov-action#1864</a></li> <li>Pin actions/github-script by Git SHA by <a href="https://github.com/martincostello"><code>@martincostello</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1859">codecov/codecov-action#1859</a></li> <li>fix: check reqs exist by <a href="https://github.com/joseph-sentry"><code>@joseph-sentry</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1835">codecov/codecov-action#1835</a></li> <li>fix: Typo in README by <a href="https://github.com/spalmurray"><code>@spalmurray</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1838">codecov/codecov-action#1838</a></li> <li>docs: Refine OIDC docs by <a href="https://github.com/spalmurray"><code>@spalmurray</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1837">codecov/codecov-action#1837</a></li> <li>build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by <code>@app/dependabot</code> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1829">codecov/codecov-action#1829</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0">https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
08502788af |
chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 (#787)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.10.0 to 1.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/stretchr/testify/releases">github.com/stretchr/testify's releases</a>.</em></p> <blockquote> <h2>v1.11.0</h2> <h2>What's Changed</h2> <h3>Functional Changes</h3> <p>v1.11.0 Includes a number of performance improvements.</p> <ul> <li>Call stack perf change for CallerInfo by <a href="https://github.com/mikeauclair"><code>@mikeauclair</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1614">stretchr/testify#1614</a></li> <li>Lazily render mock diff output on successful match by <a href="https://github.com/mikeauclair"><code>@mikeauclair</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1615">stretchr/testify#1615</a></li> <li>assert: check early in Eventually, EventuallyWithT, and Never by <a href="https://github.com/cszczepaniak"><code>@cszczepaniak</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1427">stretchr/testify#1427</a></li> <li>assert: add IsNotType by <a href="https://github.com/bartventer"><code>@bartventer</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1730">stretchr/testify#1730</a></li> <li>assert.JSONEq: shortcut if same strings by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1754">stretchr/testify#1754</a></li> <li>assert.YAMLEq: shortcut if same strings by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1755">stretchr/testify#1755</a></li> <li>assert: faster and simpler isEmpty using reflect.Value.IsZero by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1761">stretchr/testify#1761</a></li> <li>suite: faster methods filtering (internal refactor) by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1758">stretchr/testify#1758</a></li> </ul> <h3>Fixes</h3> <ul> <li>assert.ErrorAs: log target type by <a href="https://github.com/craig65535"><code>@craig65535</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1345">stretchr/testify#1345</a></li> <li>Fix failure message formatting for Positive and Negative asserts in <a href="https://redirect.github.com/stretchr/testify/pull/1062">stretchr/testify#1062</a></li> <li>Improve ErrorIs message when error is nil but an error was expected by <a href="https://github.com/tsioftas"><code>@tsioftas</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1681">stretchr/testify#1681</a></li> <li>fix Subset/NotSubset when calling with mixed input types by <a href="https://github.com/siliconbrain"><code>@siliconbrain</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1729">stretchr/testify#1729</a></li> <li>Improve ErrorAs failure message when error is nil by <a href="https://github.com/ccoVeille"><code>@ccoVeille</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1734">stretchr/testify#1734</a></li> <li>mock.AssertNumberOfCalls: improve error msg by <a href="https://github.com/3scalation"><code>@3scalation</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1743">stretchr/testify#1743</a></li> </ul> <h3>Documentation, Build & CI</h3> <ul> <li>docs: Fix typo in README by <a href="https://github.com/alexandear"><code>@alexandear</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1688">stretchr/testify#1688</a></li> <li>Replace deprecated io/ioutil with io and os by <a href="https://github.com/alexandear"><code>@alexandear</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1684">stretchr/testify#1684</a></li> <li>Document consequences of calling t.FailNow() by <a href="https://github.com/greg0ire"><code>@greg0ire</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1710">stretchr/testify#1710</a></li> <li>chore: update docs for Unset <a href="https://redirect.github.com/stretchr/testify/issues/1621">#1621</a> by <a href="https://github.com/techfg"><code>@techfg</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1709">stretchr/testify#1709</a></li> <li>README: apply gofmt to examples by <a href="https://github.com/alexandear"><code>@alexandear</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1687">stretchr/testify#1687</a></li> <li>refactor: use %q and %T to simplify fmt.Sprintf by <a href="https://github.com/alexandear"><code>@alexandear</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1674">stretchr/testify#1674</a></li> <li>Propose Christophe Colombier (ccoVeille) as approver by <a href="https://github.com/brackendawson"><code>@brackendawson</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1716">stretchr/testify#1716</a></li> <li>Update documentation for the Error function in assert or require package by <a href="https://github.com/architagr"><code>@architagr</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1675">stretchr/testify#1675</a></li> <li>assert: remove deprecated build constraints by <a href="https://github.com/alexandear"><code>@alexandear</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1671">stretchr/testify#1671</a></li> <li>assert: apply gofumpt to internal test suite by <a href="https://github.com/ccoVeille"><code>@ccoVeille</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1739">stretchr/testify#1739</a></li> <li>CI: fix shebang in .ci.*.sh scripts by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1746">stretchr/testify#1746</a></li> <li>assert,require: enable parallel testing on (almost) all top tests by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1747">stretchr/testify#1747</a></li> <li>suite.Passed: add one more status test report by <a href="https://github.com/Ararsa-Derese"><code>@Ararsa-Derese</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1706">stretchr/testify#1706</a></li> <li>Add Helper() method in internal mocks and assert.CollectT by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1423">stretchr/testify#1423</a></li> <li>assert.Same/NotSame: improve usage of Sprintf by <a href="https://github.com/ccoVeille"><code>@ccoVeille</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1742">stretchr/testify#1742</a></li> <li>mock: enable parallel testing on internal testsuite by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1756">stretchr/testify#1756</a></li> <li>suite: cleanup use of 'testing' internals at runtime by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1751">stretchr/testify#1751</a></li> <li>assert: check test failure message for Empty and NotEmpty by <a href="https://github.com/ccoVeille"><code>@ccoVeille</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1745">stretchr/testify#1745</a></li> <li>deps: fix dependency cycle with objx (again) by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1567">stretchr/testify#1567</a></li> <li>assert.Empty: comprehensive doc of "Empty"-ness rules by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1753">stretchr/testify#1753</a></li> <li>doc: improve godoc of top level 'testify' package by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1760">stretchr/testify#1760</a></li> <li>assert.ErrorAs: simplify retrieving the type name by <a href="https://github.com/ccoVeille"><code>@ccoVeille</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1740">stretchr/testify#1740</a></li> <li>assert.EqualValues: improve test coverage to 100% by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1763">stretchr/testify#1763</a></li> <li>suite.Run: simplify running of Setup/TeardownSuite by <a href="https://github.com/renzoarreaza"><code>@renzoarreaza</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1769">stretchr/testify#1769</a></li> <li>assert.CallerInfo: micro optimization by using LastIndexByte by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1767">stretchr/testify#1767</a></li> <li>assert.CallerInfo: micro cleanup by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1768">stretchr/testify#1768</a></li> <li>assert: refactor Test<em>FileExists and Test</em>DirExists tests to enable parallel testing by <a href="https://github.com/dolmen"><code>@dolmen</code></a> in <a href="https://redirect.github.com/stretchr/testify/pull/1766">stretchr/testify#1766</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Livio Spring
|
9efe061b2a |
chore: add limited availability notice to readme (#786)
### Definition of Ready - [ ] I am happy with the code - [ ] Short description of the feature/issue is added in the pr description - [ ] PR is linked to the corresponding user story - [ ] Acceptance criteria are met - [ ] All open todos and follow ups are defined in a new ticket and justified - [ ] Deviations from the acceptance criteria and design are agreed with the PO and documented. - [ ] No debug or dead code - [ ] My code has no repetitions - [ ] Critical parts are tested automatically - [ ] Where possible E2E tests are implemented - [ ] Documentation/examples are up-to-date - [ ] All non-functional requirements are met - [ ] Functionality of the acceptance criteria is checked manually on the dev system. |
||
|
dependabot[bot]
|
e4fc8af0a4 |
chore(deps): bump github.com/bmatcuk/doublestar/v4 from 4.9.0 to 4.9.1 (#780)
Bumps [github.com/bmatcuk/doublestar/v4](https://github.com/bmatcuk/doublestar) from 4.9.0 to 4.9.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bmatcuk/doublestar/releases">github.com/bmatcuk/doublestar/v4's releases</a>.</em></p> <blockquote> <h2>Small Performance Change</h2> <p>This release contains a small change that gives a slight performance increase. Thanks to <a href="https://github.com/jbedard"><code>@jbedard</code></a> for the PR!</p> <h2>What's Changed</h2> <ul> <li>perf: reduce string construction in isZeroLengthPattern by <a href="https://github.com/jbedard"><code>@jbedard</code></a> in <a href="https://redirect.github.com/bmatcuk/doublestar/pull/107">bmatcuk/doublestar#107</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/jbedard"><code>@jbedard</code></a> made their first contribution in <a href="https://redirect.github.com/bmatcuk/doublestar/pull/107">bmatcuk/doublestar#107</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/bmatcuk/doublestar/compare/v4.9.0...v4.9.1">https://github.com/bmatcuk/doublestar/compare/v4.9.0...v4.9.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
b3300325b3 |
chore(deps): bump actions/checkout from 4 to 5 (#783)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> <li>Prepare release v4.3.0 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/motss"><code>@motss</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li><a href="https://github.com/mouismail"><code>@mouismail</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p> <h2>v4.2.2</h2> <h2>What's Changed</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.1...v4.2.2">https://github.com/actions/checkout/compare/v4.2.1...v4.2.2</a></p> <h2>v4.2.1</h2> <h2>What's Changed</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1919">actions/checkout#1919</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.0...v4.2.1">https://github.com/actions/checkout/compare/v4.2.0...v4.2.1</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
337111f703 |
chore(deps): bump golang.org/x/text from 0.27.0 to 0.28.0 (#781)
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.27.0 to
0.28.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="
|
||
|
Ayato
|
5d37097a96 |
chore(op): fix parameter name typo in GetKeyByIDAndClientID (#779)
Fix parameter name typo in `GetKeyByIDAndClientID` ### Definition of Ready - [x] I am happy with the code - [x] Short description of the feature/issue is added in the pr description - [ ] PR is linked to the corresponding user story - [ ] Acceptance criteria are met - [ ] All open todos and follow ups are defined in a new ticket and justified - [ ] Deviations from the acceptance criteria and design are agreed with the PO and documented. - [ ] No debug or dead code - [ ] My code has no repetitions - [ ] Critical parts are tested automatically - [ ] Where possible E2E tests are implemented - [ ] Documentation/examples are up-to-date - [ ] All non-functional requirements are met - [ ] Functionality of the acceptance criteria is checked manually on the dev system. Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com> |
||
|
mqf20
|
3edc81ed9a |
feat: allow setting op.Crypto during provider setup (#778)
Add a `op.WithCrypto` `op.Option` that allows developers to specify their custom `op.Crypto` implementations during setup. If the `op.Option` is used, it will override `op.Config.CryptoKey`. Closes https://github.com/zitadel/oidc/issues/736. ### Definition of Ready - [x] I am happy with the code - [x] Short description of the feature/issue is added in the pr description - [x] PR is linked to the corresponding user story - [ ] Acceptance criteria are met - [ ] All open todos and follow ups are defined in a new ticket and justified - [ ] Deviations from the acceptance criteria and design are agreed with the PO and documented. - [x] No debug or dead code - [ ] My code has no repetitions - [ ] Critical parts are tested automatically - [ ] Where possible E2E tests are implemented - [x] Documentation/examples are up-to-date - [ ] All non-functional requirements are met - [ ] Functionality of the acceptance criteria is checked manually on the dev system. --------- Signed-off-by: mqf20 <mingqingfoo@gmail.com> Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>v3.44.0 |
||
|
Sianao
|
1fb34f3d41 |
fix: add redirect_uri decoded (#775)
### Definition of Ready This PR introduces a redirect_uri decoding step (url.QueryUnescape) in the authorization request validation logic. Libraries such as [golang.org/x/oauth2](https://cs.opensource.google/go/x/oauth2/+/refs/tags/v0.30.0:oauth2.go;l=184) automatically encode the redirect_uri using url.Values.Encode(). This means the incoming URI is percent-encoded (e.g., https%3A%2F%2Fclient.example.com%2Fcallback), and the server must decode it before performing string comparisons. - [x] I am happy with the code - [x] Short description of the feature/issue is added in the pr description - [x] PR is linked to the corresponding user story - [x] Acceptance criteria are met - [x] All open todos and follow ups are defined in a new ticket and justified - [x] Deviations from the acceptance criteria and design are agreed with the PO and documented. - [x] No debug or dead code - [x] My code has no repetitions - [x] Critical parts are tested automatically - [x] Where possible E2E tests are implemented - [x] Documentation/examples are up-to-date - [x] All non-functional requirements are met - [x] Functionality of the acceptance criteria is checked manually on the dev system. Co-authored-by: sianao <me@sianao.site>v3.43.1 |
||
|
Marc Alvarez
|
baf65b9a8c |
chore(op): clarify refresh token parameter names and improve code readability (#756)
### Context
While implementing the Storage interface, I discovered that several
parameter names were misleading:
- Parameters named `refreshTokenID` and `newRefreshTokenID` actually
contain the full token values, not IDs
- This naming inconsistency caused confusion about what values should be
passed/returned
- The example implementations already use the semantically correct names
(`refreshToken`, `newRefreshToken`), creating a mismatch with the
interface definition
## Solution
This PR aligns the interface parameter names with their actual purpose
and with the existing example implementations.
## Changes
1. **Storage interface parameter renames:**
- `TokenRequestByRefreshToken`: `refreshTokenID` → `refreshToken`
- `CreateAccessAndRefreshTokens`: `newRefreshTokenID` →
`newRefreshToken`
2. **Improved code readability in token.go:**
- Made bare returns explicit for better clarity
- Added documentation explaining the token creation flow
- Clarified why `CreateAccessToken` also returns refresh tokens
## Impact
- **Breaking change**: No - these are parameter name changes in the
interface definition only
- **Behavior change**: No - all logic remains unchanged
- **Documentation**: Improved with clearer parameter names and added
explanations
## Testing
- Ran existing tests (some timing-related test failures are pre-existing
and unrelated to these changes)
- Verified example implementations already use the new parameter names
### Definition of Ready
- [X] I am happy with the code
- [X] Short description of the feature/issue is added in the pr
description
- [ ] PR is linked to the corresponding user story
- [ ] Acceptance criteria are met
- [ ] All open todos and follow ups are defined in a new ticket and
justified
- [ ] Deviations from the acceptance criteria and design are agreed with
the PO and documented.
- [X] No debug or dead code
- [X] My code has no repetitions
- [ ] Critical parts are tested automatically
- [ ] Where possible E2E tests are implemented
- [X] Documentation/examples are up-to-date
- [ ] All non-functional requirements are met
- [ ] Functionality of the acceptance criteria is checked manually on
the dev system.
|
||
|
Brian Joerger
|
0d50c9369e |
feat(rp): optional authorized party check (#752)
This PR makes the default Authorized Party check in `rp.VerifyIDToken` optional by adding an options parameter for dynamic verification functions. This check is meant to be an optional validation requirement, so some providers (including GCP) do not adhere to it. See https://github.com/zitadel/oidc/issues/405 for more context. Closes https://github.com/zitadel/oidc/issues/405v3.43.0 |
||
|
dependabot[bot]
|
175edcfbed |
chore(deps): bump go.opentelemetry.io/otel/trace from 1.29.0 to 1.37.0 (#772)
Bumps [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) from 1.29.0 to 1.37.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md">go.opentelemetry.io/otel/trace's changelog</a>.</em></p> <blockquote> <h2>[1.37.0/0.59.0/0.13.0] 2025-06-25</h2> <h3>Added</h3> <ul> <li>The <code>go.opentelemetry.io/otel/semconv/v1.33.0</code> package. The package contains semantic conventions from the <code>v1.33.0</code> version of the OpenTelemetry Semantic Conventions. See the <a href="https://github.com/open-telemetry/opentelemetry-go/blob/main/semconv/v1.33.0/MIGRATION.md">migration documentation</a> for information on how to upgrade from <code>go.opentelemetry.io/otel/semconv/v1.32.0.</code>(<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6799">#6799</a>)</li> <li>The <code>go.opentelemetry.io/otel/semconv/v1.34.0</code> package. The package contains semantic conventions from the <code>v1.34.0</code> version of the OpenTelemetry Semantic Conventions. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6812">#6812</a>)</li> <li>Add metric's schema URL as <code>otel_scope_schema_url</code> label in <code>go.opentelemetry.io/otel/exporters/prometheus</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/5947">#5947</a>)</li> <li>Add metric's scope attributes as <code>otel_scope_[attribute]</code> labels in <code>go.opentelemetry.io/otel/exporters/prometheus</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/5947">#5947</a>)</li> <li>Add <code>EventName</code> to <code>EnabledParameters</code> in <code>go.opentelemetry.io/otel/log</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6825">#6825</a>)</li> <li>Add <code>EventName</code> to <code>EnabledParameters</code> in <code>go.opentelemetry.io/otel/sdk/log</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6825">#6825</a>)</li> <li>Changed handling of <code>go.opentelemetry.io/otel/exporters/prometheus</code> metric renaming to add unit suffixes when it doesn't match one of the pre-defined values in the unit suffix map. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6839">#6839</a>)</li> </ul> <h3>Changed</h3> <ul> <li>The semantic conventions have been upgraded from <code>v1.26.0</code> to <code>v1.34.0</code> in <code>go.opentelemetry.io/otel/bridge/opentracing</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6827">#6827</a>)</li> <li>The semantic conventions have been upgraded from <code>v1.26.0</code> to <code>v1.34.0</code> in <code>go.opentelemetry.io/otel/exporters/zipkin</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6829">#6829</a>)</li> <li>The semantic conventions have been upgraded from <code>v1.26.0</code> to <code>v1.34.0</code> in <code>go.opentelemetry.io/otel/metric</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6832">#6832</a>)</li> <li>The semantic conventions have been upgraded from <code>v1.26.0</code> to <code>v1.34.0</code> in <code>go.opentelemetry.io/otel/sdk/resource</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6834">#6834</a>)</li> <li>The semantic conventions have been upgraded from <code>v1.26.0</code> to <code>v1.34.0</code> in <code>go.opentelemetry.io/otel/sdk/trace</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6835">#6835</a>)</li> <li>The semantic conventions have been upgraded from <code>v1.26.0</code> to <code>v1.34.0</code> in <code>go.opentelemetry.io/otel/trace</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6836">#6836</a>)</li> <li><code>Record.Resource</code> now returns <code>*resource.Resource</code> instead of <code>resource.Resource</code> in <code>go.opentelemetry.io/otel/sdk/log</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6864">#6864</a>)</li> <li>Retry now shows error cause for context timeout in <code>go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc</code>, <code>go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc</code>, <code>go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc</code>, <code>go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp</code>, <code>go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp</code>, <code>go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6898">#6898</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Stop stripping trailing slashes from configured endpoint URL in <code>go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6710">#6710</a>)</li> <li>Stop stripping trailing slashes from configured endpoint URL in <code>go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6710">#6710</a>)</li> <li>Stop stripping trailing slashes from configured endpoint URL in <code>go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6710">#6710</a>)</li> <li>Stop stripping trailing slashes from configured endpoint URL in <code>go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6710">#6710</a>)</li> <li>Validate exponential histogram scale range for Prometheus compatibility in <code>go.opentelemetry.io/otel/exporters/prometheus</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6822">#6822</a>)</li> <li>Context cancellation during metric pipeline produce does not corrupt data in <code>go.opentelemetry.io/otel/sdk/metric</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6914">#6914</a>)</li> </ul> <h3>Removed</h3> <ul> <li><code>go.opentelemetry.io/otel/exporters/prometheus</code> no longer exports <code>otel_scope_info</code> metric. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6770">#6770</a>)</li> </ul> <h2>[0.12.2] 2025-05-22</h2> <h3>Fixed</h3> <ul> <li>Retract <code>v0.12.0</code> release of <code>go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc</code> module that contains invalid dependencies. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6804">#6804</a>)</li> <li>Retract <code>v0.12.0</code> release of <code>go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp</code> module that contains invalid dependencies. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6804">#6804</a>)</li> <li>Retract <code>v0.12.0</code> release of <code>go.opentelemetry.io/otel/exporters/stdout/stdoutlog</code> module that contains invalid dependencies. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/6804">#6804</a>)</li> </ul> <h2>[0.12.1] 2025-05-21</h2> <h3>Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Marco A.
|
dbf1a731a9 |
feat: pass optional logout hint and ui locales to end session request (#774)
### Definition of Ready - [x] I am happy with the code - [x] Short description of the feature/issue is added in the pr description - [x] PR is linked to the corresponding user story - [x] Acceptance criteria are met - [x] All open todos and follow ups are defined in a new ticket and justified - [x] Deviations from the acceptance criteria and design are agreed with the PO and documented. - [x] No debug or dead code - [x] My code has no repetitions - [x] Critical parts are tested automatically - [x] Where possible E2E tests are implemented - [x] Documentation/examples are up-to-date - [x] All non-functional requirements are met - [x] Functionality of the acceptance criteria is checked manually on the dev system. # Context PR https://github.com/zitadel/oidc/pull/754 has introduced the optional logout hint and UI locales to the end session request. However, while working on https://github.com/zitadel/zitadel/pull/10039 , I have noticed that the integration tests on Zitadel side call `relying_party.EndSession()` without the possibility of specifying any logout hint nor ui locales. This PR adds these 2 parameters to `relying_party.EndSession()` function.v3.42.0 |
||
|
dependabot[bot]
|
11614213cc |
chore(deps): bump golang.org/x/text from 0.26.0 to 0.27.0 (#767)
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.26.0 to
0.27.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="
|
||
|
Mark Laing
|
c0d0ba9b0f |
feat: Request aware cookie handling (#753)
* pkg/http: Add `secureCookieFunc` field to CookieHandler. Signed-off-by: Mark Laing <mark.laing@canonical.com> * pkg/http: Add `IsRequestAware` method CookieHandler. Signed-off-by: Mark Laing <mark.laing@canonical.com> * pkg/http: Use `secureCookieFunc` when checking a cookie (if set). Signed-off-by: Mark Laing <mark.laing@canonical.com> * pkg/http: Error on `SetCookie` if cookie handler is request aware. Signed-off-by: Mark Laing <mark.laing@canonical.com> * pkg/http: Add method to set request aware cookies. Signed-off-by: Mark Laing <mark.laing@canonical.com> * pkg/http: Add function to create a new request aware cookie handler. Signed-off-by: Mark Laing <mark.laing@canonical.com> * pkg/client/rp: Update `trySetStateCookie` function signature. Use `SetRequestAwareCookie` if the cookie handle is request aware. This function signature can be updated because it is not exported. Signed-off-by: Mark Laing <mark.laing@canonical.com> * pkg/client/rp: Add `GenerateAndStoreCodeChallengeWithRequest` function. It's not possible to add a `http.Request` argument to `GenerateAndStoreCodeChallenge` as this would be a breaking change. Instead, add a new function that accepts a request argument and call `SetRequestAwareCookie` here. Signed-off-by: Mark Laing <mark.laing@canonical.com> * pkg/client/rp: Update PKCE logic to pass request if required by cookie handler. Signed-off-by: Mark Laing <mark.laing@canonical.com> * pkg/http: Don't set MaxAge if cookie handler is request aware. The securecookie field can be nil. Expect the caller to set max age on the securecookie returned by the secureCookieFunc. Signed-off-by: Mark Laing <mark.laing@canonical.com> * pkg/client: Add integration tests for request aware cookie handling. Adds a new type `cookieSpec` which is accepted as an argument to `RunAuthorizationCodeFlow`. `TestRelyingPartySession` now runs with `wrapServer` true/false and with two cookie handlers, one static and one request aware. The request aware handler extracts encryption keys from a secret using a salt from a "login_id" cookie. Signed-off-by: Mark Laing <mark.laing@canonical.com> --------- Signed-off-by: Mark Laing <mark.laing@canonical.com>v3.41.0 |
||
|
Jan-Otto Kröpke
|
21e830e275 |
feat: exclude OTEL instrumentation via build tag (#770)
* feat: exclude OTEL instrumentation via build tag * add readmev3.40.0 |
||
|
dependabot[bot]
|
d09a952410 |
chore(deps): bump github.com/bmatcuk/doublestar/v4 from 4.8.1 to 4.9.0 (#769)
Bumps [github.com/bmatcuk/doublestar/v4](https://github.com/bmatcuk/doublestar) from 4.8.1 to 4.9.0. - [Release notes](https://github.com/bmatcuk/doublestar/releases) - [Commits](https://github.com/bmatcuk/doublestar/compare/v4.8.1...v4.9.0) --- updated-dependencies: - dependency-name: github.com/bmatcuk/doublestar/v4 dependency-version: 4.9.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Jonathan Yoder
|
71b7500c62 | fix: Omit empty assertion fields in client creds request (#745) v3.39.1 | ||
|
dependabot[bot]
|
3b0ab8f048 |
chore(deps): bump github.com/go-chi/chi/v5 in the go_modules group (#759)
Bumps the go_modules group with 1 update: [github.com/go-chi/chi/v5](https://github.com/go-chi/chi). Updates `github.com/go-chi/chi/v5` from 5.2.1 to 5.2.2 - [Release notes](https://github.com/go-chi/chi/releases) - [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md) - [Commits](https://github.com/go-chi/chi/compare/v5.2.1...v5.2.2) --- updated-dependencies: - dependency-name: github.com/go-chi/chi/v5 dependency-version: 5.2.2 dependency-type: direct:production dependency-group: go_modules ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Fabienne Bühler
|
d6e37fa741 |
Merge pull request #758 from zitadel/hifabienne-patch-1
chore: update issue templates |
||
|
Fabienne Bühler
|
8e1e5174fd | Delete .github/ISSUE_TEMPLATE/proposal.yaml | ||
|
Fabienne Bühler
|
5618487a88 | Update and rename improvement.yaml to enhancement.yaml | ||
|
Fabienne Bühler
|
187878de63 | update docs issue template, add type | ||
|
Fabienne Bühler
|
e127c66db2 | chore: update issue templates | ||
|
dependabot[bot]
|
e1415ef2f3 |
chore(deps): bump golang.org/x/text from 0.25.0 to 0.26.0 (#755)
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.25.0 to 0.26.0. - [Release notes](https://github.com/golang/text/releases) - [Commits](https://github.com/golang/text/compare/v0.25.0...v0.26.0) --- updated-dependencies: - dependency-name: golang.org/x/text dependency-version: 0.26.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Livio Spring
|
f94bd541d7 |
feat: update end session request to pass all params according to specification (#754)
* feat: update end session request to pass all params according to specification * register encoderv3.39.0 |
||
|
dependabot[bot]
|
7d57aaa999 |
chore(deps): bump codecov/codecov-action from 5.4.2 to 5.4.3 (#751)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.4.2 to 5.4.3. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v5.4.2...v5.4.3) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 5.4.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
668fb0d37a |
chore(deps): bump golang.org/x/text from 0.24.0 to 0.25.0 (#742)
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.24.0 to 0.25.0. - [Release notes](https://github.com/golang/text/releases) - [Commits](https://github.com/golang/text/compare/v0.24.0...v0.25.0) --- updated-dependencies: - dependency-name: golang.org/x/text dependency-version: 0.25.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
4ed4d257ab |
chore(deps): bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 (#743)
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.29.0 to 0.30.0. - [Commits](https://github.com/golang/oauth2/compare/v0.29.0...v0.30.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-version: 0.30.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Ayato
|
4f0ed79c0a |
fix(op): Add mitigation for PKCE Downgrade Attack (#741)
* fix(op): Add mitigation for PKCE downgrade attack * chore(op): add test for PKCE verificationv3.38.1 |
||
|
Masahito Osako
|
5913c5a074 |
feat: enhance authentication response handling (#728)
- Introduced CodeResponseType struct to encapsulate response data. - Added handleFormPostResponse and handleRedirectResponse functions to manage different response modes. - Created BuildAuthResponseCodeResponsePayload and BuildAuthResponseCallbackURL functions for better modularity in response generation.v3.38.0 |
||
|
dependabot[bot]
|
b917cdc2e3 |
chore(deps): bump codecov/codecov-action from 5.4.0 to 5.4.2 (#737)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.4.0 to 5.4.2. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v5.4.0...v5.4.2) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 5.4.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
cb3ec3ac5f |
chore(deps): bump golang.org/x/net from 0.36.0 to 0.38.0 (#739)
* chore(deps): bump golang.org/x/net from 0.36.0 to 0.38.0 Bumps [golang.org/x/net](https://github.com/golang/net) from 0.36.0 to 0.38.0. - [Commits](https://github.com/golang/net/compare/v0.36.0...v0.38.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-version: 0.38.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * update runner to ubuntu 24.04 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Livio Spring <livio.a@gmail.com> |
||
|
dependabot[bot]
|
7cc5fb6568 |
chore(deps): bump golang.org/x/text from 0.23.0 to 0.24.0 (#733)
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.23.0 to 0.24.0. - [Release notes](https://github.com/golang/text/releases) - [Commits](https://github.com/golang/text/compare/v0.23.0...v0.24.0) --- updated-dependencies: - dependency-name: golang.org/x/text dependency-version: 0.24.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
92972fd30f |
chore(deps): bump golang.org/x/oauth2 from 0.28.0 to 0.29.0 (#734)
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.28.0 to 0.29.0. - [Commits](https://github.com/golang/oauth2/compare/v0.28.0...v0.29.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-version: 0.29.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> |
||
|
Ayato
|
c51628ea27 |
feat(op): always verify code challenge when available (#721)
Finally the RFC Best Current Practice for OAuth 2.0 Security has been approved. According to the RFC: > Authorization servers MUST support PKCE [RFC7636]. > > If a client sends a valid PKCE code_challenge parameter in the authorization request, the authorization server MUST enforce the correct usage of code_verifier at the token endpoint. Isn’t it time we strengthen PKCE support a bit more? This PR updates the logic so that PKCE is always verified, even when the Auth Method is not "none".v3.37.0 |
||
|
dependabot[bot]
|
7096406e71 |
chore(deps): bump github.com/zitadel/schema from 1.3.0 to 1.3.1 (#731)
Bumps [github.com/zitadel/schema](https://github.com/zitadel/schema) from 1.3.0 to 1.3.1. - [Release notes](https://github.com/zitadel/schema/releases) - [Changelog](https://github.com/zitadel/schema/blob/main/.releaserc.js) - [Commits](https://github.com/zitadel/schema/compare/v1.3.0...v1.3.1) --- updated-dependencies: - dependency-name: github.com/zitadel/schema dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
c91db9e47b |
chore(deps): bump github.com/zitadel/logging from 0.6.1 to 0.6.2 (#730)
Bumps [github.com/zitadel/logging](https://github.com/zitadel/logging) from 0.6.1 to 0.6.2. - [Release notes](https://github.com/zitadel/logging/releases) - [Changelog](https://github.com/zitadel/logging/blob/main/.releaserc.js) - [Commits](https://github.com/zitadel/logging/compare/v0.6.1...v0.6.2) --- updated-dependencies: - dependency-name: github.com/zitadel/logging dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Iraq
|
f648c61cab |
Merge pull request #729 from zitadel/update-go-version
chore: run 'go mod tidy' |
||
|
Iraq Jaber
|
30acdaf63a | chore: run 'go mod tidy' | ||
|
dependabot[bot]
|
aeda5d7178 |
chore(deps): bump golang.org/x/text from 0.22.0 to 0.23.0 (#723)
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.22.0 to 0.23.0. - [Release notes](https://github.com/golang/text/releases) - [Commits](https://github.com/golang/text/compare/v0.22.0...v0.23.0) --- updated-dependencies: - dependency-name: golang.org/x/text dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
f3ee647005 |
chore(deps): bump golang.org/x/net from 0.33.0 to 0.36.0 (#727)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.33.0 to 0.36.0. - [Commits](https://github.com/golang/net/compare/v0.33.0...v0.36.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |