Skip to content

Releases: goauthentik/authentik

Release 2024.8.6

21 Nov 18:39
8ab8090
Compare
Choose a tag to compare

See https://docs.goauthentik.io/docs/releases/2024.8#fixed-in-202486

What's Changed

  • providers/proxy: fix redirect_uri (cherry-pick #12121) by @gcp-cherry-pick-bot in #12126
  • providers/oauth2: fix redirect uri input (cherry-pick #12122) by @gcp-cherry-pick-bot in #12128
  • web: bump API Client version (cherry-pick #12129) by @gcp-cherry-pick-bot in #12131
  • providers/oauth2: fix migration (cherry-pick #12138) by @gcp-cherry-pick-bot in #12140

Full Changelog: version/2024.8.5...version/2024.8.6

Release 2024.8.5

21 Nov 14:37
c99a33b
Compare
Choose a tag to compare

Release 2024.10.4

21 Nov 18:47
527e584
Compare
Choose a tag to compare

See https://docs.goauthentik.io/docs/releases/2024.10#fixed-in-2024104

What's Changed

  • providers/proxy: fix redirect_uri (cherry-pick #12121) by @gcp-cherry-pick-bot in #12125
  • providers/oauth2: fix redirect uri input (cherry-pick #12122) by @gcp-cherry-pick-bot in #12127
  • web: bump API Client version (cherry-pick #12129) by @gcp-cherry-pick-bot in #12130
  • providers/oauth2: fix migration dependencies (cherry-pick #12123) by @gcp-cherry-pick-bot in #12132
  • providers/oauth2: fix migration (cherry-pick #12138) by @gcp-cherry-pick-bot in #12139

Full Changelog: version/2024.10.3...version/2024.10.4

Release 2024.10.3

21 Nov 14:52
a9776a8
Compare
Choose a tag to compare

See https://docs.goauthentik.io/docs/releases/2024.10#fixed-in-2024103

Note that this security release includes backwards incompatible database changes; see https://docs.goauthentik.io/docs/security/cves/CVE-2024-52289#patches

What's Changed

  • providers/ldap: fix global search_full_directory permission not being sufficient (cherry-pick #12028) by @gcp-cherry-pick-bot in #12030
  • rbac: fix incorrect object_description for object-level permissions (cherry-pick #12029) by @gcp-cherry-pick-bot in #12043
  • web/flows: fix invisible captcha call (cherry-pick #12048) by @gcp-cherry-pick-bot in #12049
  • core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link (cherry-pick #12080) by @gcp-cherry-pick-bot in #12081
  • providers/scim: accept string and int for SCIM IDs (cherry-pick #12093) by @gcp-cherry-pick-bot in #12095
  • root: fix activation of locale not being scoped (cherry-pick #12091) by @gcp-cherry-pick-bot in #12096
  • root: check remote IP for proxy protocol same as HTTP/etc (cherry-pick #12094) by @gcp-cherry-pick-bot in #12097
  • website/docs: group CVEs by year (cherry-pick #12099) by @gcp-cherry-pick-bot in #12100
  • internal: add CSP header to files in /media (cherry-pick #12092) by @gcp-cherry-pick-bot in #12108
  • website/docs: add CSP to hardening (cherry-pick #11970) by @gcp-cherry-pick-bot in #12116
  • security: fix CVE 2024 52287 (cherry-pick #12114) by @gcp-cherry-pick-bot in #12117

Full Changelog: version/2024.10.2...version/2024.10.3

Release 2024.10.2

14 Nov 16:37
66a4970
Compare
Choose a tag to compare

See https://docs.goauthentik.io/docs/releases/2024.10#fixed-in-2024102

What's Changed

  • website/docs: fix slug matching redirect URI causing broken refresh (cherry-pick #11950) by @gcp-cherry-pick-bot in #11954
  • stages/password: use recovery flow from brand (cherry-pick #11953) by @gcp-cherry-pick-bot in #11969
  • stages/captcha: Run interactive captcha in Frame (cherry-pick #11857) by @gcp-cherry-pick-bot in #11991
  • blueprints: add default Password policy (cherry-pick #11793) by @gcp-cherry-pick-bot in #11993
  • providers/proxy: fix Issuer when AUTHENTIK_HOST_BROWSER is set (cherry-pick #11968) by @gcp-cherry-pick-bot in #12005
  • crypto: validate that generated certificate's name is unique (cherry-pick #12015) by @gcp-cherry-pick-bot in #12016
  • providers/oauth2: fix manual device code entry (cherry-pick #12017) by @gcp-cherry-pick-bot in #12019
  • core: use versioned_script for path only (cherry-pick #12003) by @gcp-cherry-pick-bot in #12023
  • website/docs: 2024.10.2 release notes (cherry-pick #12025) by @gcp-cherry-pick-bot in #12026

Full Changelog: version/2024.10.1...version/2024.10.2

Release 2024.10.1

05 Nov 17:37
665de8e
Compare
Choose a tag to compare

See https://docs.goauthentik.io/docs/releases/2024.10#fixed-in-2024101

What's Changed

  • website: update supported versions (cherry-pick #11841) by @gcp-cherry-pick-bot in #11872
  • providers/oauth2: fix size limited index for tokens (cherry-pick #11879) by @gcp-cherry-pick-bot in #11905
  • core: add None check to a device's extra_description (cherry-pick #11904) by @gcp-cherry-pick-bot in #11906
  • enterprise/rac: fix API Schema for invalidation_flow (cherry-pick #11907) by @gcp-cherry-pick-bot in #11908
  • website/docs: fix release notes to say Federation (cherry-pick #11889) by @gcp-cherry-pick-bot in #11923
  • website: fix docs redirect (cherry-pick #11873) by @gcp-cherry-pick-bot in #11922
  • website/docs: add info about invalidation flow, default flows in general (cherry-pick #11800) by @gcp-cherry-pick-bot in #11921
  • website: remove RC disclaimer for version 2024.10 (cherry-pick #11871) by @gcp-cherry-pick-bot in #11920
  • website/docs: 2024.10.1 Release Notes (cherry-pick #11926) by @gcp-cherry-pick-bot in #11928

Full Changelog: version/2024.10.0...version/2024.10.1

Release 2024.8.4

30 Oct 19:41
e8b5e4c
Compare
Choose a tag to compare

See https://docs.goauthentik.io/docs/releases/2024.8#fixed-in-202484

What's Changed

  • internal: restore /ping behaviour for embedded outpost (cherry-pick #11568) by @gcp-cherry-pick-bot in #11570
  • core: fix permission check for scoped impersonation (cherry-pick #11603) by @gcp-cherry-pick-bot in #11650
  • blueprints: fix validation error when using internal storage (cherry-pick #11654) by @gcp-cherry-pick-bot in #11656
  • providers/saml: fix incorrect ds:Reference URI (cherry-pick #11699) by @gcp-cherry-pick-bot in #11701
  • providers/oauth2: don't overwrite attributes when updating service acccount (cherry-pick #11709) by @gcp-cherry-pick-bot in #11723
  • web/admin: fix invalid create date shown for MFA registered before date was saved (cherry-pick #11728) by @gcp-cherry-pick-bot in #11729
  • policies/event_matcher: fix inconsistent behaviour (cherry-pick #11724) by @gcp-cherry-pick-bot in #11726
  • web/admin: fix sync single button throwing error (cherry-pick #11727) by @gcp-cherry-pick-bot in #11730
  • providers/scim: add comparison with existing group on update and delta update users (cherry-pick #11414) by @gcp-cherry-pick-bot in #11796
  • providers/scim: clamp batch size for patch requests (cherry-pick #11797) by @gcp-cherry-pick-bot in #11802
  • providers/scim: handle no members in group in consistency check (cherry-pick #11801) by @gcp-cherry-pick-bot in #11812

Full Changelog: version/2024.8.3...version/2024.8.4

Release 2024.10.0

30 Oct 22:10
6ce33ab
Compare
Choose a tag to compare

See https://docs.goauthentik.io/docs/releases/2024.10

What's Changed

  • website/docs: Update social-logins github (cherry-pick #11822) by @gcp-cherry-pick-bot in #11836
  • website/docs: remove � (cherry-pick #11823) by @gcp-cherry-pick-bot in #11835
  • website: 2024.10 Release Notes (cherry-pick #11839) by @gcp-cherry-pick-bot in #11840
  • sources/kerberos: add kiprop to ignored system principals (cherry-pick #11852) by @gcp-cherry-pick-bot in #11853
  • web/admin: fix code-based MFA toggle not working in wizard (cherry-pick #11854) by @gcp-cherry-pick-bot in #11855
  • root: bumpversion 2024.10 by @gergosimonyi in #11865

Full Changelog: version/2024.10.0-rc1...version/2024.10.0

Release 2024.10.0-rc1

28 Oct 16:48
246cae3
Compare
Choose a tag to compare
Release 2024.10.0-rc1 Pre-release
Pre-release

See https://docs.goauthentik.io/docs/releases/2024.10

What's Changed

  • translate: Updates for file web/xliff/en.xlf in zh-Hans by @transifex-integration in #11071
  • translate: Updates for file web/xliff/en.xlf in zh_CN by @transifex-integration in #11070
  • website/docs: prepare release notes for 2024.8 by @BeryJu in #11011
  • web: bump rollup from 4.21.0 to 4.21.1 in /web/sfe by @dependabot in #11083
  • web: bump rollup from 4.21.0 to 4.21.1 in /web by @dependabot in #11082
  • web: bump typescript-eslint from 8.2.0 to 8.3.0 in /web by @dependabot in #11081
  • core: bump twilio from 9.2.3 to 9.2.4 by @dependabot in #11079
  • core: bump watchdog from 4.0.2 to 5.0.0 by @dependabot in #11078
  • core, web: update translations by @authentik-automation in #11076
  • web: bump the rollup group across 1 directory with 3 updates by @dependabot in #11080
  • providers/oauth2: audit_ignore last_login change for generated service account by @BeryJu in #11085
  • web: bump @patternfly/elements from 4.0.0 to 4.0.1 in /web by @dependabot in #11094
  • core: bump pdoc from 14.6.0 to 14.6.1 by @dependabot in #11092
  • core: bump github.com/jellydator/ttlcache/v3 from 3.2.1 to 3.3.0 by @dependabot in #11091
  • website/docs: fix nginx ingress auth-signin example by @diegmonti in #11096
  • website: bump webpack from 5.89.0 to 5.94.0 in /website by @dependabot in #11098
  • web: bump @sentry/browser from 8.26.0 to 8.27.0 in /web in the sentry group across 1 directory by @dependabot in #11093
  • website/docs: a couple of minor rewrite things by @BeryJu in #11099
  • website/docs: add info about external users by @tanberry in #11106
  • website/docs: 2024.8 release notes: reword group sync disable and fix typo by @rissson in #11103
  • enterprise: fix incorrect comparison for latest validity date by @BeryJu in #11109
  • web: bump the swc group across 2 directories with 11 updates by @dependabot in #11115
  • core: bump selenium from 4.23.1 to 4.24.0 by @dependabot in #11114
  • core: bump google-api-python-client from 2.142.0 to 2.143.0 by @dependabot in #11113
  • core: bump importlib-metadata from 8.0.0 to 8.4.0 by @dependabot in #11112
  • ci: fix failing release attestation by @BeryJu in #11107
  • core: bump twisted from 24.3.0 to 24.7.0 by @dependabot in #11119
  • website/integrations: Fix Nextcloud SAML Docs for SLO by @naruyan in #11118
  • web: fix e2e tests to work with latest WebdriverIO and authentik 2024.8 by @kensternberg-authentik in #11105
  • website/docs: fix outdated docs and typos by @gergosimonyi in #11020
  • websites/docs: minor tweaks to rel notes by @tanberry in #11123
  • core: bump ruff from 0.6.2 to 0.6.3 by @dependabot in #11128
  • website: bump prism-react-renderer from 2.3.1 to 2.4.0 in /website by @dependabot in #11127
  • core, web: update translations by @authentik-automation in #11126
  • web: fix dual-select with dynamic selection by @kensternberg-authentik in #11133
  • web: bump rollup from 4.21.1 to 4.21.2 in /web/sfe by @dependabot in #11148
  • web: bump rollup from 4.21.1 to 4.21.2 in /web by @dependabot in #11147
  • web: bump chromedriver from 128.0.0 to 128.0.1 in /tests/wdio by @dependabot in #11146
  • web: bump the swc group across 2 directories with 11 updates by @dependabot in #11145
  • website: bump @types/react from 18.3.4 to 18.3.5 in /website by @dependabot in #11142
  • website: bump postcss from 8.4.41 to 8.4.43 in /website by @dependabot in #11141
  • core: bump deepmerge from 1.1.1 to 2.0 by @dependabot in #11140
  • stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs by @authentik-automation in #11138
  • translate: Updates for file web/xliff/en.xlf in zh-Hans by @transifex-integration in #11137
  • translate: Updates for file web/xliff/en.xlf in zh_CN by @transifex-integration in #11136
  • website: bump postcss from 8.4.43 to 8.4.44 in /website by @dependabot in #11150
  • web: bump the rollup group across 1 directory with 3 updates by @dependabot in #11144
  • website/docs: update immich OAuth Redirect URI by @andrebrait in #11135
  • website/docs: update release notes by @BeryJu in #11151
  • web: bump typescript-eslint from 8.3.0 to 8.4.0 in /web by @dependabot in #11163
  • web: bump mermaid from 11.0.2 to 11.1.0 in /web by @dependabot in #11162
  • web: bump the swc group across 2 directories with 11 updates by @dependabot in #11161
  • web: bump @spotlightjs/spotlight from 2.3.1 to 2.3.2 in /web in the sentry group across 1 directory by @dependabot in #11159
  • core: bump watchdog from 5.0.0 to 5.0.1 by @dependabot in #11158
  • core: bump pytest-django from 4.8.0 to 4.9.0 by @dependabot in #11157
  • core, web: update translations by @authentik-automation in #11156
  • translate: Updates for file locale/en/LC_MESSAGES/django.po in ru by @transifex-integration in #11153
  • root: version 2024.8 backport by @BeryJu in #11166
  • web: bump API Client version by @authentik-automation in #11168
  • web: Adjust Wdio MaxInstances, add Knip by @kensternberg-authentik in #11089
  • providers/ldap: fix migration assuming search group is set by @BeryJu in #11170
  • web/admin: fix error in Outpost creation form by @BeryJu in #11173
  • core: fix change_user_type always requiring usernames by @BeryJu in #11177
  • root: backport s3 storage changes by @BeryJu in #11181
  • web: bump @types/node from 22.5.2 to 22.5.3 in /web by @dependabot in #11195
  • web: bump wireit from 0.14.8 to 0.14.9 in /web by @dependabot in #11194
  • web: bump knip from 5.29.1 to 5.29.2 in /web by @dependabot in #11193
  • web: bump yaml from 2.5.0 to 2.5.1 in /web by @dependabot in #11192
  • web: bump @sentry/browser from 8.27.0 to 8.28.0 in /web in the sentry group across 1 directory by @dependabot in #11191
  • core: bump watchdog from 5.0.1 to 5.0.2 by @dependabot in #11189
  • core: bump django from 5.0.8 to 5.0.9 by @dependabot in #11188
  • core: bump goauthentik.io/api/v3 from 3.2024064.1 to 3.2024080.1 by @dependabot in #11187
  • ci: bump peter-evans/create-pull-request from 6 to 7 by @dependabot in #11186
  • core: bump cryptography from 43.0.0 to 43.0.1 by @dependabot in #11185
  • web/admin: fix misc dual select on different forms by @BeryJu in #11203
  • website/docs: add note about terraform provider by @BeryJu in #11206
  • web/admin: fix missing Sync object button SCIM Provider by @BeryJu in #11211
  • providers/ldap: fix incorrect permission check for search access by @BeryJu in #11217
  • web/admin: improve error handling by @BeryJu in https://github.com/goauthentik/auth...
Read more

Release 2024.8.3

27 Sep 14:43
91d2445
Compare
Choose a tag to compare

See https://docs.goauthentik.io/docs/releases/2024.8#fixed-in-202483

What's Changed

  • events: always use expiry from current tenant for events, not only when creating from HTTP request (cherry-pick #11415) by @gcp-cherry-pick-bot in #11416
  • providers/proxy: fix traefik label generation (cherry-pick #11460) by @gcp-cherry-pick-bot in #11480
  • web/admin: fix Authentication flow being required (cherry-pick #11496) by @gcp-cherry-pick-bot in #11497
  • sources/ldap: fix mapping check, fix debug endpoint (cherry-pick #11442) by @gcp-cherry-pick-bot in #11498
  • sources/ldap: fix ms_ad userAccountControl not checking for lockout (cherry-pick #11532) by @gcp-cherry-pick-bot in #11534
  • security: fix CVE-2024-47077 (cherry-pick #11535) by @gcp-cherry-pick-bot in #11537
  • security: fix CVE-2024-47070 (cherry-pick #11536) by @gcp-cherry-pick-bot in #11539

Full Changelog: version/2024.8.2...version/2024.8.3