V7.5.0
Release Highlights
- 🐛 Several bugs have been squashed
- 🕵️♀️ Vulnerabilities have been addressed
- ⭐️ Added a readiness endpoint to check if the application is ready to receive traffic
- ⭐️ Google Application Default Credentials support (i.e. for running on Google Cloud Platform)
- ⭐ Session cookie support
Important Notes
- This release includes fixes for a number of CVEs, we recommend to upgrade as soon as possible.
Breaking Changes
The following PR introduces a change to how auth routes are evaluated using the flags skip-auth-route/skip-auth-regex. The new behaviour uses the regex you specify to evaluate the full path including query parameters. For more details please read the detailed description #2271
Changes since v7.4.0
- #2028 Update golang.org/x/net to v0.7.0 ato address GHSA-vvpx-j8f3-3w6h (@amrmahdi)
- #2133 Use X-Forwarded-Uri if it exists for pathRegex match (@mzndr)
- #1873 Fix empty users with some OIDC providers (@babs)
- #1882 Make
htpasswd.GetUsersracecondition safe (@babs) - #1883 Ensure v8 manifest variant is set on docker images (@braunsonm)
- #1906 Fix PKCE code verifier generation to never use UTF-8 characters (@braunsonm)
- #1839 Add readiness checks for deeper health checks (@kobim)
- #1927 Fix default scope settings for none oidc providers (@tuunit)
- #1713 Add session cookie support (@t-katsumura @tanuki884)
- #1951 Fix validate URL, check if query string marker (?) or separator (&) needs to be appended (@miguelborges99)
- #1920 Make sure emailClaim is not overriden if userIDClaim is not set (@mdreem)
- #2010 Log the difference between invalid email and not authorized session (@omBratteng)
- #1988 Ensure sign-in page background is uniform throughout the page (@corybolar)
- #2013 Upgrade alpine to version 3.17.2 and library dependencies (@miguelborges99)
- #2047 CVE-2022-41717: DoS in Go net/http may lead to DoS (@miguelborges99)
- #2126 Added support for GKE Workload Identity (@kvanzuijlen)
- #1921 Check jsonpath syntax before interpretation (@eloo-abi)
- #2025 Embed static stylesheets and dependencies (@corybolar)
Contributors
babs, kobim, and 13 other contributors