From b39c6877bf3d0de3ddf53dc4468b10daafe53dc2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jun 2026 18:13:21 +0200 Subject: [PATCH 01/12] ci: bump AndreKurait/docker-cache from 0.6.0 to 0.7.0 in /.github/actions/setup (#22883) ci: bump AndreKurait/docker-cache in /.github/actions/setup Bumps [AndreKurait/docker-cache](https://github.com/andrekurait/docker-cache) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/andrekurait/docker-cache/releases) - [Changelog](https://github.com/AndreKurait/docker-cache/blob/main/CHANGELOG.md) - [Commits](https://github.com/andrekurait/docker-cache/compare/0fe76702a40db986d9663c24954fc14c6a6031b7...7a3887908bdb97935395833df69b060cfcca0f7f) --- updated-dependencies: - dependency-name: AndreKurait/docker-cache dependency-version: 0.7.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml index b1e4e70250..9c2e768800 100644 --- a/.github/actions/setup/action.yml +++ b/.github/actions/setup/action.yml @@ -79,7 +79,7 @@ runs: go-version-file: "${{ inputs.working-directory }}go.mod" - name: Setup docker cache if: ${{ contains(inputs.dependencies, 'runtime') }} - uses: AndreKurait/docker-cache@0fe76702a40db986d9663c24954fc14c6a6031b7 + uses: AndreKurait/docker-cache@7a3887908bdb97935395833df69b060cfcca0f7f with: key: docker-images-${{ runner.os }}-${{ hashFiles('.github/actions/setup/compose.yml', 'Makefile') }}-${{ inputs.postgresql_version }} - name: Setup dependencies From 8cc4e7eb84adea3e4752f2f960021a83b34262fd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jun 2026 18:13:30 +0200 Subject: [PATCH 02/12] ci: bump github/codeql-action from 4.36.0 to 4.36.1 (#22882) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.0 to 4.36.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/7211b7c8077ea37d8641b6271f6a365a22a5fbfa...87557b9c84dde89fdd9b10e88954ac2f4248e463) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.36.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/qa-codeql.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/qa-codeql.yml b/.github/workflows/qa-codeql.yml index 8504dbda1d..726c696413 100644 --- a/.github/workflows/qa-codeql.yml +++ b/.github/workflows/qa-codeql.yml @@ -28,10 +28,10 @@ jobs: - name: Setup authentik env uses: ./.github/actions/setup - name: Initialize CodeQL - uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 + uses: github/codeql-action/init@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 + uses: github/codeql-action/autobuild@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 + uses: github/codeql-action/analyze@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 From 30ed2e64805396dd638458e5aec2eb17950076a6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jun 2026 18:13:55 +0200 Subject: [PATCH 03/12] core: bump debugpy from 1.8.20 to 1.8.21 (#22880) Bumps [debugpy](https://github.com/microsoft/debugpy) from 1.8.20 to 1.8.21. - [Release notes](https://github.com/microsoft/debugpy/releases) - [Commits](https://github.com/microsoft/debugpy/compare/v1.8.20...v1.8.21) --- updated-dependencies: - dependency-name: debugpy dependency-version: 1.8.21 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pyproject.toml | 2 +- uv.lock | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 31f579b95e..acbe5c6108 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -84,7 +84,7 @@ dev = [ "constructs==10.6.0", "coverage[toml]==7.14.1", "daphne==4.2.1", - "debugpy==1.8.20", + "debugpy==1.8.21", "django-stubs[compatible-mypy]==6.0.5", "djangorestframework-stubs[compatible-mypy]==3.17.0", "drf-jsonschema-serializer==3.0.0", diff --git a/uv.lock b/uv.lock index d6b2339b3e..9998873ff6 100644 --- a/uv.lock +++ b/uv.lock @@ -440,7 +440,7 @@ dev = [ { name = "constructs", specifier = "==10.6.0" }, { name = "coverage", extras = ["toml"], specifier = "==7.14.1" }, { name = "daphne", specifier = "==4.2.1" }, - { name = "debugpy", specifier = "==1.8.20" }, + { name = "debugpy", specifier = "==1.8.21" }, { name = "django-stubs", extras = ["compatible-mypy"], specifier = "==6.0.5" }, { name = "djangorestframework-stubs", extras = ["compatible-mypy"], specifier = "==3.17.0" }, { name = "drf-jsonschema-serializer", specifier = "==3.0.0" }, @@ -1082,15 +1082,15 @@ wheels = [ [[package]] name = "debugpy" -version = "1.8.20" +version = "1.8.21" source = { registry = "https://pypi.org/simple" } -sdist = { url = "https://files.pythonhosted.org/packages/e0/b7/cd8080344452e4874aae67c40d8940e2b4d47b01601a8fd9f44786c757c7/debugpy-1.8.20.tar.gz", hash = "sha256:55bc8701714969f1ab89a6d5f2f3d40c36f91b2cbe2f65d98bf8196f6a6a2c33", size = 1645207, upload-time = "2026-01-29T23:03:28.199Z" } +sdist = { url = "https://files.pythonhosted.org/packages/f2/aa/12037145b7a56eaa5b29b41872f7a21b538e807e13f32c4d3c46e59be084/debugpy-1.8.21.tar.gz", hash = "sha256:a3c53278e84c94e11bd87c53970ec391d1a67396c8b22609fcac576520e611a6", size = 1697577, upload-time = "2026-06-01T19:30:35.156Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/33/2e/f6cb9a8a13f5058f0a20fe09711a7b726232cd5a78c6a7c05b2ec726cff9/debugpy-1.8.20-cp314-cp314-macosx_15_0_universal2.whl", hash = "sha256:9c74df62fc064cd5e5eaca1353a3ef5a5d50da5eb8058fcef63106f7bebe6173", size = 2538066, upload-time = "2026-01-29T23:03:54.999Z" }, - { url = "https://files.pythonhosted.org/packages/c5/56/6ddca50b53624e1ca3ce1d1e49ff22db46c47ea5fb4c0cc5c9b90a616364/debugpy-1.8.20-cp314-cp314-manylinux_2_34_x86_64.whl", hash = "sha256:077a7447589ee9bc1ff0cdf443566d0ecf540ac8aa7333b775ebcb8ce9f4ecad", size = 4269425, upload-time = "2026-01-29T23:03:56.518Z" }, - { url = "https://files.pythonhosted.org/packages/c5/d9/d64199c14a0d4c476df46c82470a3ce45c8d183a6796cfb5e66533b3663c/debugpy-1.8.20-cp314-cp314-win32.whl", hash = "sha256:352036a99dd35053b37b7803f748efc456076f929c6a895556932eaf2d23b07f", size = 5331407, upload-time = "2026-01-29T23:03:58.481Z" }, - { url = "https://files.pythonhosted.org/packages/e0/d9/1f07395b54413432624d61524dfd98c1a7c7827d2abfdb8829ac92638205/debugpy-1.8.20-cp314-cp314-win_amd64.whl", hash = "sha256:a98eec61135465b062846112e5ecf2eebb855305acc1dfbae43b72903b8ab5be", size = 5372521, upload-time = "2026-01-29T23:03:59.864Z" }, - { url = "https://files.pythonhosted.org/packages/e0/c3/7f67dea8ccf8fdcb9c99033bbe3e90b9e7395415843accb81428c441be2d/debugpy-1.8.20-py2.py3-none-any.whl", hash = "sha256:5be9bed9ae3be00665a06acaa48f8329d2b9632f15fd09f6a9a8c8d9907e54d7", size = 5337658, upload-time = "2026-01-29T23:04:17.404Z" }, + { url = "https://files.pythonhosted.org/packages/ce/3d/f4bbb323a548bfab2af3d6b4ffd9bf22636e55956a1285d317a1de643aad/debugpy-1.8.21-cp314-cp314-macosx_15_0_universal2.whl", hash = "sha256:9bb2a685287a2ac9b181cde89edcec64845cb51de7faaa75badb9a698bc24782", size = 2477209, upload-time = "2026-06-01T19:31:04.157Z" }, + { url = "https://files.pythonhosted.org/packages/8c/2d/6e7ec524984a1702777868de49a4c53202bddac2a432a76a093469587750/debugpy-1.8.21-cp314-cp314-manylinux_2_34_x86_64.whl", hash = "sha256:3d6922439bf33fd38a3e2c447869ebc7b97da5cd3d329ff1ef9bc06c4903437e", size = 3927115, upload-time = "2026-06-01T19:31:05.863Z" }, + { url = "https://files.pythonhosted.org/packages/97/47/d1aa6d64005a98a9144647d99306b419396f9ad7bf1d73c119e17a81fb4d/debugpy-1.8.21-cp314-cp314-win32.whl", hash = "sha256:15d4963bd5ffa48f0da0947fd06757fa7621945048a14ad7705431566d3c0e7c", size = 5336724, upload-time = "2026-06-01T19:31:07.711Z" }, + { url = "https://files.pythonhosted.org/packages/5f/67/b905b90d163af11878c1af8abafa4a25206335e112e284e413454543a6da/debugpy-1.8.21-cp314-cp314-win_amd64.whl", hash = "sha256:fe0744a12353406de0ae8ccff0d0a4a666f00801a3db8fd04e7a5f761cd520e8", size = 5373803, upload-time = "2026-06-01T19:31:09.469Z" }, + { url = "https://files.pythonhosted.org/packages/95/51/67e7cf11a53e40694f720457d5b3a1cdaaa3d5a9a633e482f225456b93ff/debugpy-1.8.21-py2.py3-none-any.whl", hash = "sha256:b1e37d333663c8851516a47364ef473da127f9caebe4417e6df6f5825a7e9a92", size = 5352888, upload-time = "2026-06-01T19:31:25.186Z" }, ] [[package]] From 94f67d8cdce21d246180a130192db071789b9938 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jun 2026 18:14:03 +0200 Subject: [PATCH 04/12] web: bump the bundler group across 1 directory with 3 updates (#22881) Bumps the bundler group with 1 update in the /web directory: [@vitest/browser](https://github.com/vitest-dev/vitest/tree/HEAD/packages/browser). Updates `@vitest/browser` from 4.1.7 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/browser) Updates `@vitest/browser-playwright` from 4.1.7 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/browser-playwright) Updates `vitest` from 4.1.7 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest) --- updated-dependencies: - dependency-name: "@vitest/browser" dependency-version: 4.1.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: bundler - dependency-name: "@vitest/browser-playwright" dependency-version: 4.1.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: bundler - dependency-name: vitest dependency-version: 4.1.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: bundler ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- web/package-lock.json | 114 +++++++++++++++++++++--------------------- web/package.json | 2 +- 2 files changed, 58 insertions(+), 58 deletions(-) diff --git a/web/package-lock.json b/web/package-lock.json index 457164da76..e3b6b6f88f 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -59,7 +59,7 @@ "@typescript-eslint/parser": "^8.60.0", "@typescript-eslint/utils": "^8.60.0", "@typescript/native-preview": "^7.0.0-dev.20260510.1", - "@vitest/browser": "^4.1.7", + "@vitest/browser": "^4.1.8", "@vitest/browser-playwright": "^4.1.6", "@webcomponents/webcomponentsjs": "^2.8.0", "base64-js": "^1.5.1", @@ -6587,14 +6587,14 @@ } }, "node_modules/@vitest/browser": { - "version": "4.1.7", - "resolved": "https://registry.npmjs.org/@vitest/browser/-/browser-4.1.7.tgz", - "integrity": "sha512-N2JFGfXoEGVAut+kHeru9dD4BUMq/q5xDvBARNl0tUsly3m5KglLOu8VO/6MkDfOlgxXTycojkt6gBKsuyR+IQ==", + "version": "4.1.8", + "resolved": "https://registry.npmjs.org/@vitest/browser/-/browser-4.1.8.tgz", + "integrity": "sha512-u21VzX07HzlJYpFgkxmjEXar/tG2UqWGgyGG/46SrrPc7rSdCTPw5vuowopO9CIqF8UCUQzDFdbVnNpw6N0BfQ==", "license": "MIT", "dependencies": { "@blazediff/core": "1.9.1", - "@vitest/mocker": "4.1.7", - "@vitest/utils": "4.1.7", + "@vitest/mocker": "4.1.8", + "@vitest/utils": "4.1.8", "magic-string": "^0.30.21", "pngjs": "^7.0.0", "sirv": "^3.0.2", @@ -6605,17 +6605,17 @@ "url": "https://opencollective.com/vitest" }, "peerDependencies": { - "vitest": "4.1.7" + "vitest": "4.1.8" } }, "node_modules/@vitest/browser-playwright": { - "version": "4.1.7", - "resolved": "https://registry.npmjs.org/@vitest/browser-playwright/-/browser-playwright-4.1.7.tgz", - "integrity": "sha512-OlTlJej7YN6VwV7zJJoNeaCsctF+JXpzpZ4oBHUbrQFfIq+0KW2f07rprCLh9N/zRIZ0v4Mchn1QDDmWMUhPKw==", + "version": "4.1.8", + "resolved": "https://registry.npmjs.org/@vitest/browser-playwright/-/browser-playwright-4.1.8.tgz", + "integrity": "sha512-SR7FqgegaexEg73xvf3ArtygXegagMdXnL0EZMpxrWvvhQxvicD/E8p0ib0J91riPRtQUViyh67Xjw3NqvyhVg==", "license": "MIT", "dependencies": { - "@vitest/browser": "^4.1.7", - "@vitest/mocker": "4.1.7", + "@vitest/browser": "^4.1.8", + "@vitest/mocker": "4.1.8", "tinyrainbow": "^3.1.0" }, "funding": { @@ -6623,7 +6623,7 @@ }, "peerDependencies": { "playwright": "*", - "vitest": "4.1.7" + "vitest": "4.1.8" }, "peerDependenciesMeta": { "playwright": { @@ -6695,12 +6695,12 @@ } }, "node_modules/@vitest/mocker": { - "version": "4.1.7", - "resolved": "https://registry.npmjs.org/@vitest/mocker/-/mocker-4.1.7.tgz", - "integrity": "sha512-vY7nuamKgfvpA1Koa3oYIw/k7D6kZnpGyNMZW8loow2bsBYla1TFdqTaXncWdRn4pgwNs+90RhnXhJScDwQeJA==", + "version": "4.1.8", + "resolved": "https://registry.npmjs.org/@vitest/mocker/-/mocker-4.1.8.tgz", + "integrity": "sha512-LEiN/xe4OSIbKe9HQIp5OC24agGD9J5CnmMgsLohVVoOPWL9a2sBoR6VBx43jQZb7Kr1l4RCuyCJzcAa0+dojw==", "license": "MIT", "dependencies": { - "@vitest/spy": "4.1.7", + "@vitest/spy": "4.1.8", "estree-walker": "^3.0.3", "magic-string": "^0.30.21" }, @@ -6721,9 +6721,9 @@ } }, "node_modules/@vitest/pretty-format": { - "version": "4.1.7", - "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.7.tgz", - "integrity": "sha512-umgCarTOYQWIaDMvGDRZij+6b9oVeLIyJzfN+AS88e0ZOU3QTgNNSTtjQOpcvWr3np1N0j4WgZj+sb3oYBDscw==", + "version": "4.1.8", + "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.8.tgz", + "integrity": "sha512-9GasEBxpZ1VYIpqHf/0+YGg121uSNwCKOJqIrTwWP/TB7DmFCiaBpNl3aPZzoLWfWkuqhbH8vJIVobZkvdo2cA==", "license": "MIT", "dependencies": { "tinyrainbow": "^3.1.0" @@ -6733,12 +6733,12 @@ } }, "node_modules/@vitest/runner": { - "version": "4.1.7", - "resolved": "https://registry.npmjs.org/@vitest/runner/-/runner-4.1.7.tgz", - "integrity": "sha512-BapjmAQ2aI78WdMEfeUWivnfVzB+VPGwWRQcJE0OUq7qEeEcBsCSf+0T5iREBNE5nBb4wA5Ya0W6IA+sghdEFw==", + "version": "4.1.8", + "resolved": "https://registry.npmjs.org/@vitest/runner/-/runner-4.1.8.tgz", + "integrity": "sha512-EmVxeBAfMJvycdjd6Hm+RbFBbA9fKvo0Kx37hNpBYoYeavH3RNsBXWDooR1mgD52dCrxIIuP7UotpfiwOikvcg==", "license": "MIT", "dependencies": { - "@vitest/utils": "4.1.7", + "@vitest/utils": "4.1.8", "pathe": "^2.0.3" }, "funding": { @@ -6746,13 +6746,13 @@ } }, "node_modules/@vitest/snapshot": { - "version": "4.1.7", - "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-4.1.7.tgz", - "integrity": "sha512-ZacLzja+TmJeZ1h14xW2FB/WpeimUD3haBXQPyJqxvo8jQTmfeA8zv58mtjN2C7EHXZDYVcVYdYmAxjkWVvKCw==", + "version": "4.1.8", + "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-4.1.8.tgz", + "integrity": "sha512-acfZboRmAIf05DEKcBQy33VXojFJjtUdLyo7oOmV9kebb2xdU01UknNiPuPZoJZQyO7DF0gZdTGTpeAzET9QPQ==", "license": "MIT", "dependencies": { - "@vitest/pretty-format": "4.1.7", - "@vitest/utils": "4.1.7", + "@vitest/pretty-format": "4.1.8", + "@vitest/utils": "4.1.8", "magic-string": "^0.30.21", "pathe": "^2.0.3" }, @@ -6761,21 +6761,21 @@ } }, "node_modules/@vitest/spy": { - "version": "4.1.7", - "resolved": "https://registry.npmjs.org/@vitest/spy/-/spy-4.1.7.tgz", - "integrity": "sha512-kbkI5LMWakyuTIvs6fUJ5qdIVb1XVKsYJAT4OJ938cHMROYMSfmoQdZy0aaAnjbbc8F61vkoTqz/Az+/HiIu5Q==", + "version": "4.1.8", + "resolved": "https://registry.npmjs.org/@vitest/spy/-/spy-4.1.8.tgz", + "integrity": "sha512-6EevtBp6OZOPF7bmz36HrGMeP3txgVSrgebWxHOafDXGkhIzfXK14f8KF6MuFfgXXUeHxmpD3BQxkV00/3s5mA==", "license": "MIT", "funding": { "url": "https://opencollective.com/vitest" } }, "node_modules/@vitest/utils": { - "version": "4.1.7", - "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-4.1.7.tgz", - "integrity": "sha512-T532WBu791cBxJlCl6SO+J14l81DQx6uQHm1bQbmCDY7nqlEIgkza/UFnSBNaUtSf41unldDFjdOBYEQC4b5Hw==", + "version": "4.1.8", + "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-4.1.8.tgz", + "integrity": "sha512-uOJamYALNhfJ6iolExyQM40yIQwDqYnkKtQ5VCiSe17E33H0aQ/u+1GlRuz4LZBk6Mm3sg90G9hEbmEt37C1Zg==", "license": "MIT", "dependencies": { - "@vitest/pretty-format": "4.1.7", + "@vitest/pretty-format": "4.1.8", "convert-source-map": "^2.0.0", "tinyrainbow": "^3.1.0" }, @@ -20256,18 +20256,18 @@ } }, "node_modules/vitest": { - "version": "4.1.7", - "resolved": "https://registry.npmjs.org/vitest/-/vitest-4.1.7.tgz", - "integrity": "sha512-flYyaFd2CgoCoU+0UKt3pxksgC+S02iTDN0n3LtqaMeXsI9SBcdNujc2k0DeFLzUn/0k538yNjOSdwgCqcrwJA==", + "version": "4.1.8", + "resolved": "https://registry.npmjs.org/vitest/-/vitest-4.1.8.tgz", + "integrity": "sha512-flY6ScbCIt9HThs+C5HS7jvGOB560DJtk/Z15IQROTA6zEy49Nh8T/dofWTQL+n3vswqn87sbJNiuqw1SDp5Ig==", "license": "MIT", "dependencies": { - "@vitest/expect": "4.1.7", - "@vitest/mocker": "4.1.7", - "@vitest/pretty-format": "4.1.7", - "@vitest/runner": "4.1.7", - "@vitest/snapshot": "4.1.7", - "@vitest/spy": "4.1.7", - "@vitest/utils": "4.1.7", + "@vitest/expect": "4.1.8", + "@vitest/mocker": "4.1.8", + "@vitest/pretty-format": "4.1.8", + "@vitest/runner": "4.1.8", + "@vitest/snapshot": "4.1.8", + "@vitest/spy": "4.1.8", + "@vitest/utils": "4.1.8", "es-module-lexer": "^2.0.0", "expect-type": "^1.3.0", "magic-string": "^0.30.21", @@ -20295,12 +20295,12 @@ "@edge-runtime/vm": "*", "@opentelemetry/api": "^1.9.0", "@types/node": "^20.0.0 || ^22.0.0 || >=24.0.0", - "@vitest/browser-playwright": "4.1.7", - "@vitest/browser-preview": "4.1.7", - "@vitest/browser-webdriverio": "4.1.7", - "@vitest/coverage-istanbul": "4.1.7", - "@vitest/coverage-v8": "4.1.7", - "@vitest/ui": "4.1.7", + "@vitest/browser-playwright": "4.1.8", + "@vitest/browser-preview": "4.1.8", + "@vitest/browser-webdriverio": "4.1.8", + "@vitest/coverage-istanbul": "4.1.8", + "@vitest/coverage-v8": "4.1.8", + "@vitest/ui": "4.1.8", "happy-dom": "*", "jsdom": "*", "vite": "^6.0.0 || ^7.0.0 || ^8.0.0" @@ -20345,15 +20345,15 @@ } }, "node_modules/vitest/node_modules/@vitest/expect": { - "version": "4.1.7", - "resolved": "https://registry.npmjs.org/@vitest/expect/-/expect-4.1.7.tgz", - "integrity": "sha512-1R+tw0ortHEbZDGMymm+pN7/AFQ/RkFFdtd7EN+VBpynKmLbP8A3rpEXdshBJ7+8hQ9zBJh/i1s0yKNtxAnU7w==", + "version": "4.1.8", + "resolved": "https://registry.npmjs.org/@vitest/expect/-/expect-4.1.8.tgz", + "integrity": "sha512-h3nDO677RDLEGlBxyQ5CW8RlMThSKSRLUePLOx09gNIWRL40edgA1GCZSZgf1W55MFAG6/Sw14KeaAnqv0NKdQ==", "license": "MIT", "dependencies": { "@standard-schema/spec": "^1.1.0", "@types/chai": "^5.2.2", - "@vitest/spy": "4.1.7", - "@vitest/utils": "4.1.7", + "@vitest/spy": "4.1.8", + "@vitest/utils": "4.1.8", "chai": "^6.2.2", "tinyrainbow": "^3.1.0" }, diff --git a/web/package.json b/web/package.json index 409fe71b62..ebbd46c19d 100644 --- a/web/package.json +++ b/web/package.json @@ -134,7 +134,7 @@ "@typescript-eslint/parser": "^8.60.0", "@typescript-eslint/utils": "^8.60.0", "@typescript/native-preview": "^7.0.0-dev.20260510.1", - "@vitest/browser": "^4.1.7", + "@vitest/browser": "^4.1.8", "@vitest/browser-playwright": "^4.1.6", "@webcomponents/webcomponentsjs": "^2.8.0", "base64-js": "^1.5.1", From 703301302d40fa1e252161b6b527e1c1454ed59c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jun 2026 18:16:19 +0200 Subject: [PATCH 05/12] core: bump kubernetes from 36.0.0 to 36.0.2 (#22879) Bumps [kubernetes](https://github.com/kubernetes-client/python) from 36.0.0 to 36.0.2. - [Release notes](https://github.com/kubernetes-client/python/releases) - [Changelog](https://github.com/kubernetes-client/python/blob/v36.0.2/CHANGELOG.md) - [Commits](https://github.com/kubernetes-client/python/compare/v36.0.0...v36.0.2) --- updated-dependencies: - dependency-name: kubernetes dependency-version: 36.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pyproject.toml | 2 +- uv.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index acbe5c6108..f4b100d86d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -41,7 +41,7 @@ dependencies = [ "gunicorn==26.0.0", "jsonpatch==1.33", "jwcrypto==1.5.7", - "kubernetes==36.0.0", + "kubernetes==36.0.2", "ldap3==2.9.1", "lxml==6.1.1", "msgraph-sdk==1.58.0", diff --git a/uv.lock b/uv.lock index 9998873ff6..b5dbe42dca 100644 --- a/uv.lock +++ b/uv.lock @@ -397,7 +397,7 @@ requires-dist = [ { name = "gunicorn", specifier = "==26.0.0" }, { name = "jsonpatch", specifier = "==1.33" }, { name = "jwcrypto", specifier = "==1.5.7" }, - { name = "kubernetes", specifier = "==36.0.0" }, + { name = "kubernetes", specifier = "==36.0.2" }, { name = "ldap3", specifier = "==2.9.1" }, { name = "lxml", specifier = "==6.1.1" }, { name = "msgraph-sdk", specifier = "==1.58.0" }, @@ -2058,7 +2058,7 @@ wheels = [ [[package]] name = "kubernetes" -version = "36.0.0" +version = "36.0.2" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "aiohttp" }, @@ -2072,9 +2072,9 @@ dependencies = [ { name = "urllib3" }, { name = "websocket-client" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/bf/59/dc635e4e9afb3884bc5c57f14fe23783e4c04601aa20b835ac75c41d1625/kubernetes-36.0.0.tar.gz", hash = "sha256:027b606bb8032e6c6464a53236bdd9bd9a94c237e1063bc45a303c25b304ced9", size = 2346728, upload-time = "2026-05-20T20:44:24.28Z" } +sdist = { url = "https://files.pythonhosted.org/packages/2f/57/8b538af5076bc3372949d76f70ba3449bdfe52f9e6488170fa5d4f7cbe70/kubernetes-36.0.2.tar.gz", hash = "sha256:03551fcb49cae1f708f63624041e37403545b7aaed10cbf54e2b01a37a5438e3", size = 2336738, upload-time = "2026-06-01T18:20:30.785Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/cd/d2/6f99ca9c7eb961dfdd45b9643101399a8ee20922c662c362c91e9cc7e832/kubernetes-36.0.0-py2.py3-none-any.whl", hash = "sha256:a766433357ec9f90db7565cccf52e28e7fca40b0ef366c80a6022adbc0ac0425", size = 4660469, upload-time = "2026-05-20T20:44:20.893Z" }, + { url = "https://files.pythonhosted.org/packages/46/2c/5c160dbdef7123f8cc97fd8ece7e0198627a426a2a49614845e9086feb8d/kubernetes-36.0.2-py2.py3-none-any.whl", hash = "sha256:faf9b5241b58de0c4a5069f2a0ffc8ac06fece7215156cd3d3ba081a78a858b6", size = 4617568, upload-time = "2026-06-01T18:20:28.737Z" }, ] [[package]] From 20f1e64509be1b43bfd682f0251eb7a9d0769846 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jun 2026 18:16:46 +0200 Subject: [PATCH 06/12] core: bump google-api-python-client from 2.196.0 to 2.197.0 (#22876) Bumps [google-api-python-client](https://github.com/googleapis/google-api-python-client) from 2.196.0 to 2.197.0. - [Release notes](https://github.com/googleapis/google-api-python-client/releases) - [Commits](https://github.com/googleapis/google-api-python-client/compare/v2.196.0...v2.197.0) --- updated-dependencies: - dependency-name: google-api-python-client dependency-version: 2.197.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pyproject.toml | 2 +- uv.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index f4b100d86d..98045f3a28 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -36,7 +36,7 @@ dependencies = [ "fido2==2.2.0", "geoip2==5.2.0", "geopy==2.4.1", - "google-api-python-client==2.196.0", + "google-api-python-client==2.197.0", "gssapi==1.11.1", "gunicorn==26.0.0", "jsonpatch==1.33", diff --git a/uv.lock b/uv.lock index b5dbe42dca..885ff0168a 100644 --- a/uv.lock +++ b/uv.lock @@ -392,7 +392,7 @@ requires-dist = [ { name = "fido2", specifier = "==2.2.0" }, { name = "geoip2", specifier = "==5.2.0" }, { name = "geopy", specifier = "==2.4.1" }, - { name = "google-api-python-client", specifier = "==2.196.0" }, + { name = "google-api-python-client", specifier = "==2.197.0" }, { name = "gssapi", specifier = "==1.11.1" }, { name = "gunicorn", specifier = "==26.0.0" }, { name = "jsonpatch", specifier = "==1.33" }, @@ -1644,7 +1644,7 @@ wheels = [ [[package]] name = "google-api-python-client" -version = "2.196.0" +version = "2.197.0" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "google-api-core" }, @@ -1653,9 +1653,9 @@ dependencies = [ { name = "httplib2" }, { name = "uritemplate" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/6d/f3/34ef8aca7909675fe327f96c1ed927f0520e7acf68af19157e96acc05e76/google_api_python_client-2.196.0.tar.gz", hash = "sha256:9f335d38f6caaa2747bcf64335ed1a9a19047d53e86538eda6a1b17d37f1743d", size = 14628129, upload-time = "2026-05-06T23:47:35.655Z" } +sdist = { url = "https://files.pythonhosted.org/packages/22/09/081d66357118bd260f8f182cb1b2dd5bd32ca88e3714d7c93896cab946fc/google_api_python_client-2.197.0.tar.gz", hash = "sha256:32e03977eda4a66eafc6ae58dc9ec46426b6025636d5ef019c5703013eddd4e5", size = 14707398, upload-time = "2026-05-28T20:23:12.498Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/99/c7/1817b4edf966d5afcac1c0781ca36d621bc0cb58104c4e7c2a475ab185f7/google_api_python_client-2.196.0-py3-none-any.whl", hash = "sha256:2591e9b47dcb17e4e62a09370aaee3bcf323af8f28ccecdabcd0a42a23ca4db5", size = 15206663, upload-time = "2026-05-06T23:47:32.886Z" }, + { url = "https://files.pythonhosted.org/packages/a0/e5/e9cc221fd75230974d4ef45eb72d2261feca3c110d5554215d516bfe6534/google_api_python_client-2.197.0-py3-none-any.whl", hash = "sha256:0f8b89aa75768161dd4f5092d6bcb386c13236b32e0d9a938c02f71342094d14", size = 15287302, upload-time = "2026-05-28T20:23:09.683Z" }, ] [[package]] From a7fcf3f92b93c69e588b00a43727b486628045d8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jun 2026 18:16:55 +0200 Subject: [PATCH 07/12] core: bump sentry-sdk from 2.60.0 to 2.61.0 (#22875) Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.60.0 to 2.61.0. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-python/compare/2.60.0...2.61.0) --- updated-dependencies: - dependency-name: sentry-sdk dependency-version: 2.61.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pyproject.toml | 2 +- uv.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 98045f3a28..90502505af 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -57,7 +57,7 @@ dependencies = [ "pyyaml==6.0.3", "requests-oauthlib==2.0.0", "scim2-filter-parser==0.7.0", - "sentry-sdk==2.60.0", + "sentry-sdk==2.61.0", "service-identity==24.2.0", "setproctitle==1.3.7", "structlog==25.5.0", diff --git a/uv.lock b/uv.lock index 885ff0168a..48bbddddcf 100644 --- a/uv.lock +++ b/uv.lock @@ -413,7 +413,7 @@ requires-dist = [ { name = "pyyaml", specifier = "==6.0.3" }, { name = "requests-oauthlib", specifier = "==2.0.0" }, { name = "scim2-filter-parser", specifier = "==0.7.0" }, - { name = "sentry-sdk", specifier = "==2.60.0" }, + { name = "sentry-sdk", specifier = "==2.61.0" }, { name = "service-identity", specifier = "==24.2.0" }, { name = "setproctitle", specifier = "==1.3.7" }, { name = "structlog", specifier = "==25.5.0" }, @@ -3380,15 +3380,15 @@ wheels = [ [[package]] name = "sentry-sdk" -version = "2.60.0" +version = "2.61.0" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "certifi" }, { name = "urllib3" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/54/a2/2e6c090db384cc515069f4f85542bd5baf6786852073020ea73d4a76d3ea/sentry_sdk-2.60.0.tar.gz", hash = "sha256:0bd25e54e78ca02d0be512529fa644bbbf9e8470d7b26371294012d4ca93c978", size = 452946, upload-time = "2026-05-13T13:34:52.516Z" } +sdist = { url = "https://files.pythonhosted.org/packages/52/4d/3c66e6045bd2071256b6b6fdcb0cc02b86ce54b2acc2ceac79af8e0efbb5/sentry_sdk-2.61.0.tar.gz", hash = "sha256:1ca9b4bb777eb5be67004edab7eb894f21c6301f1d05ed64966719ad5d1764ce", size = 458510, upload-time = "2026-05-28T09:40:28.917Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/29/41/f2b800b7f12a05dd48c2a6280d4dd812d1425fc66ed3fe3fd99420c41d1a/sentry_sdk-2.60.0-py3-none-any.whl", hash = "sha256:28a536c03291c8bcb363cf35c611b32738ec118ff64d8d6383b096448ac4c803", size = 475616, upload-time = "2026-05-13T13:34:50.259Z" }, + { url = "https://files.pythonhosted.org/packages/21/5a/9794736d5802689c1a48862e6afe6b7f3e86cc37c15d4a84bc0143877dc1/sentry_sdk-2.61.0-py3-none-any.whl", hash = "sha256:ec4d30273909cb1d198e03208b16ee70e2bc5d90a16fd9f1fb2fc6a72e1f03dc", size = 483111, upload-time = "2026-05-28T09:40:27.027Z" }, ] [[package]] From 153cb9ca46a79268b8aefc8c9946a158a78828c0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jun 2026 18:17:40 +0200 Subject: [PATCH 08/12] web: bump @sentry/browser from 10.54.0 to 10.55.0 in /web in the sentry group across 1 directory (#22873) web: bump @sentry/browser in /web in the sentry group across 1 directory Bumps the sentry group with 1 update in the /web directory: [@sentry/browser](https://github.com/getsentry/sentry-javascript). Updates `@sentry/browser` from 10.54.0 to 10.55.0 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-javascript/compare/10.54.0...10.55.0) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-version: 10.55.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: sentry ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- web/package-lock.json | 60 +++++++++++++++++++++---------------------- web/package.json | 2 +- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/web/package-lock.json b/web/package-lock.json index e3b6b6f88f..6ef9240c53 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -44,7 +44,7 @@ "@patternfly/elements": "^4.4.0", "@patternfly/patternfly": "^4.224.2", "@playwright/test": "^1.60.0", - "@sentry/browser": "^10.54.0", + "@sentry/browser": "^10.55.0", "@storybook/addon-docs": "^10.4.1", "@storybook/addon-links": "^10.4.1", "@storybook/web-components": "^10.4.1", @@ -3838,75 +3838,75 @@ "license": "MIT" }, "node_modules/@sentry-internal/browser-utils": { - "version": "10.54.0", - "resolved": "https://registry.npmjs.org/@sentry-internal/browser-utils/-/browser-utils-10.54.0.tgz", - "integrity": "sha512-Cz6NzYFmWJlHh1tvtltKsmLl+1jlseQaPXk18Z0P1g6lXAwhT3aJ99x7vDm4jwCzcJ12qAa8Oga8T3C23Ihijw==", + "version": "10.55.0", + "resolved": "https://registry.npmjs.org/@sentry-internal/browser-utils/-/browser-utils-10.55.0.tgz", + "integrity": "sha512-zUvyBr13EK0evKsSTzwSimRzZ3P9kugS32dLCj3ea5gNN+/DFtU/GsMTdcIQDhusEDraIlH17AGgqJH5gUAv5w==", "license": "MIT", "dependencies": { - "@sentry/core": "10.54.0" + "@sentry/core": "10.55.0" }, "engines": { "node": ">=18" } }, "node_modules/@sentry-internal/feedback": { - "version": "10.54.0", - "resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-10.54.0.tgz", - "integrity": "sha512-14D+TPgi75zogGQ/EWwtIm34FVWP34gso4SfJZRAoHiQrRfd907q8/7MTXNItxi81x79cH9vweu/o55LBml6MA==", + "version": "10.55.0", + "resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-10.55.0.tgz", + "integrity": "sha512-32X9WW1xs5DjCRlp89QJ/PLw4kbTIX6MsBDXN2RBN1nWBjm/2WcwXqO/v/WoIS4W2kTWXcZnQwalLSI22Fp33A==", "license": "MIT", "dependencies": { - "@sentry/core": "10.54.0" + "@sentry/core": "10.55.0" }, "engines": { "node": ">=18" } }, "node_modules/@sentry-internal/replay": { - "version": "10.54.0", - "resolved": "https://registry.npmjs.org/@sentry-internal/replay/-/replay-10.54.0.tgz", - "integrity": "sha512-B7eicNhAomJ7bGihJO7mCw7pZ8FFo/THQgGPo85VR3FaJVCCot20WxVgvhjc7IVBQVlaaxSrnlUFvA+yHjszqQ==", + "version": "10.55.0", + "resolved": "https://registry.npmjs.org/@sentry-internal/replay/-/replay-10.55.0.tgz", + "integrity": "sha512-OkQpANGwYU5UKfwLk6Y+NpESRC8nrLBjawRDLwF6cJ8HpNScOuNNJDEJEGwXHVkJPH0pcIixsH8y0Qfcltq6Xw==", "license": "MIT", "dependencies": { - "@sentry-internal/browser-utils": "10.54.0", - "@sentry/core": "10.54.0" + "@sentry-internal/browser-utils": "10.55.0", + "@sentry/core": "10.55.0" }, "engines": { "node": ">=18" } }, "node_modules/@sentry-internal/replay-canvas": { - "version": "10.54.0", - "resolved": "https://registry.npmjs.org/@sentry-internal/replay-canvas/-/replay-canvas-10.54.0.tgz", - "integrity": "sha512-CGsH019npxnU5cocVDoZKod7JaQtaM6JiR6e2fI8tDwssohJAxP616UQTmoTtBLe3yLG18P4e1BxMxYZFalZEQ==", + "version": "10.55.0", + "resolved": "https://registry.npmjs.org/@sentry-internal/replay-canvas/-/replay-canvas-10.55.0.tgz", + "integrity": "sha512-lu/y7k9cK7FZ/qJpL0fBX4WqK6IFa/+bTPhedEaC5UpzjUNP7BfXt0H+R7q9CHWmp20Ffh/wGfO3j7O+Tv2MAA==", "license": "MIT", "dependencies": { - "@sentry-internal/replay": "10.54.0", - "@sentry/core": "10.54.0" + "@sentry-internal/replay": "10.55.0", + "@sentry/core": "10.55.0" }, "engines": { "node": ">=18" } }, "node_modules/@sentry/browser": { - "version": "10.54.0", - "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-10.54.0.tgz", - "integrity": "sha512-XYuAA2E4Hf6NOJiP3PqczPgBhFUEsEAh+avgxcYTjTwYdr+Nh5XmDxXATr6RxXUvRASTiYN9zNWyK2o9kEDloA==", + "version": "10.55.0", + "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-10.55.0.tgz", + "integrity": "sha512-5n1kxmW1m4j16ZDV9kt+Zo5uafFnKTy7s5YyEcGnC45KnOiO1Gy+QFd3woXns1K5GNxpjF7oOOc6tXgZLuXnQQ==", "license": "MIT", "dependencies": { - "@sentry-internal/browser-utils": "10.54.0", - "@sentry-internal/feedback": "10.54.0", - "@sentry-internal/replay": "10.54.0", - "@sentry-internal/replay-canvas": "10.54.0", - "@sentry/core": "10.54.0" + "@sentry-internal/browser-utils": "10.55.0", + "@sentry-internal/feedback": "10.55.0", + "@sentry-internal/replay": "10.55.0", + "@sentry-internal/replay-canvas": "10.55.0", + "@sentry/core": "10.55.0" }, "engines": { "node": ">=18" } }, "node_modules/@sentry/core": { - "version": "10.54.0", - "resolved": "https://registry.npmjs.org/@sentry/core/-/core-10.54.0.tgz", - "integrity": "sha512-yC/bc8N5ut6vk9X/ugTnIFAbzaSZ2uGoKiHRGzt7VseDIrjXk5ENDJP0m7Rbchuozr41kBv2QB3mPcHUhfB43w==", + "version": "10.55.0", + "resolved": "https://registry.npmjs.org/@sentry/core/-/core-10.55.0.tgz", + "integrity": "sha512-XUyoNtDSYCvgJnoNzlh+YeAXfIPhCRIXbhWqqM3GQ3AFtZICi85lkyfsrwXEl9wzlPGYnU+Eg8F4tOfScx+FcQ==", "license": "MIT", "engines": { "node": ">=18" diff --git a/web/package.json b/web/package.json index ebbd46c19d..2159a0b8f0 100644 --- a/web/package.json +++ b/web/package.json @@ -119,7 +119,7 @@ "@patternfly/elements": "^4.4.0", "@patternfly/patternfly": "^4.224.2", "@playwright/test": "^1.60.0", - "@sentry/browser": "^10.54.0", + "@sentry/browser": "^10.55.0", "@storybook/addon-docs": "^10.4.1", "@storybook/addon-links": "^10.4.1", "@storybook/web-components": "^10.4.1", From 8aaebaf5e669113bc57542f61f959fb2c3fd0de2 Mon Sep 17 00:00:00 2001 From: "Jens L." Date: Fri, 5 Jun 2026 18:20:28 +0200 Subject: [PATCH 09/12] web/admin: fix Docker outpost integration form CA Cert filter (#22863) Signed-off-by: Jens Langhammer --- web/src/admin/outposts/ServiceConnectionDockerForm.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/web/src/admin/outposts/ServiceConnectionDockerForm.ts b/web/src/admin/outposts/ServiceConnectionDockerForm.ts index ce38677660..5a3656a436 100644 --- a/web/src/admin/outposts/ServiceConnectionDockerForm.ts +++ b/web/src/admin/outposts/ServiceConnectionDockerForm.ts @@ -82,6 +82,7 @@ export class ServiceConnectionDockerForm extends ModelForm

${msg( From 82354ceeb01f26651eabd8aa9ada24fc26c22d48 Mon Sep 17 00:00:00 2001 From: Dominic R Date: Fri, 5 Jun 2026 12:25:59 -0400 Subject: [PATCH 10/12] website/docs: Document WebAuthn device restrictions (#22867) * website/docs: document WebAuthn device restrictions Closes: #22230 Agent-thread: https://sdko.org/internal/threads/019e9487-3482-71c1-8f50-0bcef3a89ebb A7k-product: product A7k-product-repo: 2 Co-authored-by: Agent * Apply suggestions from code review Co-authored-by: Dewi Roberts Signed-off-by: Dominic R --------- Signed-off-by: Dominic R Co-authored-by: Agent Co-authored-by: Dewi Roberts --- .../stages/authenticator_validate/index.md | 6 +++++- .../stages/authenticator_webauthn/index.md | 10 +++++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/website/docs/add-secure-apps/flows-stages/stages/authenticator_validate/index.md b/website/docs/add-secure-apps/flows-stages/stages/authenticator_validate/index.md index 55d161c123..def1df69a2 100644 --- a/website/docs/add-secure-apps/flows-stages/stages/authenticator_validate/index.md +++ b/website/docs/add-secure-apps/flows-stages/stages/authenticator_validate/index.md @@ -129,7 +129,11 @@ If the user has multiple compatible authenticators, authentik lets them choose o ### WebAuthn authenticator type restrictions -If you restrict allowed WebAuthn authenticator types, those restrictions only apply to WebAuthn authenticators that authentik knows how to classify. This is useful when you need to limit authentication to specific hardware families or compliance profiles. +**WebAuthn device type restrictions** are an allowlist for already-enrolled WebAuthn authenticators. When no device types are selected, any enrolled WebAuthn authenticator that matches the stage's **Device classes** can be used. When one or more device types are selected, authentik only allows WebAuthn authentication from enrolled devices whose recorded device type matches one of the selected entries. + +The available device-type entries are populated from the [FIDO Alliance Metadata Service](https://fidoalliance.org/metadata/) data and additional AAGUID metadata bundled with the authentik release. This is useful when you need to limit authentication to specific hardware families or compliance profiles. + +These restrictions only apply to WebAuthn devices that have a stored device type. Devices enrolled in authentik 2024.4 or later store this information when the authenticator returns a known AAGUID. Older WebAuthn enrollments or devices without a stored type cannot be matched by this filter. To enforce a device-type policy for enrollment and later authentication, configure the same allowlist on the [WebAuthn / FIDO2 / Passkeys Authenticator setup stage](../authenticator_webauthn/index.md) and have users re-enroll devices that predate stored device types. ### Throttling diff --git a/website/docs/add-secure-apps/flows-stages/stages/authenticator_webauthn/index.md b/website/docs/add-secure-apps/flows-stages/stages/authenticator_webauthn/index.md index bbff6392bc..95413d9368 100644 --- a/website/docs/add-secure-apps/flows-stages/stages/authenticator_webauthn/index.md +++ b/website/docs/add-secure-apps/flows-stages/stages/authenticator_webauthn/index.md @@ -80,4 +80,12 @@ For backward compatibility with older browsers that do not support hints, authen **Prevent duplicate devices** can only be enforced when the authenticator exposes a unique attestation certificate. -If **Device type restrictions** are enabled, authentik can also allow the special built-in type `authentik: Unknown devices` for authenticators whose AAGUID is not otherwise known. +### Device type restrictions + +**Device type restrictions** are an allowlist for WebAuthn registration. When no device types are selected, authentik allows any WebAuthn authenticator that the browser and authenticator can register. When one or more device types are selected, authentik only allows registration when the authenticator returns an AAGUID that matches one of the selected entries. + +The available device-type entries are populated from the [FIDO Alliance Metadata Service](https://fidoalliance.org/metadata/) data and additional AAGUID metadata bundled with the authentik release. This lets you restrict enrollment to specific hardware families or passkey providers listed in that metadata. + +If you select specific device types, newly added metadata entries are not allowed automatically. Review this allowlist after authentik upgrades if your compliance policy should include newly recognized authenticators. + +authentik also includes the special device-type `authentik: Unknown devices`. Select it only when you want to allow authenticators that return an AAGUID that is not present in authentik's device-type metadata. Authenticators that do not return an AAGUID cannot satisfy a device-type restriction. From 0bfe2eb8f54ba3850735eaf78a293ee4d3274411 Mon Sep 17 00:00:00 2001 From: Dominic R Date: Fri, 5 Jun 2026 13:17:24 -0400 Subject: [PATCH 11/12] website/integrations: add Atlantis integration (#22888) * website/integrations: add Atlantis integration Agent-thread: https://sdko.org/internal/thr/ak/019e97d5-438f-7f33-b67d-71502fc6cfb8 A7k-product: product A7k-product-repo: 2 Co-authored-by: Agent * Update website/integrations/infrastructure/atlantis/index.md Co-authored-by: Dewi Roberts Signed-off-by: Dominic R * Update website/integrations/infrastructure/atlantis/index.md Co-authored-by: Dewi Roberts Signed-off-by: Dominic R * Update website/integrations/infrastructure/atlantis/index.md Co-authored-by: Dewi Roberts Signed-off-by: Dominic R --------- Signed-off-by: Dominic R Co-authored-by: Agent Co-authored-by: Dewi Roberts --- .../infrastructure/atlantis/index.md | 82 +++++++++++++++++++ 1 file changed, 82 insertions(+) create mode 100644 website/integrations/infrastructure/atlantis/index.md diff --git a/website/integrations/infrastructure/atlantis/index.md b/website/integrations/infrastructure/atlantis/index.md new file mode 100644 index 0000000000..7dc4571331 --- /dev/null +++ b/website/integrations/infrastructure/atlantis/index.md @@ -0,0 +1,82 @@ +--- +title: Integrate with Atlantis +sidebar_label: Atlantis +support_level: community +--- + +## What is Atlantis? + +> Atlantis is an application for automating Terraform via pull requests. +> +> -- https://www.runatlantis.io + +Atlantis does not provide native SSO for the web UI. Use authentik as a forward auth proxy in front of Atlantis, and allow the Atlantis webhook endpoint to remain reachable by your Git host. + +## Preparation + +The following placeholders are used in this guide: + +- `atlantis.company` is the FQDN of the Atlantis installation. +- `authentik.company` is the FQDN of the authentik installation. + +:::info +This documentation lists only the settings that you need to change from their default values. Be aware that any changes other than those explicitly mentioned in this guide could cause issues accessing your application. +::: + +## authentik configuration + +To support the integration of Atlantis with authentik, you need to create an application/provider pair in authentik. This guide assumes that Atlantis is already deployed behind a reverse proxy that supports authentik forward auth. + +### Create an application and provider in authentik + +1. Log in to authentik as an administrator and open the authentik Admin interface. +2. Navigate to **Applications** > **Applications** and click **New Application** to open the application wizard. + - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. + - **Choose a Provider type**: select **Proxy Provider** as the provider type. + - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations. + - Set **Mode** to **Forward auth (single application)**. + - Set **External host** to `https://atlantis.company`. + - Under **Advanced protocol settings**, set **Unauthenticated Paths** to the following value: + + ```text + ^/events$ + ``` + + - Under **Authentication settings**, disable **Intercept header authentication**. + + - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/bindings-overview/) (policy, group, or user) to manage the listing and access to applications on a user's **Application Dashboard** page. + +3. Click **Submit** to save the new application and provider. + +### Configure proxy outpost + +The proxy provider requires an authentik proxy outpost. If you do not already have a proxy outpost, follow the [outpost documentation](/docs/add-secure-apps/outposts/) to create and deploy one. + +Add the Atlantis application to a proxy outpost that will serve it: + +1. Log in to authentik as an administrator and open the authentik Admin interface. +2. Navigate to **Applications** > **Outposts**. +3. Click the edit icon for the proxy outpost. This can be the built-in **authentik Embedded Outpost** or another proxy outpost. +4. Under **Available Applications**, select the Atlantis application and move it to **Selected Applications**. +5. Click **Update** to save your changes. + +## Atlantis configuration + +No SSO configuration is required in Atlantis. + +Configure your reverse proxy to use the authentik outpost as the forward auth endpoint for `https://atlantis.company`. + +Requests to `/outpost.goauthentik.io` must be routed to the authentik outpost. All other requests, including `/events`, must continue to be routed to Atlantis. + +Set your Git host webhook URL to `https://atlantis.company/events`. The `/events` endpoint is skipped by authentik so that Git host webhooks can reach Atlantis. Atlantis should still validate those webhook requests with its existing webhook secret or webhook authentication settings. + +## Configuration verification + +To verify the login flow, open Atlantis. You should be redirected to authentik before the Atlantis web interface is shown. + +## Resources + +- [Atlantis Docs - Introduction](https://www.runatlantis.io/guide) +- [Atlantis Docs - Configuring Webhooks](https://www.runatlantis.io/docs/configuring-webhooks.html) +- [Atlantis Docs - Webhook Secrets](https://www.runatlantis.io/docs/webhook-secrets) +- [Atlantis Docs - Deployment](https://www.runatlantis.io/docs/deployment.html) From ec4847182d5cd2a65d7be01f4fde8b22fb90b061 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jun 2026 23:09:14 +0200 Subject: [PATCH 12/12] ci: bump taiki-e/install-action from 2.81.1 to 2.81.2 in /.github/actions/setup (#22884) ci: bump taiki-e/install-action in /.github/actions/setup Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action) from 2.81.1 to 2.81.2. - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/e49978b799e49ff429d162b7a30601a569ab6538...6887963ccf37a9ddcd8c5fa4baeb3e1e5fd61fa1) --- updated-dependencies: - dependency-name: taiki-e/install-action dependency-version: 2.81.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml index 9c2e768800..074d6e1031 100644 --- a/.github/actions/setup/action.yml +++ b/.github/actions/setup/action.yml @@ -64,7 +64,7 @@ runs: rustflags: "" - name: Setup rust dependencies if: ${{ contains(inputs.dependencies, 'rust') }} - uses: taiki-e/install-action@e49978b799e49ff429d162b7a30601a569ab6538 # v2 + uses: taiki-e/install-action@6887963ccf37a9ddcd8c5fa4baeb3e1e5fd61fa1 # v2 with: tool: cargo-deny cargo-machete cargo-llvm-cov nextest - name: Setup node (root, web)