de3f5ea3cb
core: align django-channels-postgres psycopg[pool] floor with #22201 ( #22363 )
...
Co-authored-by: Agent (authentik-m-align-django-friendly-wild-grain) <279763771+playpen-agent@users.noreply.github.com >
2026-05-18 15:44:38 +02:00
f6e85f915c
core: bump msgraph-sdk from 1.56.0 to 1.57.0 ( #22379 )
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-05-18 13:42:42 +00:00
fa3c7b8b55
ci: bump actions/create-github-app-token from 3.1.1 to 3.2.0 ( #22381 )
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-05-18 15:39:28 +02:00
ac9374edbf
core: bump types-docker from 7.1.0.20260409 to 7.1.0.20260508 ( #22417 )
...
Bumps [types-docker](https://github.com/python/typeshed ) from 7.1.0.20260409 to 7.1.0.20260508.
- [Commits](https://github.com/python/typeshed/commits )
---
updated-dependencies:
- dependency-name: types-docker
dependency-version: 7.1.0.20260508
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 13:36:03 +02:00
ac5a2b80e9
core: bump types-ldap3 from 2.9.13.20260408 to 2.9.13.20260508 ( #22423 )
...
Bumps [types-ldap3](https://github.com/python/typeshed ) from 2.9.13.20260408 to 2.9.13.20260508.
- [Commits](https://github.com/python/typeshed/commits )
---
updated-dependencies:
- dependency-name: types-ldap3
dependency-version: 2.9.13.20260508
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 13:35:47 +02:00
d4d612ceaa
core: bump types-zxcvbn from 4.5.0.20260408 to 4.5.0.20260508 ( #22418 )
...
Bumps [types-zxcvbn](https://github.com/python/typeshed ) from 4.5.0.20260408 to 4.5.0.20260508.
- [Commits](https://github.com/python/typeshed/commits )
---
updated-dependencies:
- dependency-name: types-zxcvbn
dependency-version: 4.5.0.20260508
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 13:35:36 +02:00
1c82199852
web/table: fetch on first render when already visible ( #22376 )
...
* web/table: fetch on first render when already visible
Tables inside `<ak-modal>` rendered empty until the user clicked the
refresh button. The 2026.5 RC native-`<dialog>` migration taught
`AKModal.updated()` to force `visible = true` on its slotted child, but
`Table.firstUpdated()` was delegating to `#synchronizeRefreshSchedule()`,
which only flushes a *previously deferred* refresh. With visibility
forced on before the first update cycle, no deferred refresh was ever
queued, so the synchronizer no-op'd and nothing fetched.
Switch the first-update hook to call `fetch()` directly. `fetch()`
already handles both states correctly: if the table is visible it
issues the request immediately, and if it isn't it queues the deferred
refresh that the synchronizer flushes when visibility flips on. Beyond
the modal case this also covers any future caller that mounts a Table
already-visible.
Reproduced and verified against the user-library RAC endpoint launcher
(the surface from the beta report). Added a Playwright e2e
(`rac-launch-modal.test.ts`) that seeds a RAC provider + two endpoints
via the API, opens the launcher, and asserts the endpoint rows appear
without a manual refresh — fails on `main`, passes with this change.
A 2026.5 backport will follow as a separate PR.
Co-Authored-By: Agent (authentik-m-triage-rac-proper-shared-lilac) <279763771+playpen-agent@users.noreply.github.com >
* web/test: silence cspell on AK_TEST_BOOTSTRAP_TOKEN fallback
`changeme` in the playpen-specific default for `AK_TEST_BOOTSTRAP_TOKEN`
trips the spellcheck lint job. Add an inline `cspell:ignore` directive
so the fallback can stay (CI sets the env var so the default is only
used locally inside playpen sandboxes).
* Flesh out RAC test coverage.
* Use simple search for applications list.
* Add order.
* Ignore playwright result.
* Remove unused.
* Tidy for test.
* Fix test selectors.
* Fix overlap.
* Defer to connected callback.
* Use consistent Patternfly input outline.
* Clean up labels.
* Only trigger navigation on non-current entries.
* Ensure that selected type is retained.
---------
Co-authored-by: Agent (authentik-m-triage-rac-proper-shared-lilac) <279763771+playpen-agent@users.noreply.github.com >
2026-05-18 11:10:17 +00:00
3836bdb52f
web: bump stylelint from 17.11.0 to 17.11.1 in /web ( #22430 )
...
Bumps [stylelint](https://github.com/stylelint/stylelint ) from 17.11.0 to 17.11.1.
- [Release notes](https://github.com/stylelint/stylelint/releases )
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/stylelint/stylelint/compare/17.11.0...17.11.1 )
---
updated-dependencies:
- dependency-name: stylelint
dependency-version: 17.11.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:50:08 +02:00
831be4c0a8
web: bump @typescript/native-preview from 7.0.0-dev.20260507.1 to 7.0.0-dev.20260510.1 in /web ( #22426 )
...
web: bump @typescript/native-preview in /web
Bumps [@typescript/native-preview](https://github.com/microsoft/typescript-go ) from 7.0.0-dev.20260507.1 to 7.0.0-dev.20260510.1.
- [Changelog](https://github.com/microsoft/typescript-go/blob/main/CHANGES.md )
- [Commits](https://github.com/microsoft/typescript-go/commits )
---
updated-dependencies:
- dependency-name: "@typescript/native-preview"
dependency-version: 7.0.0-dev.20260510.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:49:49 +02:00
7a2aa35f16
web: bump lit from 3.3.2 to 3.3.3 in /web ( #22427 )
...
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit ) from 3.3.2 to 3.3.3.
- [Release notes](https://github.com/lit/lit/releases )
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md )
- [Commits](https://github.com/lit/lit/commits/lit@3.3.3/packages/lit )
---
updated-dependencies:
- dependency-name: lit
dependency-version: 3.3.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:49:40 +02:00
5a7edf4508
web: bump @lit/localize-tools from 0.8.1 to 0.8.2 in /web ( #22428 )
...
Bumps [@lit/localize-tools](https://github.com/lit/lit/tree/HEAD/packages/localize-tools ) from 0.8.1 to 0.8.2.
- [Release notes](https://github.com/lit/lit/releases )
- [Changelog](https://github.com/lit/lit/blob/main/packages/localize-tools/CHANGELOG.md )
- [Commits](https://github.com/lit/lit/commits/@lit/localize-tools@0.8.2/packages/localize-tools )
---
updated-dependencies:
- dependency-name: "@lit/localize-tools"
dependency-version: 0.8.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:49:29 +02:00
d586dc15ba
web: bump dompurify from 3.4.2 to 3.4.3 in /web ( #22429 )
...
Bumps [dompurify](https://github.com/cure53/DOMPurify ) from 3.4.2 to 3.4.3.
- [Release notes](https://github.com/cure53/DOMPurify/releases )
- [Commits](https://github.com/cure53/DOMPurify/compare/3.4.2...3.4.3 )
---
updated-dependencies:
- dependency-name: dompurify
dependency-version: 3.4.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:49:17 +02:00
6cb225f9c8
core: bump types-channels from 4.3.0.20260421 to 4.3.0.20260508 ( #22419 )
...
Bumps [types-channels](https://github.com/python/typeshed ) from 4.3.0.20260421 to 4.3.0.20260508.
- [Commits](https://github.com/python/typeshed/commits )
---
updated-dependencies:
- dependency-name: types-channels
dependency-version: 4.3.0.20260508
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:49:06 +02:00
ec0edc212b
web: bump @codemirror/legacy-modes from 6.5.2 to 6.5.3 in /web ( #22431 )
...
Bumps [@codemirror/legacy-modes](https://github.com/codemirror/legacy-modes ) from 6.5.2 to 6.5.3.
- [Changelog](https://github.com/codemirror/legacy-modes/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codemirror/legacy-modes/commits )
---
updated-dependencies:
- dependency-name: "@codemirror/legacy-modes"
dependency-version: 6.5.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:49:03 +02:00
9b15ce843b
core: bump types-requests from 2.33.0.20260503 to 2.33.0.20260508 ( #22420 )
...
Bumps [types-requests](https://github.com/python/typeshed ) from 2.33.0.20260503 to 2.33.0.20260508.
- [Commits](https://github.com/python/typeshed/commits )
---
updated-dependencies:
- dependency-name: types-requests
dependency-version: 2.33.0.20260508
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:49:01 +02:00
b999a30804
core: bump coverage[toml] from 7.13.5 to 7.14.0 ( #22421 )
...
Bumps [coverage[toml]](https://github.com/coveragepy/coveragepy ) from 7.13.5 to 7.14.0.
- [Release notes](https://github.com/coveragepy/coveragepy/releases )
- [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst )
- [Commits](https://github.com/coveragepy/coveragepy/compare/7.13.5...7.14.0 )
---
updated-dependencies:
- dependency-name: coverage[toml]
dependency-version: 7.14.0
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:48:57 +02:00
b765c89f63
core: bump ruff from 0.15.12 to 0.15.13 ( #22422 )
...
Bumps [ruff](https://github.com/astral-sh/ruff ) from 0.15.12 to 0.15.13.
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.15.12...0.15.13 )
---
updated-dependencies:
- dependency-name: ruff
dependency-version: 0.15.13
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:48:52 +02:00
6767e44879
core: bump types-jwcrypto from 1.5.7.20260409 to 1.5.7.20260508 ( #22424 )
...
Bumps [types-jwcrypto](https://github.com/python/typeshed ) from 1.5.7.20260409 to 1.5.7.20260508.
- [Commits](https://github.com/python/typeshed/commits )
---
updated-dependencies:
- dependency-name: types-jwcrypto
dependency-version: 1.5.7.20260508
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:48:45 +02:00
52108e446a
ci: bump github/codeql-action from 4.35.4 to 4.35.5 ( #22432 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.35.4 to 4.35.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v4.35.4...v4.35.5 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 4.35.5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:48:39 +02:00
49a2e3879a
ci: bump calibreapp/image-actions from e2cc8db5d49c849e00844dfebf01438318e96fa2 to 9d037c06280028c110ff61c433ad4dc7d33c3c43 ( #22433 )
...
ci: bump calibreapp/image-actions
Bumps [calibreapp/image-actions](https://github.com/calibreapp/image-actions ) from e2cc8db5d49c849e00844dfebf01438318e96fa2 to 9d037c06280028c110ff61c433ad4dc7d33c3c43.
- [Release notes](https://github.com/calibreapp/image-actions/releases )
- [Commits](https://github.com/calibreapp/image-actions/compare/e2cc8db5d49c849e00844dfebf01438318e96fa2...e2cc8db5d49c849e00844dfebf01438318e96fa2 )
---
updated-dependencies:
- dependency-name: calibreapp/image-actions
dependency-version: e2cc8db5d49c849e00844dfebf01438318e96fa2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:48:34 +02:00
865d8724a9
ci: bump taiki-e/install-action from 2.77.6 to 2.78.1 in /.github/actions/setup ( #22434 )
...
ci: bump taiki-e/install-action in /.github/actions/setup
Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action ) from 2.77.6 to 2.78.1.
- [Release notes](https://github.com/taiki-e/install-action/releases )
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/taiki-e/install-action/compare/c070f87102a1c75b3183910f391c1cb887fe13c8...184183c2401be73c3bf42c2e61268aa5855379c1 )
---
updated-dependencies:
- dependency-name: taiki-e/install-action
dependency-version: 2.78.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:48:30 +02:00
a1b0361cbd
core: bump serde_with from 3.19.0 to 3.20.0 ( #22435 )
...
Bumps [serde_with](https://github.com/jonasbb/serde_with ) from 3.19.0 to 3.20.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases )
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.19.0...v3.20.0 )
---
updated-dependencies:
- dependency-name: serde_with
dependency-version: 3.20.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:48:13 +02:00
50bab1f578
core: bump metrics from 0.24.5 to 0.24.6 ( #22436 )
...
Bumps [metrics](https://github.com/metrics-rs/metrics ) from 0.24.5 to 0.24.6.
- [Changelog](https://github.com/metrics-rs/metrics/blob/main/release.toml )
- [Commits](https://github.com/metrics-rs/metrics/compare/metrics-v0.24.5...metrics-v0.24.6 )
---
updated-dependencies:
- dependency-name: metrics
dependency-version: 0.24.6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-18 12:48:01 +02:00
ff564e3e65
website/integrations: add grommunio ( #22342 )
...
* docs: add grommunio integration guide
* docs: fix prettier formatting in grommunio integration guide
* Update formatting, change certificate section to match other docs, update some wording
* Update.
Co-authored-by: Agent <agent@svc.sdko.net >
---------
Co-authored-by: Tobias Krug <snxrcsme@gmail.com >
Co-authored-by: Dewi Roberts <dewi@goauthentik.io >
Co-authored-by: Dominic R <dominic@goauthentik.io >
Co-authored-by: Agent <agent@svc.sdko.net >
2026-05-18 00:14:34 +00:00
002178e2e1
website/integrations: add rabbitmq ( #22360 )
...
* website/integrations/infrastructure: add RabbitMQ
Add a community-supported integration document for RabbitMQ 4.x using
the `rabbitmq_auth_backend_oauth2` plugin. The same configuration
supports both Management UI login via OpenID Connect and AMQP / HTTP
API authentication with a JWT used as the password.
Includes the required scope mapping (aud claim + synthetic-SA groups
injection for the client_credentials grant), the two groups
(rabbitmq-administrator and rabbitmq-monitoring) used by RabbitMQ's
scope_aliases, and the application policy bindings that gate login at
the authentik layer.
* website/integrations/infrastructure: tighten SA bypass to internal_service_account
Use `request.user.type == "internal_service_account"` instead of a
suffix match on the username plus the broader `service_account` type.
`internal_service_account` is the authentik user type assigned only to
the synthetic SA that the OAuth2 provider creates for each
`client_credentials` grant; manually-created service accounts use the
plain `service_account` type. The previous check would let any admin-
created `service_account` whose username ended with `-client_credentials`
through the application policy, which is broader than intended.
* Update formatting, change language, remove line breaks
* Update.
---------
Co-authored-by: Dewi Roberts <dewi@goauthentik.io >
Co-authored-by: Dominic R <dominic@goauthentik.io >
2026-05-18 00:11:13 +00:00
fdc1099fb4
enterprise/stages/mtls: freeze time for expired certs ( #22411 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2026-05-18 01:17:05 +02:00
d1baf983db
core: bump nix from 0.31.2 to 0.31.3 ( #22384 )
...
Bumps [nix](https://github.com/nix-rust/nix ) from 0.31.2 to 0.31.3.
- [Changelog](https://github.com/nix-rust/nix/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nix-rust/nix/compare/v0.31.2...v0.31.3 )
---
updated-dependencies:
- dependency-name: nix
dependency-version: 0.31.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-15 17:01:20 +02:00
c4fa613d43
core: bump sentry from 0.48.1 to 0.48.2 ( #22385 )
...
Bumps [sentry](https://github.com/getsentry/sentry-rust ) from 0.48.1 to 0.48.2.
- [Release notes](https://github.com/getsentry/sentry-rust/releases )
- [Changelog](https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-rust/compare/0.48.1...0.48.2 )
---
updated-dependencies:
- dependency-name: sentry
dependency-version: 0.48.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-15 14:25:19 +02:00
710517a506
web: bump @sentry/browser from 10.51.0 to 10.52.0 in /web in the sentry group across 1 directory ( #22380 )
...
web: bump @sentry/browser in /web in the sentry group across 1 directory
Bumps the sentry group with 1 update in the /web directory: [@sentry/browser](https://github.com/getsentry/sentry-javascript ).
Updates `@sentry/browser` from 10.51.0 to 10.52.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/10.51.0...10.52.0 )
---
updated-dependencies:
- dependency-name: "@sentry/browser"
dependency-version: 10.52.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: sentry
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-15 14:25:10 +02:00
5cd1bf0619
web: bump @typescript/native-preview from 7.0.0-dev.20260506.1 to 7.0.0-dev.20260507.1 in /web ( #22383 )
...
web: bump @typescript/native-preview in /web
Bumps [@typescript/native-preview](https://github.com/microsoft/typescript-go ) from 7.0.0-dev.20260506.1 to 7.0.0-dev.20260507.1.
- [Changelog](https://github.com/microsoft/typescript-go/blob/main/CHANGES.md )
- [Commits](https://github.com/microsoft/typescript-go/commits )
---
updated-dependencies:
- dependency-name: "@typescript/native-preview"
dependency-version: 7.0.0-dev.20260507.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-15 12:20:58 +02:00
37a59e6ad1
web, website: Update name to application dashboard ( #22190 )
2026-05-15 02:55:53 +00:00
1af9856274
flows: remove link to overview for non-internal user ( #22362 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2026-05-14 23:23:14 +02:00
d1c02c2a39
providers/saml: Add sls to saml overview ( #22183 )
...
* providers/saml: clean up provider overview page
* clean up logout option rendering
2026-05-14 11:22:43 -05:00
889c6b5fa2
web: migrate brand assets to npm pkg ( #22361 )
...
* web: migrate brand assets to npm pkg
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move assets to separate script and re-use with storybook
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix testing icon
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2026-05-14 16:09:40 +02:00
ea20aa7b25
web: Fix issue where default user path is not preferred. ( #22139 )
2026-05-14 16:08:43 +02:00
4be3985574
core: bump github.com/grafana/pyroscope-go from 1.2.8 to 1.3.0 ( #22349 )
...
Bumps [github.com/grafana/pyroscope-go](https://github.com/grafana/pyroscope-go ) from 1.2.8 to 1.3.0.
- [Release notes](https://github.com/grafana/pyroscope-go/releases )
- [Commits](https://github.com/grafana/pyroscope-go/compare/v1.2.8...v1.3.0 )
---
updated-dependencies:
- dependency-name: github.com/grafana/pyroscope-go
dependency-version: 1.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 14:01:03 +02:00
c7786a7a24
web: bump @typescript/native-preview from 7.0.0-dev.20260421.2 to 7.0.0-dev.20260506.1 in /web ( #22355 )
...
web: bump @typescript/native-preview in /web
Bumps [@typescript/native-preview](https://github.com/microsoft/typescript-go ) from 7.0.0-dev.20260421.2 to 7.0.0-dev.20260506.1.
- [Changelog](https://github.com/microsoft/typescript-go/blob/main/CHANGES.md )
- [Commits](https://github.com/microsoft/typescript-go/commits )
---
updated-dependencies:
- dependency-name: "@typescript/native-preview"
dependency-version: 7.0.0-dev.20260506.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 14:00:40 +02:00
9547fee764
lifecycle/aws: bump aws-cdk from 2.1120.0 to 2.1121.0 in /lifecycle/aws ( #22350 )
...
Bumps [aws-cdk](https://github.com/aws/aws-cdk-cli/tree/HEAD/packages/aws-cdk ) from 2.1120.0 to 2.1121.0.
- [Release notes](https://github.com/aws/aws-cdk-cli/releases )
- [Commits](https://github.com/aws/aws-cdk-cli/commits/aws-cdk@v2.1121.0/packages/aws-cdk )
---
updated-dependencies:
- dependency-name: aws-cdk
dependency-version: 2.1121.0
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 14:00:13 +02:00
99c7c1695f
core: bump aws-cdk-lib from 2.252.0 to 2.253.0 ( #22352 )
...
Bumps [aws-cdk-lib](https://github.com/aws/aws-cdk ) from 2.252.0 to 2.253.0.
- [Release notes](https://github.com/aws/aws-cdk/releases )
- [Changelog](https://github.com/aws/aws-cdk/blob/main/CHANGELOG.v2.alpha.md )
- [Commits](https://github.com/aws/aws-cdk/compare/v2.252.0...v2.253.0 )
---
updated-dependencies:
- dependency-name: aws-cdk-lib
dependency-version: 2.253.0
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 13:59:57 +02:00
456cf77108
core: bump google-api-python-client from 2.195.0 to 2.196.0 ( #22351 )
...
Bumps [google-api-python-client](https://github.com/googleapis/google-api-python-client ) from 2.195.0 to 2.196.0.
- [Release notes](https://github.com/googleapis/google-api-python-client/releases )
- [Commits](https://github.com/googleapis/google-api-python-client/compare/v2.195.0...v2.196.0 )
---
updated-dependencies:
- dependency-name: google-api-python-client
dependency-version: 2.196.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 13:59:43 +02:00
f2b5026d44
ci: bump actions/setup-go from 6.3.0 to 6.4.0 ( #22353 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 6.3.0 to 6.4.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v6.3.0...4a3601121dd01d1626a1e23e37211e3254c1c06c )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-version: 6.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 13:59:13 +02:00
888cc7c5be
web: bump knip from 6.11.0 to 6.12.0 in /web ( #22356 )
...
Bumps [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip ) from 6.11.0 to 6.12.0.
- [Release notes](https://github.com/webpro-nl/knip/releases )
- [Commits](https://github.com/webpro-nl/knip/commits/knip@6.12.0/packages/knip )
---
updated-dependencies:
- dependency-name: knip
dependency-version: 6.12.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 13:59:02 +02:00
f7824857de
ci: bump taiki-e/install-action from 2.77.4 to 2.77.6 in /.github/actions/setup ( #22354 )
...
ci: bump taiki-e/install-action in /.github/actions/setup
Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action ) from 2.77.4 to 2.77.6.
- [Release notes](https://github.com/taiki-e/install-action/releases )
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/taiki-e/install-action/compare/ec28e287910af896fd98e04056d31fa68607e7ad...c070f87102a1c75b3183910f391c1cb887fe13c8 )
---
updated-dependencies:
- dependency-name: taiki-e/install-action
dependency-version: 2.77.6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 13:58:28 +02:00
d2e960e6b1
core: bump aws-lc-rs from 1.16.3 to 1.17.0 ( #22357 )
...
Bumps [aws-lc-rs](https://github.com/aws/aws-lc-rs ) from 1.16.3 to 1.17.0.
- [Release notes](https://github.com/aws/aws-lc-rs/releases )
- [Commits](https://github.com/aws/aws-lc-rs/compare/v1.16.3...v1.17.0 )
---
updated-dependencies:
- dependency-name: aws-lc-rs
dependency-version: 1.17.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 13:58:15 +02:00
b8bb5bcca7
website/integrations: fix aws scim mapping wording ( #22359 )
...
Update wording
2026-05-14 07:52:20 -04:00
5a0a210d4a
core, web: update translations ( #22344 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
2026-05-14 13:17:31 +02:00
0d55ef05f3
core: Defer status posts until GitHub Actions finishes. ( #22340 )
...
Defer status posts until GitHub Actions finishes.
2026-05-14 00:35:50 +02:00
9543b3c9f6
ci: Consistent NPM versions via Corepack ( #20400 )
...
* core: add .npmrc baseline to block dependency lifecycle scripts
Set ignore-scripts=true at the repo root, plus engine-strict, save-exact,
audit, and prefer-offline. This neutralizes the dominant npm supply-chain
attack vector — postinstall scripts in transitive dependencies — at the
cost of requiring an explicit rebuild for the handful of packages that
legitimately need install scripts (esbuild, chromedriver, tree-sitter,
tree-sitter-json). The next commit wires that rebuild into the Makefile.
Co-Authored-By: Playpen Agent <279763771+playpen-agent@users.noreply.github.com >
* core: route node installs through make to retire website preinstall hook
Make docs-install depend on a new root-node-install so the root deps
are guaranteed before the website install runs, removing the need for
the website/preinstall lifecycle script. Rebuild the small audited list
of trusted packages (esbuild, chromedriver, tree-sitter, tree-sitter-json)
after the web install so ignore-scripts=true remains the only path that
needs maintenance. web/README documents the new workflow.
Co-Authored-By: Playpen Agent <279763771+playpen-agent@users.noreply.github.com >
* Clean up install scripts.
* Track .npmrc in CODEOWNERS
* Fix formatter config. Reformat.
* Fix mounted references.
* Flesh out node scripts.
* Bump engines.
* Prep containers.
* Update makefile.
* Flesh out github actions.
* Clean up docs container.
* lint.
Bump.
Lint.
Bump NPM version.
* Add limits.
* collapse the composite's three setup-node calls to one cache restore
* Add SHA.
* Bump NPM range.
* Run formatter.
* Bump NPM.
* Remove extra install.
* Fix website deps.
* Use local prettier. Fix drift in CI.
* ci: build frontend in CI with node_env production
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Install docusaurus config.
* Fix linter warning, order.
* Add linter commands.
* Add timeout.
* Remove pre install check.
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Playpen Agent <279763771+playpen-agent@users.noreply.github.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2026-05-13 22:05:07 +00:00
f0686c274a
web/bug: fix regex recursion error in compatibility mode ( #22338 )
...
* web/bug: Fix wild regexp self-ddos recursion bug in compatibility mode.
# What
Replace CSS *not x or y* with *not x and not y* constructs. The form:
:host([expanded][position="left"]:not([inline], [static]))
… becomes …
:host([expanded][position="left"]:not([inline]):not([static]))
Minor: Removed the `export` declaration on a helper function in the Drawer story file.
# Why
The first expression triggered an obscure regex recursion bug in `polyfill.js` when converting the CSS to a format that works when the browser’s shadowDOM features are disabled. It does not handle complex CSS Level 4 Selectors very well.
The unneeded `export` was confusing Storybook and causing it to render an empty story on the Drawer’s component overview page.
2026-05-13 13:23:35 -07:00
a712e5bb2f
enterprise/providers/scim: add support for interactive OAuth2 ( #22072 )
...
* enterprise/providers/scim: add support for interactive OAuth2
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* prep different oauth mode
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* implement it
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add data to API
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add more tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove not-needed migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix last_updated not being updated
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2026-05-13 18:27:34 +02:00
Teffen Ellis
dependabot[bot]
Tobias Krug
Oleksii Kondratiuk
Jens L.
Connor Peshek
Dewi Roberts
authentik-automation[bot]
Ken Sternberg