v4.39.0
·
251 commits
to master
since this release
v4.39.0
james-d-elliott
James Elliott
This tag was signed with the committer’s verified signature.
james-d-elliott
James Elliott
4.39.0 (2025-03-16)
Summary
Please see the Authelia Blog: 4.39 Release Notes for human readable summaries of the changes. It's important to note some critical changes have occurred in this release that warrant some user attention.
Specific critical changes which are detailed in the Authelia Blog: 4.39 Release Notes to watch out for:
- Changes that will require manual intervention in some scenarios:
- The default claims for ID Tokens minted by the Authelia OpenID Connect 1.0 Identity Provider have changed.
- Changes that shouldn't require manual intervention but are significant enough to cause issues in some edge cases:
- The official Authelia container has been heavily changed.
- The official Systemd Units which are packaged in AUR packages, DEB packages, and the GitHub artifacts archives have been heavily changed.
Detailed Changes
Bug Fixes
- i18n: lack of privacy policy message consistency (#8845) (a091374)
- web: radio group spacing on mobile and uncentered icons (#8843) (ff88332)
- web: workflow id missing from passkey first factor (#8951) (f948399), closes #8950
Features
- authentication: additional and custom attributes (#8078) (34932a8)
- authentication: ldap connection pooling (#7217) (0af038e)
- authentication: permit empty base dn (#8112) (4b50771)
- build from authelia/base base image (#8884) (7d1adff)
- configuration: listen on file descriptor (#5973) (df67550)
- configuration: reusable definitions (#8077) (a9d1986)
- configuration: support abstract unix socket (#7662) (3fc0378)
- docker: implement shellcheck recommendations (#7474) (c7a8e58)
- embed: make authelia embedable (#8841) (9241731), closes #5803
- handlers: basic authz caching (#8320) (05fa254), closes #5006
- logging: reopen on sighup (#7140) (16e44cb), closes #4964
- metrics: record passkey logins separately (#8866) (6759988)
- middlewares: tokenized bucket rate limit (#8321) (ef5051b), closes #7353 #1947
- oidc: authorization policy network criteria (#8079) (f67097c)
- oidc: claims parameter support (#8081) (111344e), closes #2868
- oidc: merged id token claims (#8851) (eadf0ba), closes #8619
- oidc: prompt parameter support (#8080) (9c718b3), closes #2596
- oidc: rfc7516 jwt encryption (#8083) (684c8e2)
- oidc: rfc8628 oauth 2.0 device code grant (#8082) (e7d387e)
- regulation: ip bans and unbanning (#7230) (5e40d97)
- storage: allow peer authentication (#8161) (4b8d2ce)
- storage: allow postgres failover (#7775) (2934c16)
- use dedicated system user for systemd unit (#4982) (e33d729), closes #3736
- web: add new oled theme (#8838) (e02a2db)
- webauthn: passkeys (#7942) (197b455), closes #2827 #2761
- web: change password (#7676) (f4abcb3), closes #3548
- web: language picker (#6716) (2f1afa1)
Docker Container
docker pull authelia/authelia:4.39.0docker pull ghcr.io/authelia/authelia:4.39.0