Skip to content

v0.19.0

Choose a tag to compare

View all tags
@c2FmZQ-bot c2FmZQ-bot released this 14 Aug 20:28
· 62 commits to main since this release
v0.19.0
This tag was signed with the committer’s verified signature.
rthellend Robin Thellend
GPG key ID: 66B67667FD414F55
Verified
Learn about vigilant mode.
aded3f6
This commit was signed with the committer’s verified signature.
rthellend Robin Thellend
GPG key ID: 66B67667FD414F55
Verified
Learn about vigilant mode.

v0.19.0

⭐ Feature improvement

Backends can now have different SSO ACLs for different paths. The paths:, exceptions:, acl:, and forceReAuth: options are moving to rules: where each rule has its own paths:, exceptions:, acl:, and forceReAuth: options.

Before:

   sso:
     provider: <provider>
     paths:
       - /foo
     forceReAuth: 1h
     acl:
       - alice@example.com
       - bob@example.com

Now:

   sso:
     provider: <provider>
     rules:
       - paths:
           - /foo
         forceReAuth: 1h
         acl:
           - alice@example.com
           - bob@example.com

The first rule with matching paths (and not matching exceptions) is the one that's used for the request.

As before, if acl: is not specified, all authenticated requests are allowed. If acl: is set to an empty list, i.e. acl: [], nothing is allowed.

The old syntax still works, but is now deprecated and will be removed eventually.

🔧 Misc

  • Update go: 1.25.0
  • Update go dependencies:
    • upgraded golang.org/x/crypto v0.40.0 => v0.41.0
    • upgraded golang.org/x/mod v0.26.0 => v0.27.0
    • upgraded golang.org/x/net v0.42.0 => v0.43.0
    • upgraded golang.org/x/sys v0.34.0 => v0.35.0
    • upgraded golang.org/x/text v0.27.0 => v0.28.0
    • upgraded golang.org/x/tools v0.35.0 => v0.36.0

Compare with v0.18.1

Assets 35
Loading