[pull] master from dexidp:master #224

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

When TLS certificate reloading functionality was implemented and released in Dex 2.37.0, added newTLSReloader() returns empty tlsConfig and discards the provided, already configured tlsConfig. Server's with empty tlsConfig override Go's sensible defaults, and starts serving Dex over TLS 1.0 and TLS 1.1 in addition to Go's defaults TLS 1.2+. TLS 1.0 and 1.1 are long deprecated and vulnerable, making this a security risk. Server and its secrets are vulnerable to attackers.

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.155.0 to 0.156.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.155.0...v0.156.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com>

Images: * builder * stager * gomplate * base alpine * base distroless Actions: * check required labels * kind Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.23.0 to 3.23.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@e5f05b8...0b21cf2) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.15.3 to 0.15.4. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@c7f031d...41f7a6c) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

#3287) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.1.5 to 4.0.0. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@c74b580...4901385) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.15.4 to 0.15.5. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@41f7a6c...24b0d52) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.60.1 to 1.61.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.60.1...v1.61.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bump gomplate to v3.11.7

…e/sbom-action-0.15.5 build(deps): bump anchore/sbom-action from 0.15.4 to 0.15.5

…ang.org/grpc-1.61.0 build(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.60.1 to 1.61.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.60.1...v1.61.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…gle.golang.org/grpc-1.61.0 build(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0 in /api/v2

Pin actions and container image dependencies

Introduce a dedicated pkg for featureflags

Add dependabot for example app

…args Propagate Dex version from build args

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.59.0 to 1.61.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.59.0...v1.61.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps golang from `869193e` to `3bd4475`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.7.0 to 3.9.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](coreos/go-oidc@v3.7.0...v3.9.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

bug: return initialConfig instead of empty tlsConfig

Sign container images

…oogle.golang.org/grpc-1.61.0 build(deps): bump google.golang.org/grpc from 1.59.0 to 1.61.0 in /examples

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.7.0...v1.8.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

build(deps): bump golang from `869193e` to `3bd4475`

…ithub.com/spf13/cobra-1.8.0 build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 in /examples

Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.13.0 to 0.16.0. - [Commits](golang/oauth2@v0.13.0...v0.16.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…olang.org/x/oauth2-0.16.0 build(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.16.0 in /examples

* Initial commit Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> * Finish the syntex fixes Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> * Add fixes after running the tests Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> * Change background context to request context Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> --------- Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com>

Add configuration options for TLSMinVersion and TLSMaxVersion. This enables setting TLS 1.3 as minimum version for example for both GRPC and Web, or enforcing TLS 1.2 only for easier debugging of secure connections. Signed-off-by: Tuomo Tanskanen <tuomo.tanskanen@est.tech>

feat: add TLS versions configuration

Signed-off-by: Patrick Pacher <patrick.pacher@gmail.com>

Bumps [mheap/github-action-required-labels](https://github.com/mheap/github-action-required-labels) from 5.1.0 to 5.2.0. - [Release notes](https://github.com/mheap/github-action-required-labels/releases) - [Commits](mheap/github-action-required-labels@4e9ef4c...cc7a79f) --- updated-dependencies: - dependency-name: mheap/github-action-required-labels dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps golang from `3bd4475` to `3354c3a`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps alpine from 3.19.0 to 3.19.1. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.15.5 to 0.15.6. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@24b0d52...c6aed38) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.157.0 to 0.161.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.157.0...v0.161.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [go.etcd.io/etcd/client/pkg/v3](https://github.com/etcd-io/etcd) from 3.5.11 to 3.5.12. - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](etcd-io/etcd@v3.5.11...v3.5.12) --- updated-dependencies: - dependency-name: go.etcd.io/etcd/client/pkg/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.15.6 to 0.15.8. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@c6aed38...b6a39da) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.23.1 to 3.24.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@0b21cf2...e8893c5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.19 to 1.14.22. - [Release notes](https://github.com/mattn/go-sqlite3/releases) - [Commits](mattn/go-sqlite3@v1.14.19...v1.14.22) --- updated-dependencies: - dependency-name: github.com/mattn/go-sqlite3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…/mattn/go-sqlite3-1.14.22 build(deps): bump github.com/mattn/go-sqlite3 from 1.14.19 to 1.14.22

…/codeql-action-3.24.0 build(deps): bump github/codeql-action from 3.23.1 to 3.24.0

…e/sbom-action-0.15.8 build(deps): bump anchore/sbom-action from 0.15.6 to 0.15.8

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.2.0 to 3.4.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@1fc5bd3...e1523de) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…/etcd/client/pkg/v3-3.5.12 build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.11 to 3.5.12

…ang.org/api-0.161.0 build(deps): bump google.golang.org/api from 0.157.0 to 0.161.0

build(deps): bump alpine from 3.19.0 to 3.19.1

Bumps [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd) from 3.5.11 to 3.5.12. - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](etcd-io/etcd@v3.5.11...v3.5.12) --- updated-dependencies: - dependency-name: go.etcd.io/etcd/client/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

build(deps): bump golang from `3bd4475` to `3354c3a`

…github-action-required-labels-5.2.0 build(deps): bump mheap/github-action-required-labels from 5.1.0 to 5.2.0

…re/cosign-installer-3.4.0 build(deps): bump sigstore/cosign-installer from 3.2.0 to 3.4.0

…/etcd/client/v3-3.5.12 build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.11 to 3.5.12

…les (#3340) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.16.0 to 0.17.0. - [Commits](golang/oauth2@v0.16.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps tonistiigi/xx from 1.3.0 to 1.4.0. --- updated-dependencies: - dependency-name: tonistiigi/xx dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps golang from 1.21.6-alpine3.18 to 1.22.0-alpine3.18. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: Chris H <33393789+MrDeerly@users.noreply.github.com>

Bumps [haya14busa/action-cond](https://github.com/haya14busa/action-cond) from 1.1.1 to 1.2.1. - [Release notes](https://github.com/haya14busa/action-cond/releases) - [Commits](haya14busa/action-cond@1d6e8a1...94f77f7) --- updated-dependencies: - dependency-name: haya14busa/action-cond dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: MM53 <28218664+MM53@users.noreply.github.com>

Signed-off-by: i312042 <viktoria.lyomcheva@sap.com> Co-authored-by: i312042 <viktoria.lyomcheva@sap.com>

Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.16.0 to 0.17.0. - [Commits](golang/oauth2@v0.16.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.61.0 to 1.61.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.61.0...v1.61.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps distroless/static from `9be3fcc` to `a43abc8`. --- updated-dependencies: - dependency-name: distroless/static dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.16.1 to 0.17.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@d43c1f1...84384bd) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.5.0 to 5.5.1. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@dbef880...8e5442c) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [mheap/github-action-required-labels](https://github.com/mheap/github-action-required-labels) from 5.2.0 to 5.3.0. - [Release notes](https://github.com/mheap/github-action-required-labels/releases) - [Commits](mheap/github-action-required-labels@cc7a79f...80a96a4) --- updated-dependencies: - dependency-name: mheap/github-action-required-labels dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.8.0 to 1.9.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](helm/kind-action@dda0770...99576bf) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.0 to 3.24.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@e8893c5...3796146) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.161.0 to 0.165.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.161.0...v0.165.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

#3359) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@4901385...80f10bf) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.1.0 to 4.1.3. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@80f10bf...9129d7d) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.61.1 to 1.62.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.61.1...v1.62.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps distroless/static from `a43abc8` to `072d78b`. --- updated-dependencies: - dependency-name: distroless/static dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.3 to 3.24.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@3796146...47b3d88) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.165.0 to 0.167.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.165.0...v0.167.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.19.0 to 0.20.0. - [Commits](golang/crypto@v0.19.0...v0.20.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…/x/crypto-0.20.0 build(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0

…ang.org/api-0.167.0 build(deps): bump google.golang.org/api from 0.165.0 to 0.167.0

…/codeql-action-3.24.5 build(deps): bump github/codeql-action from 3.24.3 to 3.24.5

…tic-072d78b build(deps): bump distroless/static from `a43abc8` to `072d78b`

…oogle.golang.org/grpc-1.62.0 build(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 in /examples

…s/dependency-review-action-4.1.3 build(deps): bump actions/dependency-review-action from 4.1.0 to 4.1.3

…busa/action-cond-1.2.1 build(deps): bump haya14busa/action-cond from 1.1.1 to 1.2.1

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.61.0 to 1.62.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.61.0...v1.62.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…alpine3.18 build(deps): bump golang from 1.21.6-alpine3.18 to 1.22.0-alpine3.18

…ang.org/grpc-1.62.0 build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Update ent

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.61.0 to 1.62.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.61.0...v1.62.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…gle.golang.org/grpc-1.62.0 build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 in /api/v2

…3405) Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.1 to 3.0.3. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md) - [Commits](go-jose/go-jose@v3.0.1...v3.0.3) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.18.0 to 1.19.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/v1.19.0/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.18.0...v1.19.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…3398) Bumps golang from 1.22.0-alpine3.18 to 1.22.1-alpine3.18. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.1 to 3.0.3. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md) - [Commits](go-jose/go-jose@v3.0.1...v3.0.3) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.167.0 to 0.169.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.167.0...v0.169.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Matthias Loibl <mail@matthiasloibl.com> Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com> Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> Co-authored-by: Matthias Loibl <mail@matthiasloibl.com>

Bumps distroless/static from `072d78b` to `9235ad9`. --- updated-dependencies: - dependency-name: distroless/static dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@f95db51...0d103c3) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.17.0 to 0.18.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@84384bd...062f259) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.5 to 3.24.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@47b3d88...8a470fd) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.15.8 to 0.15.9. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@b6a39da...9fece9e) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.17.0 to 0.18.0. - [Commits](golang/oauth2@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…les (#3394) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.17.0 to 0.18.0. - [Commits](golang/oauth2@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: hsinhoyeh <yhh92u@gmail.com>

Customization of headers in the authentication server is crucial for enforcing stringent security measures by allowing the inclusion of specific headers required for authentication protocols and compliance standards. This customization ensures that authentication requests are processed securely, mitigating potential vulnerabilities and ensuring adherence to security policies. Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.62.0 to 1.62.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.0...v1.62.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Enhanced the OIDC connector to allow specifying an empty promptType parameter. Previously, the default behavior always appended 'consent' if promptType was not specified. This adjustment was necessary due to variations in default behaviors across certain Identity Providers (IDPs). Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com>

…3414) Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) from 1.7.1 to 1.8.0. - [Release notes](https://github.com/go-sql-driver/mysql/releases) - [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md) - [Commits](go-sql-driver/mysql@v1.7.1...v1.8.0) --- updated-dependencies: - dependency-name: github.com/go-sql-driver/mysql dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…3413) Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

Bumps distroless/static from `9235ad9` to `7e5c6a2`. --- updated-dependencies: - dependency-name: distroless/static dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.1.0 to 5.2.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@4a13e50...af5a7ed) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.62.0 to 1.62.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.0...v1.62.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@b4ffde6...9bb5618) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.6 to 3.24.8. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@8a470fd...05963f4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.169.0 to 0.171.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.169.0...v0.171.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/login-action](https://github.com/docker/login-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@343f7c4...e92390c) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.9.0 to 3.10.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](coreos/go-oidc@v3.9.0...v3.10.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…3425) Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.9.0 to 3.10.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](coreos/go-oidc@v3.9.0...v3.10.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.2.0 to 5.3.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@af5a7ed...2cdde99) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps golang from `010f3b3` to `ede158f`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.62.0 to 1.62.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.0...v1.62.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@0d103c3...2b51285) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) from 1.8.0 to 1.8.1. - [Release notes](https://github.com/go-sql-driver/mysql/releases) - [Changelog](https://github.com/go-sql-driver/mysql/blob/v1.8.1/CHANGELOG.md) - [Commits](go-sql-driver/mysql@v1.8.0...v1.8.1) --- updated-dependencies: - dependency-name: github.com/go-sql-driver/mysql dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.1.3 to 4.2.5. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@9129d7d...5bbc3ba) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

#3404) Signed-off-by: Romain Caire <super.cairos@gmail.com>

gcr.io/distroless/static is Debian 10, which is quite outdated. Updated to the Debian 12 version of the static image, and used the nonroot tag since the root user isn't needed. We've been running a version of Dex in production with this image without issue. Signed-off-by: Hayden B <hblauzvern@google.com>

Signed-off-by: Denys Romanenko <65756796+RomanenkoDenys@users.noreply.github.com> Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com> Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>

Bumps distroless/static-debian12 from `67686c9` to `42c8865`. --- updated-dependencies: - dependency-name: distroless/static-debian12 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: Romain Caire <super.cairos@gmail.com>

Bumps [go.etcd.io/etcd/client/pkg/v3](https://github.com/etcd-io/etcd) from 3.5.12 to 3.5.13. - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](etcd-io/etcd@v3.5.12...v3.5.13) --- updated-dependencies: - dependency-name: go.etcd.io/etcd/client/pkg/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps golang from 1.22.1-alpine3.18 to 1.22.2-alpine3.18. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.24.0. - [Commits](golang/net@v0.22.0...v0.24.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.18.0 to 0.19.0. - [Commits](golang/oauth2@v0.18.0...v0.19.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.8 to 3.24.10. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@05963f4...4355270) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: cpanato <ctadeu@gmail.com>

chore: run release note label ci only in dexidp/dex repo not in forks

Bumps [mheap/github-action-required-labels](https://github.com/mheap/github-action-required-labels) from 5.3.0 to 5.4.0. - [Release notes](https://github.com/mheap/github-action-required-labels/releases) - [Commits](mheap/github-action-required-labels@80a96a4...132879b) --- updated-dependencies: - dependency-name: mheap/github-action-required-labels dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

use the default cosign version from the action

…/codeql-action-3.24.10 build(deps): bump github/codeql-action from 3.24.8 to 3.24.10

…olang.org/x/oauth2-0.19.0 build(deps): bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 in /examples

…/x/net-0.24.0 build(deps): bump golang.org/x/net from 0.22.0 to 0.24.0

…alpine3.18 build(deps): bump golang from 1.22.1-alpine3.18 to 1.22.2-alpine3.18

…/etcd/client/pkg/v3-3.5.13 build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.12 to 3.5.13

…tic-debian12-42c8865 build(deps): bump distroless/static-debian12 from `67686c9` to `42c8865`

…s/dependency-review-action-4.2.5 build(deps): bump actions/dependency-review-action from 4.1.3 to 4.2.5

Bumps [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd) from 3.5.12 to 3.5.13. - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](etcd-io/etcd@v3.5.12...v3.5.13) --- updated-dependencies: - dependency-name: go.etcd.io/etcd/client/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…/go-sql-driver/mysql-1.8.1 build(deps): bump github.com/go-sql-driver/mysql from 1.8.0 to 1.8.1

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.171.0 to 0.172.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.171.0...v0.172.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…github-action-required-labels-5.4.0 build(deps): bump mheap/github-action-required-labels from 5.3.0 to 5.4.0

…/setup-buildx-action-3.2.0 build(deps): bump docker/setup-buildx-action from 3.1.0 to 3.2.0

…/etcd/client/v3-3.5.13 build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.12 to 3.5.13

…ang.org/api-0.172.0 build(deps): bump google.golang.org/api from 0.171.0 to 0.172.0

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@2b51285...d70bba7) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps distroless/static-debian12 from `42c8865` to `e9ac71e`. --- updated-dependencies: - dependency-name: distroless/static-debian12 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

With the change introduced in #3372 Dex declines passwords that contain special characters. Since password is not passed to any kind of filters, it is safe to pass a password as is. No LDAP query injections are possible. This commit is a revert of password escaping. Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@e1523de...59acb62) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: Michele Mastropietro <elehcim@users.noreply.github.com>

…3475) Signed-off-by: abhisek <abhisek.datta@gmail.com> Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com> Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>

Bumps the go_modules group in /api/v2 with 1 update: [golang.org/x/net](https://github.com/golang/net). Updates `golang.org/x/net` from 0.20.0 to 0.23.0 - [Commits](golang/net@v0.20.0...v0.23.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect dependency-group: go_modules ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.15.9 to 0.15.11. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@9fece9e...7ccf588) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.19.0 to 0.20.0. - [Commits](golang/oauth2@v0.19.0...v0.20.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.18.0 to 0.20.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@062f259...b2933f5) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps golang from 1.22.2-alpine3.18 to 1.22.3-alpine3.18. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.172.0 to 0.179.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.172.0...v0.179.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…ang.org/api-0.179.0 build(deps): bump google.golang.org/api from 0.172.0 to 0.179.0

…alpine3.18 build(deps): bump golang from 1.22.2-alpine3.18 to 1.22.3-alpine3.18

…curity/trivy-action-0.20.0 build(deps): bump aquasecurity/trivy-action from 0.18.0 to 0.20.0

…olang.org/x/oauth2-0.20.0 build(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 in /examples

…e/sbom-action-0.15.11 build(deps): bump anchore/sbom-action from 0.15.9 to 0.15.11

…modules-b9ac453758 build(deps): bump golang.org/x/net from 0.20.0 to 0.23.0 in /api/v2 in the go_modules group

…re/cosign-installer-3.5.0 build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0

…tic-debian12-e9ac71e build(deps): bump distroless/static-debian12 from `42c8865` to `e9ac71e`

…/setup-buildx-action-3.3.0 build(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0

Bumps google.golang.org/protobuf from 1.33.0 to 1.34.1. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…gle.golang.org/protobuf-1.34.1 build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.1 in /api/v2

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.62.1 to 1.63.2. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.1...v1.63.2) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.0.0 to 5.0.1. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@0c52d54...cdcb360) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [mheap/github-action-required-labels](https://github.com/mheap/github-action-required-labels) from 5.4.0 to 5.4.1. - [Release notes](https://github.com/mheap/github-action-required-labels/releases) - [Commits](mheap/github-action-required-labels@132879b...5847eef) --- updated-dependencies: - dependency-name: mheap/github-action-required-labels dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.10 to 3.25.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@4355270...ccf74c9) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.9.0 to 1.10.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](helm/kind-action@99576bf...0025e74) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.2.5 to 4.3.2. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@5bbc3ba...0c155c5) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.179.0 to 0.180.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.179.0...v0.180.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.19.0 to 1.19.1. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.19.0...v1.19.1) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…/prometheus/client_golang-1.19.1 build(deps): bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1

…ang.org/api-0.180.0 build(deps): bump google.golang.org/api from 0.179.0 to 0.180.0

…s/dependency-review-action-4.3.2 build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.2

…ind-action-1.10.0 build(deps): bump helm/kind-action from 1.9.0 to 1.10.0

…/codeql-action-3.25.4 build(deps): bump github/codeql-action from 3.24.10 to 3.25.4

…github-action-required-labels-5.4.1 build(deps): bump mheap/github-action-required-labels from 5.4.0 to 5.4.1

…s/setup-go-5.0.1 build(deps): bump actions/setup-go from 5.0.0 to 5.0.1

…gle.golang.org/grpc-1.63.2 build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /api/v2

…oogle.golang.org/grpc-1.63.2 build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /examples

Signed-off-by: mountcount <cuimoman@outlook.com>

Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com>

Bumps [github.com/beevik/etree](https://github.com/beevik/etree) from 1.3.0 to 1.4.0. - [Release notes](https://github.com/beevik/etree/releases) - [Changelog](https://github.com/beevik/etree/blob/main/RELEASE_NOTES.md) - [Commits](beevik/etree@v1.3.0...v1.4.0) --- updated-dependencies: - dependency-name: github.com/beevik/etree dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.0.1 to 4.0.2. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md) - [Commits](go-jose/go-jose@v4.0.1...v4.0.2) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.1 to 2.3.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@0864cf1...dc50aa9) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.63.2 to 1.64.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.63.2...v1.64.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps golang from `4531927` to `ff6ab2b`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.180.0 to 0.181.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.180.0...v0.181.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@9bb5618...a5ac7e5) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps alpine from 3.19.1 to 3.20.0. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: cpanato <ctadeu@gmail.com>

introduce Provenance Attestation

build(deps): bump alpine from 3.19.1 to 3.20.0

…e/sbom-action-0.16.0 build(deps): bump anchore/sbom-action from 0.15.11 to 0.16.0

…/codeql-action-3.25.6 build(deps): bump github/codeql-action from 3.25.4 to 3.25.6

…s/checkout-4.1.6 build(deps): bump actions/checkout from 4.1.2 to 4.1.6

…ang.org/api-0.181.0 build(deps): bump google.golang.org/api from 0.180.0 to 0.181.0

build(deps): bump golang from `4531927` to `ff6ab2b`

…corecard-action-2.3.3 build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3

…/go-jose/go-jose/v4-4.0.2 build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.1 to 4.0.2

…/beevik/etree-1.4.0 build(deps): bump github.com/beevik/etree from 1.3.0 to 1.4.0

…oogle.golang.org/grpc-1.64.0 build(deps): bump google.golang.org/grpc from 1.63.2 to 1.64.0 in /examples

Bumps [docker/login-action](https://github.com/docker/login-action) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@e92390c...0d4c9c5) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ta (support for GKE workload identity) (#2989) Signed-off-by: Viacheslav Sychov <viacheslav.sychov@gmail.com> Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com> Co-authored-by: Maksim Nabokikh <maksim.nabokikh@flant.com>

Bumps golang from `ff6ab2b` to `d1a601b`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.20.0 to 0.21.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@b2933f5...fd25fed) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Andrii Deinega <andrii.deinega@gmail.com>

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

…#3555) Bumps [go.etcd.io/etcd/client/pkg/v3](https://github.com/etcd-io/etcd) from 3.5.13 to 3.5.14. - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](etcd-io/etcd@v3.5.13...v3.5.14) --- updated-dependencies: - dependency-name: go.etcd.io/etcd/client/pkg/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: sohgaura <tiwari.dk1@gmail.com> Signed-off-by: sohgaura <31881670+sohgaura@users.noreply.github.com>

) Bumps [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd) from 3.5.13 to 3.5.14. - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](etcd-io/etcd@v3.5.13...v3.5.14) --- updated-dependencies: - dependency-name: go.etcd.io/etcd/client/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

Signed-off-by: Sean Liao <sean+git@liao.dev>

OpenStack Keystone allows a user to authenticate against a domain. That domain can be specified either as the domain ID or the domain name when authenticating. The domain ID is a UUID or the special "default" domain ID so key off of that when deciding what to submit to the keystone API. Collapsed the code to share the domainKeystone struct by utilizing omitempty to skip unset fields. Signed-off-by: Doug Goldstein <cardoe@cardoe.com>

Revert the change introduced in previous PRs. For each PR, we want to build images to check that the build passes successfully. Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.6 to 3.25.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@9fdb3e4...f079b84) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

The problem caused by the mistake in the newLogger function. The nil value is returned even with the valid log format. Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

container-image -> container-images Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com>

Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com>

Signed-off-by: Philip Corliss <pcorliss@drwholdings.com>

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.8.0 to 1.8.1. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.8.0...v1.8.1) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…#3580) Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 1.1.2 to 1.3.1. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@173725a...534b352) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

[pull] master from dexidp:master #224

Are you sure you want to change the base?

[pull] master from dexidp:master #224

Commits on Jan 10, 2024

Commits on Jan 12, 2024

Commits on Jan 15, 2024

Commits on Jan 16, 2024

Commits on Jan 18, 2024

Commits on Jan 20, 2024

Commits on Jan 23, 2024

Commits on Jan 24, 2024

Commits on Jan 25, 2024

Commits on Jan 26, 2024

Commits on Jan 29, 2024

Commits on Jan 30, 2024

Commits on Jan 31, 2024

Commits on Feb 1, 2024

Commits on Feb 5, 2024

Commits on Feb 9, 2024

Commits on Feb 12, 2024

Commits on Feb 13, 2024

Commits on Feb 15, 2024

Commits on Feb 16, 2024

Commits on Feb 17, 2024

Commits on Feb 21, 2024

Commits on Feb 22, 2024

Commits on Feb 26, 2024

Commits on Feb 27, 2024

Commits on Mar 11, 2024

Commits on Mar 12, 2024

Commits on Mar 22, 2024

Commits on Mar 25, 2024

Commits on Mar 27, 2024

Commits on Mar 28, 2024

Commits on Mar 29, 2024

Commits on Mar 31, 2024

Commits on Apr 1, 2024

Commits on Apr 4, 2024

Commits on Apr 5, 2024

Commits on Apr 8, 2024

Commits on Apr 9, 2024

Commits on Apr 11, 2024

Commits on Apr 12, 2024

Commits on Apr 15, 2024

Commits on Apr 19, 2024

Commits on Apr 29, 2024

Commits on May 6, 2024

Commits on May 8, 2024

Commits on May 10, 2024

Commits on May 12, 2024

Commits on May 13, 2024

Commits on May 14, 2024

Commits on May 15, 2024

Commits on May 17, 2024

Commits on May 21, 2024

Commits on May 23, 2024

Commits on May 28, 2024

Commits on May 29, 2024

Commits on May 31, 2024

Commits on Jun 1, 2024

Commits on Jun 3, 2024

Commits on Jun 13, 2024

Commits on Jun 17, 2024