[pull] master from gravitational:master #6
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
If the ECS service-linked role managed by AWS does not exist yet, then when the OIDC integration calls ecs:CreateCluster it will fail. Adding this permission will allow the API call to automatically create the service-linked role on first use of ECS.
* Iplement new H1 and H2 headings * Update snapshots
This PR adds the backend service to be able to create, update and retrieve access graph configurations from Teleport backend. This PR is part of gravitational/access-graph#637.
* Add MS Graph client skeleton * Complete retry logic * Add GetID() to GroupMember * Parse MS Graph API error responses * Pull out page size into config * Add missing "patch" methods to client interface * Move code around * Factor out roundtrip() * Fill out remaining methods * Add godocs and solve lints * Run gci * Move godocs to the interface * Add missing method * Finish errors_test * close body in test * nit * Add license headers * Move azureoidc onboarding code to msgraph.Client * Make AzureTokenProvider public * Use cmp.Or to shorten config defaults handling * Address review nits * Parallelize tests * nit * Respect context cancellation in retry logic * Utilize BlockUntil in tests * Remove Client interface, make client struct public * Prefer defaults.HTTPClient to http.DefaultClient * Iterate entra apps, do not buffer all in memory * nit * Set additional timeouts on default HTTP client * Escape path segments when constructing URLs * Add a general timeout for default HTTP client
Correcting the typo
* Adding release-notes program * Adding readme and some fies * New Makefile create-github-release target * Fixing target for release notes * Fixing typo * Removing submodule update * Fixing up create-github-release target * Fixing formatting * Cleaning up the code to be easier to follow * Adding EOL at EOF for Makefile * Adding LATEST variable to target * Simplifying double header check * Adding fail testcase * Removing unecessary target flag * Licenses and not using env for latest * Fixing linting error * Fixing typo of wrong year
* move the discovery/database service permissions into partials * replace the dynamic IAM permissions setup with simple permissions * add a reference section for the discovery service * remove details wrappers from IAM role trust setup partial
…#44016) * [sec_scan][12] add cache and events support for `AccessGraphSettings` This PR adds the cache and events support for the new resource `AccessGraphSettings`. This PR is part of gravitational/access-graph#637. Signed-off-by: Tiago Silva <tiago.silva@goteleport.com> * add tests --------- Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
* Add very rough draft * First pass * Another pass * Add details about user deletion * Add who and why * Add reviewer * Delete deletion * Add missing sections * Address comments * Rename teleport-created to teleport-static
Co-authored-by: Steven Martin <stevenmartin@Stevens-MBP.fios-router.home>
* cluster-wide webauthn guide draft * cluster-wide webauthn guide draft * cluster-wide webauthn guide draft * webauthn guide draft * webauthn guide draft * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide - post feedback * idp hardening with webauthn guide * idp hardening with webauthn guide * idp hardening with webauthn guide * webauthn feedback * webauthn feedback * webauthn feedback * webauthn * webauthn * webauthn * webauthn * webauthn * webauthn * webauthn idp image * webauthn edits * webauthn final * webauthn final * webauthn config title * webauthn * webauthn
The bloat check started failing after the checkout action started to require nodejs 20 (See actions/checkout#1590 (comment)). By changing the image the bloat check should still provide enough insight into binary size at the expense of the binaries being slightly different from a production build.
* Export endpoint config * Export endpoint only for cloud instances * Trim newline * Fix import order
…44318) * Update AccessList Entitlement Enforcement to handle infinite limit The AccessList service was not correctly handling a zero-value limit (i.e. an infinite limit) when checking to see if creating an AccessList would breach the cluster Access List entitlement. This patch: * Adds a centralized implementation of a limit check, so that we only have to get the calculation right once. * Tests for same * Updates the AccessList limit check to use the new limit check * Adds table-driven tests to exercise the limit check in various scenarios, replacing several almost identical tests. * Review feedback
…44323) Co-authored-by: Truls Asheim <truls@asheim.dk>
* build: Use pkg-config to find bpf headers and libraries Use `pkg-config` / `pkgconf` to find the specific version of `libbpf` that we want to link to as well as the dependent libraries such as `libelf`, `libz`, and sometimes `libzstd`. This resolves the variable dependency on `libzstd` depending on the base OS. We still take preference of `/lib/libbpf-$(LIBBPF_VER)` if it exists as it does for the standard buildbox, but that is deprecated and will be removed when we move to the new buildbox. If there is no `libelf.pc` config, fall back to hard-coded libraries as it was previously. Again, this is for use with our existing CentOS 7 buildbox. This cleans up the BPF detection in `common.mk` as it had some head-scratching failure modes when clang or llvm-strip were not found. The logic for enabling BPF is clearer now and safer. * build: Also look in C_INCLUDE_PATH for pam_appl.h When looking for the PAM header `pam_appl.h` to determine if PAM should be enabled in teleport, first look in the directories specified in the `C_INCLUDE_PATH` environment variable before checking the system header directories. The buildbox-ng has per-architecture include directories and configures `C_INCLUDE_PATH` to find the correct headers. Fall back to the existing default directories if not found in `C_INCLUDE_PATH`.
* Remove MS Graph SDK dependency * Add msgraph-sdk-go to depguard deny list * Tidy secondary go modules
The old behavior linked to the ECS cluster dashboard because we were doing potentially multiple deployments. This behavior is maintained, except now if there is only one deployment, which is the nominal case now, then it will link to that deployment's ECS service specifically.
The z-index caused it to overlap with the MFA method dropdown.
Introduced a Query field to the CrownJewelSpec to facilitate Access Graph queries. Updated corresponding protobuf definitions, validation logic, and tests to support the new field.
…er resources (#44893) * [kube] fix greedy deny rule blocking namespace list when blocking other resources This PR fixes an edge case where the deny rule for blocking access to a resource becomes greedy and blocks access to the whole namespace. eg: ``` allow: kubernetes_labels: '*': '*' kubernetes_resources: - kind: '*' name: '*' namespace: '*' verbs: - '*' deny: kubernetes_resources: - kind: secret name: '*' namespace: '*' verbs: - '*' ``` With the example above, access to secrets must be blocked but the user is allowed to access every other resource in any namespace. The previous model was greedy and blocked access to namespace list. * add extra test * handle comments
* re-add grace period to Upload completer (again) * Check parts' last modified time for the grace period * Add test --------- Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>
* docs: Don't provide commands to use Homebrew Also clarify language around Touch ID support in versions installed from Homebrew * Add note about building from source * Apply suggestions from code review Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com> --------- Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>
* Document SSO caveats on UserSpecV2.TrustedDeviceIDs * Update generated protos * Run `make -C integrations/operator manifests` * Run `make -C integrations/terraform docs`
* Bump the go group in /api with 3 updates Bumps the go group in /api with 3 updates: [golang.org/x/crypto](https://github.com/golang/crypto), [golang.org/x/net](https://github.com/golang/net) and [golang.org/x/term](https://github.com/golang/term). Updates `golang.org/x/crypto` from 0.24.0 to 0.25.0 - [Commits](golang/crypto@v0.24.0...v0.25.0) Updates `golang.org/x/net` from 0.26.0 to 0.27.0 - [Commits](golang/net@v0.26.0...v0.27.0) Updates `golang.org/x/term` from 0.21.0 to 0.22.0 - [Commits](golang/term@v0.21.0...v0.22.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go ... Signed-off-by: dependabot[bot] <support@github.com> * Tidy all modules --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alan Parra <alan.parra@goteleport.com>
Bumps the rust group with 4 updates: [bytes](https://github.com/tokio-rs/bytes), [env_logger](https://github.com/rust-cli/env_logger), [tokio](https://github.com/tokio-rs/tokio) and [uuid](https://github.com/uuid-rs/uuid). Updates `bytes` from 1.6.0 to 1.7.0 - [Release notes](https://github.com/tokio-rs/bytes/releases) - [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md) - [Commits](tokio-rs/bytes@v1.6.0...v1.7.0) Updates `env_logger` from 0.11.3 to 0.11.5 - [Release notes](https://github.com/rust-cli/env_logger/releases) - [Changelog](https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md) - [Commits](rust-cli/env_logger@v0.11.3...v0.11.5) Updates `tokio` from 1.38.0 to 1.39.2 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.38.0...tokio-1.39.2) Updates `uuid` from 1.9.1 to 1.10.0 - [Release notes](https://github.com/uuid-rs/uuid/releases) - [Commits](uuid-rs/uuid@1.9.1...1.10.0) --- updated-dependencies: - dependency-name: bytes dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust - dependency-name: env_logger dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust - dependency-name: tokio dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust - dependency-name: uuid dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the go group in /build.assets/tooling with 3 updates: [golang.org/x/mod](https://github.com/golang/mod), [helm.sh/helm/v3](https://github.com/helm/helm) and [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver). Updates `golang.org/x/mod` from 0.18.0 to 0.19.0 - [Commits](golang/mod@v0.18.0...v0.19.0) Updates `helm.sh/helm/v3` from 3.15.2 to 3.15.3 - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.15.2...v3.15.3) Updates `k8s.io/apiextensions-apiserver` from 0.30.2 to 0.30.3 - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](kubernetes/apiextensions-apiserver@v0.30.2...v0.30.3) --- updated-dependencies: - dependency-name: golang.org/x/mod dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: k8s.io/apiextensions-apiserver dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the go group in /assets/aws with 3 updates: [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2), [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) and [github.com/aws/aws-sdk-go-v2/service/ec2](https://github.com/aws/aws-sdk-go-v2). Updates `github.com/aws/aws-sdk-go-v2` from 1.30.1 to 1.30.3 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@v1.30.1...v1.30.3) Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.23 to 1.27.27 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@config/v1.27.23...config/v1.27.27) Updates `github.com/aws/aws-sdk-go-v2/service/ec2` from 1.167.1 to 1.173.0 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@service/ec2/v1.167.1...service/ec2/v1.173.0) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/service/ec2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- user selects a vpc to see RDS's - restrict deploying service to user selected vpc - allow and require selecting subnets and security groups - refactor EnrollRdsDatabase.tsx into SingleEnrollment and AutoEnrollment - for self hosted, move configuring discovery config into own step - fixes a query bug where not all db servers were returning because possible duplicates were not accounted for (fixed by removing limit, default limit is 1k which should be plenty)
This adds some notes to the Machine ID docs explaining that a TTL limit exists, and an explanation in the FAQ explaining why. It also adds a logged warning on bot startup if the TTL request exceeds the server limit. Fixes #44894
* process saml_idp_service_provider kind in resource access request api * add saml_idp_service_provider in resource selection * add saml kind to toResourceMap * update access request story * update snapshots
This removes the `BOT_INSTANCE_EXPERIMENT` feature flag to enable the feature universally. It also adjusts some comments to add deprecation notices.
* Remove storybook v6 dependencies * Remove deprecated or unneeded babel plugins * Add `memfs` for `check-redirects.test.js` * Remove `memfs` from the root package.json * Ignore tests from `docs/check-redirects`
* Add SPIFFE bundle endpoint * Add comment explaining mountpoint * Add test * Fix misspelling of equivalent * Update lib/web/spiffe.go Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com> * Update lib/web/spiffe.go Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com> * Update lib/web/spiffe.go Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com> * Update lib/web/spiffe_test.go Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com> * Fix test * Fix imports --------- Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com>
* Fix the button border color for the neutral+border combination * Update snapshots * Specify transparent background explicitly * Switch text color to slightly muted * Update snapshots * Use a more visible border * Update snapshots
Correcting the below type error: Create a file called cmd-editor.yaml to cmc-editor.yaml
Co-authored-by: Steven Martin <stevenmartin@stevens-mbp.lan>
* Unimport aws-sdk-go/service/mobile in lib/srv/app/aws * chore: Bump AWS SDK modules * chore: Bump AWS-related modules
…45009) * chore: Bump google.golang.org/grpc/cmd/protoc-gen-go-grpc to v1.5.1 * Update generated protos
* Bump the ui group with 27 updates Bumps the ui group with 27 updates: | Package | From | To | | --- | --- | --- | | [@codemirror/autocomplete](https://github.com/codemirror/autocomplete) | `6.9.1` | `6.17.0` | | [@codemirror/view](https://github.com/codemirror/view) | `6.19.0` | `6.29.1` | | [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.10.10` | `1.11.1` | | [@uiw/codemirror-themes](https://github.com/uiwjs/react-codemirror) | `4.22.2` | `4.23.0` | | [@uiw/react-codemirror](https://github.com/uiwjs/react-codemirror) | `4.22.2` | `4.23.0` | | [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `5.1.1` | `5.3.4` | | [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `5.1.1` | `5.3.4` | | [styled-components](https://github.com/styled-components/styled-components) | `6.1.11` | `6.1.12` | | [@storybook/components](https://github.com/storybookjs/storybook/tree/HEAD/code/deprecated/components) | `8.2.5` | `8.2.7` | | [@storybook/react](https://github.com/storybookjs/storybook/tree/HEAD/code/renderers/react) | `8.2.5` | `8.2.7` | | [@storybook/react-vite](https://github.com/storybookjs/storybook/tree/HEAD/code/frameworks/react-vite) | `8.2.5` | `8.2.7` | | [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) | `6.4.6` | `6.4.8` | | [msw](https://github.com/mswjs/msw) | `2.3.2` | `2.3.4` | | [prettier](https://github.com/prettier/prettier) | `3.3.2` | `3.3.3` | | [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/lib/cli) | `8.2.5` | `8.2.7` | | [typescript](https://github.com/Microsoft/TypeScript) | `5.5.3` | `5.5.4` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.3.2` | `5.3.5` | | [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.24.7` | `7.25.2` | | [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) | `7.24.7` | `7.25.3` | | [@swc/core](https://github.com/swc-project/swc) | `1.7.0` | `1.7.4` | | [eslint-plugin-react](https://github.com/jsx-eslint/eslint-plugin-react) | `7.34.3` | `7.35.0` | | [@emotion/is-prop-valid](https://github.com/emotion-js/emotion) | `1.2.2` | `1.3.0` | | [ace-builds](https://github.com/ajaxorg/ace-builds) | `1.35.2` | `1.35.4` | | [winston](https://github.com/winstonjs/winston) | `3.13.0` | `3.13.1` | | [electron](https://github.com/electron/electron) | `31.1.0` | `31.3.1` | | [electron-builder](https://github.com/electron-userland/electron-builder/tree/HEAD/packages/electron-builder) | `25.0.1` | `25.0.3` | | [zod-to-json-schema](https://github.com/StefanTerdell/zod-to-json-schema) | `3.23.1` | `3.23.2` | Updates `@codemirror/autocomplete` from 6.9.1 to 6.17.0 - [Changelog](https://github.com/codemirror/autocomplete/blob/main/CHANGELOG.md) - [Commits](codemirror/autocomplete@6.9.1...6.17.0) Updates `@codemirror/view` from 6.19.0 to 6.29.1 - [Changelog](https://github.com/codemirror/view/blob/main/CHANGELOG.md) - [Commits](codemirror/view@6.19.0...6.29.1) Updates `@grpc/grpc-js` from 1.10.10 to 1.11.1 - [Release notes](https://github.com/grpc/grpc-node/releases) - [Commits](https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.10.10...@grpc/grpc-js@1.11.1) Updates `@uiw/codemirror-themes` from 4.22.2 to 4.23.0 - [Release notes](https://github.com/uiwjs/react-codemirror/releases) - [Commits](uiwjs/react-codemirror@v4.22.2...v4.23.0) Updates `@uiw/react-codemirror` from 4.22.2 to 4.23.0 - [Release notes](https://github.com/uiwjs/react-codemirror/releases) - [Commits](uiwjs/react-codemirror@v4.22.2...v4.23.0) Updates `react-router` from 5.1.1 to 5.3.4 - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/v5.3.4/packages/react-router) Updates `react-router-dom` from 5.1.1 to 5.3.4 - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/v5.3.4/packages/react-router-dom) Updates `styled-components` from 6.1.11 to 6.1.12 - [Release notes](https://github.com/styled-components/styled-components/releases) - [Commits](styled-components/styled-components@v6.1.11...v6.1.12) Updates `@storybook/components` from 8.2.5 to 8.2.7 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v8.2.7/code/deprecated/components) Updates `@storybook/react` from 8.2.5 to 8.2.7 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v8.2.7/code/renderers/react) Updates `@storybook/react-vite` from 8.2.5 to 8.2.7 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v8.2.7/code/frameworks/react-vite) Updates `@testing-library/jest-dom` from 6.4.6 to 6.4.8 - [Release notes](https://github.com/testing-library/jest-dom/releases) - [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md) - [Commits](testing-library/jest-dom@v6.4.6...v6.4.8) Updates `msw` from 2.3.2 to 2.3.4 - [Release notes](https://github.com/mswjs/msw/releases) - [Changelog](https://github.com/mswjs/msw/blob/main/CHANGELOG.md) - [Commits](mswjs/msw@v2.3.2...v2.3.4) Updates `prettier` from 3.3.2 to 3.3.3 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.3.2...3.3.3) Updates `storybook` from 8.2.5 to 8.2.7 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v8.2.7/code/lib/cli) Updates `typescript` from 5.5.3 to 5.5.4 - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](microsoft/TypeScript@v5.5.3...v5.5.4) Updates `vite` from 5.3.2 to 5.3.5 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.3.5/packages/vite) Updates `@babel/core` from 7.24.7 to 7.25.2 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.25.2/packages/babel-core) Updates `@babel/preset-env` from 7.24.7 to 7.25.3 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.25.3/packages/babel-preset-env) Updates `@swc/core` from 1.7.0 to 1.7.4 - [Release notes](https://github.com/swc-project/swc/releases) - [Changelog](https://github.com/swc-project/swc/blob/main/CHANGELOG.md) - [Commits](swc-project/swc@v1.7.0...v1.7.4) Updates `eslint-plugin-react` from 7.34.3 to 7.35.0 - [Release notes](https://github.com/jsx-eslint/eslint-plugin-react/releases) - [Changelog](https://github.com/jsx-eslint/eslint-plugin-react/blob/master/CHANGELOG.md) - [Commits](jsx-eslint/eslint-plugin-react@v7.34.3...v7.35.0) Updates `@emotion/is-prop-valid` from 1.2.2 to 1.3.0 - [Release notes](https://github.com/emotion-js/emotion/releases) - [Changelog](https://github.com/emotion-js/emotion/blob/main/CHANGELOG.md) - [Commits](https://github.com/emotion-js/emotion/compare/@emotion/is-prop-valid@1.2.2...@emotion/is-prop-valid@1.3.0) Updates `ace-builds` from 1.35.2 to 1.35.4 - [Release notes](https://github.com/ajaxorg/ace-builds/releases) - [Changelog](https://github.com/ajaxorg/ace-builds/blob/master/CHANGELOG.md) - [Commits](ajaxorg/ace-builds@v1.35.2...v1.35.4) Updates `winston` from 3.13.0 to 3.13.1 - [Release notes](https://github.com/winstonjs/winston/releases) - [Changelog](https://github.com/winstonjs/winston/blob/master/CHANGELOG.md) - [Commits](winstonjs/winston@v3.13.0...v3.13.1) Updates `electron` from 31.1.0 to 31.3.1 - [Release notes](https://github.com/electron/electron/releases) - [Changelog](https://github.com/electron/electron/blob/main/docs/breaking-changes.md) - [Commits](electron/electron@v31.1.0...v31.3.1) Updates `electron-builder` from 25.0.1 to 25.0.3 - [Release notes](https://github.com/electron-userland/electron-builder/releases) - [Changelog](https://github.com/electron-userland/electron-builder/blob/master/packages/electron-builder/CHANGELOG.md) - [Commits](https://github.com/electron-userland/electron-builder/commits/v25.0.3/packages/electron-builder) Updates `zod-to-json-schema` from 3.23.1 to 3.23.2 - [Release notes](https://github.com/StefanTerdell/zod-to-json-schema/releases) - [Changelog](https://github.com/StefanTerdell/zod-to-json-schema/blob/master/changelog.md) - [Commits](https://github.com/StefanTerdell/zod-to-json-schema/commits) --- updated-dependencies: - dependency-name: "@codemirror/autocomplete" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui - dependency-name: "@codemirror/view" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui - dependency-name: "@grpc/grpc-js" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui - dependency-name: "@uiw/codemirror-themes" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui - dependency-name: "@uiw/react-codemirror" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui - dependency-name: react-router dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui - dependency-name: react-router-dom dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui - dependency-name: styled-components dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ui - dependency-name: "@storybook/components" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui - dependency-name: "@storybook/react" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui - dependency-name: "@storybook/react-vite" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui - dependency-name: "@testing-library/jest-dom" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui - dependency-name: msw dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui - dependency-name: prettier dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui - dependency-name: storybook dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui - dependency-name: vite dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui - dependency-name: "@babel/core" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui - dependency-name: "@swc/core" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ui - dependency-name: eslint-plugin-react dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui - dependency-name: "@emotion/is-prop-valid" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui - dependency-name: ace-builds dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ui - dependency-name: winston dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ui - dependency-name: electron dependency-type: direct:development update-type: version-update:semver-minor dependency-group: ui - dependency-name: electron-builder dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui - dependency-name: zod-to-json-schema dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui ... Signed-off-by: dependabot[bot] <support@github.com> * Update mockServiceWorker.js * Update snapshots * Update `after-install.tpl` to match the one from `electron-builder` * Run `pnpm install` after resoling conflicts * Run `pnpm dedupe` --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com> Co-authored-by: Grzegorz Zdunek <grzegorz.zdunek@goteleport.com>
…44993) We unconditionally committed the generation counter to the legacy user label to allow for downgrade compatibility. This is not valid for non-token join methods as previous Teleport versions will attempt to check the generation counter whenever the label is nonzero, and because these older versions don't support authenticated rejoining, will never be able to compare to the client's actual generation value. (Plus, it was hard-coded to zero.) This disables the legacy generation counter for non-renewable join methods. This should not create a later upgrade problem as bots will lose their instance ID upon their first rejoin after downgrading, and so will be issued a fresh ID and generation counter if and when the cluster is upgraded again.
Co-authored-by: Steven Martin <stevenmartin@Stevens-MBP.fios-router.home>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )