Merge remote-tracking branch 'origin/master' into v0.16

# Conflicts:
#	.github/ISSUE_TEMPLATE/bug_report.md
#	.github/ISSUE_TEMPLATE/feature_request.md
#	.github/ISSUE_TEMPLATE/security.md
#	.github/PULL_REQUEST_TEMPLATE.md
#	CONTRIBUTING.md

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,24 +1,52 @@
 ---
 name: Bug report
 about: Create a report to help us improve
+
 ---
 
-**Describe the bug** A clear and concise description of what the bug is.
+**Describe the bug**
+
+A clear and concise description of what the bug is.
+
+**Reproducing the bug**
+
+Steps to reproduce the behavior:
+
+<!--
+1. Run `docker run ....`
+2. Make API Request to with `curl ...`
+3. Request fails with response: `{"some": "error"}`
+-->
+
+*Server logs*
+
+<!--
+```
+log=error ....
+```
+-->
+
+*Server configuration*
+
+<!--
+PLEASE OMIT SENSITIVE VALUES
 
-**To Reproduce** Steps to reproduce the behavior:
+```yaml
+server:
+    admin:
+        port: 1234
+```
+-->
 
-1. Run `some-command`
-2. Open ...
-3. See error
+**Expected behavior**
 
-**Expected behavior** A clear and concise description of what you expected to
-happen.
+A clear and concise description of what you expected to happen.
 
-**Screenshots** If applicable, add screenshots to help explain your problem.
+**Environment**
 
-**Version:**
+* Version: v1.2.3, git sha hash
+* Environment: Debian, Docker, ...
 
-- Environment: [e.g. Docker, Kubernetes, ...]
-- Version [e.g. v1.0.0]
+**Additional context**
 
-**Additional context** Add any other context about the problem here.
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,16 +1,22 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
+
 ---
 
-**Is your feature request related to a problem? Please describe.** A clear and
-concise description of what the problem is. Ex. I'm always frustrated when [...]
+**Is your feature request related to a problem? Please describe.**
+
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+
+A clear and concise description of any alternative solutions or features you've considered.
 
-**Describe the solution you'd like** A clear and concise description of what you
-want to happen.
+**Additional context**
 
-**Describe alternatives you've considered** A clear and concise description of
-any alternative solutions or features you've considered.
+Add any other context or screenshots about the feature request here.
 
-**Additional context** Add any other context or screenshots about the feature
-request here.

.github/ISSUE_TEMPLATE/security.md

@@ -1,10 +1,8 @@
 ---
 name: Disclose vulnerability
-about:
-  Please do not open a public issue about the vulnerability but instead disclose
-  it directly to hi@ory.sh
+about: Please do not open a public issue about the vulnerability but instead disclose it directly to hi@ory.sh
+
 ---
 
-Please refrain from publishing (potential) security vulnerabilities publicly on
-the forums, the chat, or GitHub. Instead, send us an email to
-[hi@ory.sh](mailto:hi@ory.sh) and we will respond within 24 hours.
+**Please refrain from publishing (potential) security vulnerabilities publicly on the forums, the chat, or GitHub. Instead,
+send us an email to [hi@ory.sh](mailto:hi@ory.sh) and we will respond within 24 hours.**

.github/PULL_REQUEST_TEMPLATE.md

@@ -25,20 +25,11 @@ them, don't hesitate to ask. We're here to help! This is simply a reminder of wh
 -->
 
 - [ ] I have read the [contributing guidelines](CONTRIBUTING.md)
-- [ ] I confirm that this pull request does not address a security
-      vulnerability. If this pull request addresses a security vulnerability, I
-      confirm that I got green light (please contact
-      [hi@ory.sh](mailto:hi@ory.sh)) from the maintainers to push the changes.
-- [ ] I signed the
-      [Developer's Certificate of Origin](https://github.com/ory/keto/blob/master/CONTRIBUTING.md#developers-certificate-of-origin)
-      by signing my commit(s). You can amend your signature to the most recent
-      commit by using `git commit --amend -s`. If you amend the commit, you
-      might need to force push using `git push --force HEAD:<branch>`. Please be
-      very careful when using force push.
+- [ ] I confirm that this pull request does not address a security vulnerability. If this pull request addresses a security
+vulnerability, I confirm that I got green light (please contact [hi@ory.sh](mailto:hi@ory.sh)) from the maintainers to push the changes.
 - [ ] I have added tests that prove my fix is effective or that my feature works
 - [ ] I have added necessary documentation within the code base (if appropriate)
-- [ ] I have documented my changes in the
-      [developer guide](https://github.com/ory/docs) (if appropriate)
+- [ ] I have documented my changes in the [developer guide](https://github.com/ory/docs) (if appropriate)
 
 ## Further comments
 

.releaser/LICENSE.txt

@@ -81,4 +81,4 @@ THIS SOFTWARE AND THE ACCOMPANYING FILES ARE SOLD "AS IS" AND WITHOUT WARRANTIES
 5. CONSENT OF USE OF DATA
 
 You agree that ORY GmbH may collect and use information gathered in any manner as part of the product support services provided to you, if any, related to ORY Oathkeeper.ORY GmbH may also use this information to provide notices to you which may be of use or interest to you.
-
+

CONTRIBUTING.md

@@ -1,15 +1,13 @@
-# Contribution Guide
+# Contributing to ORY Oathkeeper
 
 <!-- START doctoc generated TOC please keep comment here to allow auto update -->
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
-
 **Table of Contents**
 
 - [Introduction](#introduction)
 - [Contributing Code](#contributing-code)
 - [Disclosing vulnerabilities](#disclosing-vulnerabilities)
 - [Code Style](#code-style)
-- [Developer’s Certificate of Origin](#developers-certificate-of-origin)
 - [Pull request procedure](#pull-request-procedure)
 - [Communication](#communication)
 - [Conduct](#conduct)
@@ -18,156 +16,78 @@
 
 ## Introduction
 
-We welcome and encourage community contributions to ORY Oathkeeper.
-
-Since the project is still unstable, there are specific priorities for
-development. Pull requests that do not address these priorities will not be
-accepted until ORY Oathkeeper is production ready.
-
-Please familiarize yourself with the Contribution Guidelines and Project Roadmap
-before contributing.
+Please note: We take ORY Oathkeeper's security and our users' trust very seriously. If you believe you have found a
+security issue in ORY Oathkeeper, please responsibly disclose by contacting us at hi@ory.sh.
 
-There are many ways to help ORY Oathkeeper besides contributing code:
+First: if you're unsure or afraid of anything, just ask or submit the issue or pull request anyways. You won't be
+yelled at for giving it your best effort. The worst that can happen is that you'll be politely asked to change
+something. We appreciate any sort of contributions, and don't want a wall of rules to get in the way of that.
 
-- Fix bugs or file issues
-- Improve the documentation
+That said, if you want to ensure that a pull request is likely to be merged, talk to us! You can find out our thoughts
+and ensure that your contribution won't clash or be obviated by ORY Oathkeeper's normal direction. A great way to do this is via
+the [ORY Community](https://community.ory.sh/) or join the [ORY Chat](https://www.ory.sh/chat).
 
 ## Contributing Code
 
-Unless you are fixing a known bug, we **strongly** recommend discussing it with
-the core team via a GitHub issue or [in our chat](https://www.ory.sh/chat)
-before getting started to ensure your work is consistent with ORY Oathkeeper's
-roadmap and architecture.
+Unless you are fixing a known bug, we **strongly** recommend discussing it with the core team via a GitHub issue or
+[in our chat](https://www.ory.sh/chat) before getting started to ensure your work is consistent with
+ORY Oathkeeper's roadmap and architecture.
 
-All contributions are made via pull request. Note that **all patches from all
-contributors get reviewed**. After a pull request is made other contributors
-will offer feedback, and if the patch passes review a maintainer will accept it
-with a comment. When pull requests fail testing, authors are expected to update
-their pull requests to address the failures until the tests pass and the pull
-request merges successfully.
+All contributions are made via pull request. Note that **all patches from all contributors get reviewed**. After a pull
+request is made other contributors will offer feedback, and if the patch passes review a maintainer will accept it with
+a comment. When pull requests fail testing, authors are expected to update their pull requests to address the failures
+until the tests pass and the pull request merges successfully.
 
-At least one review from a maintainer is required for all patches (even patches
-from maintainers).
+At least one review from a maintainer is required for all patches (even patches from maintainers).
 
-Reviewers should leave a "LGTM" comment once they are satisfied with the patch.
-If the patch was submitted by a maintainer with write access, the pull request
-should be merged by the submitter after review.
+Reviewers should leave a "LGTM" comment once they are satisfied with the patch. If the patch was submitted by a
+maintainer with write access, the pull request should be merged by the submitter after review.
 
 ## Disclosing vulnerabilities
 
-Please disclose vulnerabilities exclusively to [hi@ory.am](mailto:hi@ory.am). Do
-not use GitHub issues.
+Please disclose vulnerabilities exclusively to [hi@ory.am](mailto:hi@ory.am). Do not use GitHub issues.
 
 ## Code Style
 
 Please follow these guidelines when formatting source code:
 
-- Go code should match the output of `gofmt -s`
-
-## Developer’s Certificate of Origin
-
-All contributions must include acceptance of the DCO:
-
-```text
-Developer Certificate of Origin
-Version 1.1
-
-Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
-660 York Street, Suite 102,
-San Francisco, CA 94110 USA
-
-Everyone is permitted to copy and distribute verbatim copies of this
-license document, but changing it is not allowed.
-
-
-Developer's Certificate of Origin 1.1
-
-By making a contribution to this project, I certify that:
-
-(a) The contribution was created in whole or in part by me and I
-    have the right to submit it under the open source license
-    indicated in the file; or
-
-(b) The contribution is based upon previous work that, to the best
-    of my knowledge, is covered under an appropriate open source
-    license and I have the right under that license to submit that
-    work with modifications, whether created in whole or in part
-    by me, under the same open source license (unless I am
-    permitted to submit under a different license), as indicated
-    in the file; or
-
-(c) The contribution was provided directly to me by some other
-    person who certified (a), (b) or (c) and I have not modified
-    it.
-
-(d) I understand and agree that this project and the contribution
-    are public and that a record of the contribution (including all
-    personal information I submit with it, including my sign-off) is
-    maintained indefinitely and may be redistributed consistent with
-    this project or the open source license(s) involved.
-```
-
-To accept the DCO, simply add this line to each commit message with your name
-and email address (`git commit -s` will do this for you):
-
-```text
-Signed-off-by: Jane Example <jane@example.com>
-```
-
-For legal reasons, no anonymous or pseudonymous contributions are accepted
-([contact us](mailto:aeneas@ory.am) if this is an issue).
+* Go code should match the output of `gofmt -s`
 
 ## Pull request procedure
 
-To make a pull request, you will need a GitHub account; if you are unclear on
-this process, see GitHub's documentation on
-[forking](https://help.github.com/articles/fork-a-repo) and
-[pull requests](https://help.github.com/articles/using-pull-requests). Pull
-requests should be targeted at the `master` branch. Before creating a pull
-request, go through this checklist:
+To make a pull request, you will need a GitHub account; if you are unclear on this process, see GitHub's
+documentation on [forking](https://help.github.com/articles/fork-a-repo) and [pull requests](https://help.github.com/articles/using-pull-requests).
+Pull requests should be targeted at the `master` branch. Before creating a pull request, go through this checklist:
 
 1. Create a feature branch off of `master` so that changes do not get mixed up.
-1. [Rebase](http://git-scm.com/book/en/Git-Branching-Rebasing) your local
-   changes against the `master` branch.
-1. Run the full project test suite with the `go test ./...` (or equivalent)
-   command and confirm that it passes.
+1. [Rebase](http://git-scm.com/book/en/Git-Branching-Rebasing) your local changes against the `master` branch.
+1. Run the full project test suite with the `go test ./...` (or equivalent) command and confirm that it passes.
 1. Run `gofmt -s` (if the project is written in Go).
-1. Accept the Developer's Certificate of Origin on all commits (see above).
-1. Ensure that each commit has a subsystem prefix (ex: `controller:`).
+1. Ensure that each commit has a subsystem prefix (ex: `controller: `).
 
-Pull requests will be treated as "review requests," and maintainers will give
-feedback on the style and substance of the patch.
+Pull requests will be treated as "review requests," and maintainers will give feedback on the style and substance of the patch.
 
-Normally, all pull requests must include tests that test your change.
-Occasionally, a change will be very difficult to test for. In those cases,
-please include a note in your commit message explaining why.
+Normally, all pull requests must include tests that test your change. Occasionally, a change will
+be very difficult to test for. In those cases, please include a note in your commit message explaining why.
 
 ## Communication
 
-We use [discord](https://www.ory.sh/chat). You are welcome to drop in and ask
-questions, discuss bugs, etc.
+We use [discord](https://www.ory.sh/chat). You are welcome to drop in and ask questions, discuss bugs, etc.
 
 ## Conduct
 
-Whether you are a regular contributor or a newcomer, we care about making this
-community a safe place for you and we've got your back.
-
-- We are committed to providing a friendly, safe and welcoming environment for
-  all, regardless of gender, sexual orientation, disability, ethnicity,
-  religion, or similar personal characteristic.
-- Please avoid using nicknames that might detract from a friendly, safe and
-  welcoming environment for all.
-- Be kind and courteous. There is no need to be mean or rude.
-- We will exclude you from interaction if you insult, demean or harass anyone.
-  In particular, we do not tolerate behavior that excludes people in socially
-  marginalized groups.
-- Private harassment is also unacceptable. No matter who you are, if you feel
-  you have been or are being harassed or made uncomfortable by a community
-  member, please contact one of the channel ops or a member of the ORY
-  Oathkeeper core team immediately.
-- Likewise any spamming, trolling, flaming, baiting or other attention-stealing
-  behaviour is not welcome.
-
-We welcome discussion about creating a welcoming, safe, and productive
-environment for the community. If you have any questions, feedback, or concerns
-[please let us know](https://www.ory.sh/chat).
+Whether you are a regular contributor or a newcomer, we care about making this community a safe place for you and
+we've got your back.
+
+* We are committed to providing a friendly, safe and welcoming environment for all, regardless of gender,
+    sexual orientation, disability, ethnicity, religion, or similar personal characteristic.
+* Please avoid using nicknames that might detract from a friendly, safe and welcoming environment for all.
+* Be kind and courteous. There is no need to be mean or rude.
+* We will exclude you from interaction if you insult, demean or harass anyone. In particular, we do not tolerate
+    behavior that excludes people in socially marginalized groups.
+* Private harassment is also unacceptable. No matter who you are, if you feel you have been or are being harassed or
+    made uncomfortable by a community member, please contact one of the channel ops or a member of the ORY
+    Oathkeeper core team immediately.
+* Likewise any spamming, trolling, flaming, baiting or other attention-stealing behaviour is not welcome.
+
+We welcome discussion about creating a welcoming, safe, and productive environment for the community. If you have any questions, feedback, or concerns [please let us know](https://www.ory.sh/chat).

install.sh

@@ -378,7 +378,7 @@ End of functions from https://github.com/client9/shlib
 EOF
 
 PROJECT_NAME="oathkeeper"
-OWNER=github.com/ory
+OWNER="ory"
 REPO="oathkeeper"
 BINARY=oathkeeper
 FORMAT=tar.gz