diff --git a/website/docs/releases/v2022.7.md b/website/docs/releases/v2022.7.md index 057368fb8..acffbf9aa 100644 --- a/website/docs/releases/v2022.7.md +++ b/website/docs/releases/v2022.7.md @@ -36,33 +36,45 @@ slug: "2022.7" ## Minor changes/fixes -- api: add basic jwt support with required scope (#2624) +- \*: define prometheus metrics in apps to prevent re-import +- api: add basic jwt auth support with required scope (#2624) - ci: add version family (#3059) - core: add limit of 20 to group recursion -- core: fix migrations when creating bootstrap token -- core: trigger bootstrap tasks in server if we're debugging +- core: create FlowToken instead of regular token for generated recovery links (#3193) +- core: mark session as modified instead of saving it directly to bump expiry +- core: re-create anonymous user when repairing permissions - core: user paths (#3085) -- internal: dont sample gunicorn proxied requests +- flows: add shortcut to redirect current flow (#3192) +- flows: denied action (#3194) +- flows: show messages from ak_message when flow is denied - internal: failback with self-signed cert if cert for tenant fails to load -- internal: fix routing to embedded outpost +- internal: fix nil pointer reference - internal: skip tracing for go healthcheck and metrics endpoints - lifecycle: fix confusing success messages in startup healthiness check - lifecycle: run bootstrap tasks inline when using automated install - lifecycle: Update postgres healthcheck for compose with user information (#3143) - policies: consolidate log user and application - providers/oauth2: dont lowercase URL for token requests (#3114) +- providers/oauth2: ensure refresh tokens are URL safe - providers/oauth2: fix OAuth form_post response mode for code response_type - providers/oauth2: if a redirect_uri cannot be parsed as regex, compare strict (#3070) +- providers/oauth2: if no scopes are sent in authorize request, select all configured scopes - providers/oauth2: remove deprecated verification_keys (#3071) - providers/oauth2: token revoke (#3077) - providers/proxy: only send misconfiguration event once +- root: ignore healthcheck routes in sentry tracing +- sources/ldap: add configuration for LDAP Source ciphers +- web: fix redirect when accessing authentik URLs authenticated +- web: improve detection for locales +- web/admin: default to users path in sidebar link - web/admin: link bound group under policies - web/admin: only pre-select oauth2 provider key if creating a new instance - web/admin: remove invalid requirement for usernames - web/elements: add spinner when loading dynamic routes +- web/elements: auto-switch themes for codemirror - web/flows: add divider to identification stage for security key - web/flows: fix error when webauthn operations failed and user retries -- web/flows: remove autofocus from password field of identifications stage +- web/flows: remove autofocus from password field of identifications tage - web/flows: statically import webauthn-related stages for safari issues ## Upgrading