trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

website: update 2023.8 release notes (#6666) 

* update main release notes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update sidebar

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Apply suggestions from code review

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
This commit is contained in:
Jens L 2023-08-29 19:57:14 +02:00 committed by GitHub
parent aa874dd92a
commit 782341441a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 28 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SECURITY.md
View File

@ -16,8 +16,8 @@ Even if the issue is not a CVE, we still greatly appreciate your help in hardeni
| Version | Supported |
| --- | --- |
| 2023.5.x | ✅ |
| 2023.6.x | ✅ |
| 2023.8.x | ✅ |
## Reporting a Vulnerability

28
website/docs/releases/2023/v2023.8.md
View File

@ -23,9 +23,17 @@ slug: "/releases/2023.8"
## New features
- Enterprise (preview)
This is the first release to include the _Enterprise_ section, where you can acquire a license in our Customer Portal and get enterprise licenses for your authentik instance. See more info [here](../../enterprise/index.md)
- Config reloading
For better security and to better support running in a cloud-native environment, authentik now supports dynamic PostgreSQL and Email credentials. In previous versions, both the authentik server and worker containers required restarting to detect the new credentials. In 2023.8, these credentials are automatically refreshed just before they are used. This means you can use something like [Hashicorp Vault](https://vaultproject.io) to manage short-term credentials that are rotated once a day or even more frequently without needing to restart authentik.
## Upgrading
This release does not introduce any new requirements.
This release changes the PostgreSQL dependency to require Version 12 or later, which only affects Kubernetes installs. See [here](../../troubleshooting/postgres/upgrade_kubernetes.md) for more info on upgrading.
### docker-compose
@ -50,11 +58,14 @@ image:
## Minor changes/fixes
- \*: fix api errors raised in general validate() to specify a field (#6663)
- api: optimise pagination in API schema (#6478)
- blueprints: fix blueprint importer logging potentially sensitive data (#6567)
- blueprints: fix tag values not resolved correctly (#6653)
- blueprints: prevent duplicate password stage in default flow when using combined identification stage (#6432)
- core: bump django from 4.1.7 to 4.2 (#5238)
- core: fix UUID filter field for users api (#6203)
- core: fix filtering users by type attribute (#6638)
- core: rework recursive group membership (#6017)
- enterprise: add more info to enterprise forecast (#6292)
- enterprise: initial enterprise (#5721)
@ -63,15 +74,18 @@ image:
- outposts/ldap: add more tests (#6188)
- outposts/ldap: add test for attribute filtering (#6189)
- outposts: Fix infinite self-recursion in traefik reconciler (#6336)
- outposts: fix patch processing (#6338)
- outposts: fix Kubernetes patch processing (#6338)
- outposts: make metrics compliant with Prometheus best-practices (#6398)
- outposts: support json patch for Kubernetes (#6319)
- providers/oauth2: fix aud (Audience) field type which can be a list of… (#6447)
- providers/oauth2: fix grant_type password raising an exception (#6333)
- providers/oauth2: fix id_token being saved incorrectly leading to lost claims (#6645)
- providers/proxy: fix JWKS URL in embedded outpost (#6644)
- providers/proxy: only intercept auth header when a value is set (#6488)
- providers/proxy: set outpost session cookie to httponly and secure wh… (#6482)
- root: add get_int to config loader instead of casting to int everywhere (#6436)
- root: always use persistent database connections (#6560)
- root: config: config discovery parity between Go and Python
- root: config: remove redundant default configs
- root: migrate bootstrap to blueprints (#6433)
- root: partial Live-updating config (#5959)
- root: replace builtin psycopg libpq binary implementation with distro… (#6448)
@ -85,14 +99,22 @@ image:
- web/admin: fix admin overview layout (#6220)
- web/admin: fix user sorting by active field (#6485)
- web/admin: hide pagination when no data is loaded yet (#6353)
- web/admin: make version clickable for stable releases (#6626)
- web/admin: only show token expiry when token is set to expire (#6643)
- web/admin: set required flag to false for user attributes (#6418)
- web/common: make API errors more prominent in developer tools (#6637)
- web/elements: improve table error handling, prevent infinite loading … (#6636)
- web/flows: fix identification stage band color (#6489)
- web/flows: update flow background (#6579)
- web/user: fix alignment between image icons and fallback text icons (#6416)
- web/user: fix app icon size for user interface
- web/user: fix background alignment (#6383)
- web/user: fix user settings colours on dark theme (#6499)
- web/user: fix user settings elements not being in cards (#6608)
- web/user: only render expand element when required (#6641)
- web: fix app icon rendering, style refinements (#6409)
- web: refactor locale handler into top-level context handler (#6022)
- web: replace deprecated terser rollup plugin, remove unused plugin (#6615)
- web: rework and expand tooltips (#6435)
## API Changes

3
website/sidebars.js
View File

@ -272,13 +272,14 @@ const docsSidebar = {
description: "Release notes for recent authentik versions",
},
items: [
"releases/2023/v2023.8",
"releases/2023/v2023.6",
"releases/2023/v2023.5",
"releases/2023/v2023.4",
{
type: "category",
label: "Previous versions",
items: [
"releases/2023/v2023.4",
"releases/2023/v2023.3",
"releases/2023/v2023.2",
"releases/2023/v2023.1",