From ef218ff1ff75d72d47d42e0e27a4769dbc9044fe Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Mon, 27 Jun 2022 21:12:36 +0200 Subject: [PATCH] website/docs: update 2022.7 release notes Signed-off-by: Jens Langhammer --- SECURITY.md | 3 ++- website/docs/releases/v2022.7.md | 39 ++++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index afd5e2fae..90b96df65 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -6,8 +6,9 @@ | Version | Supported | | ---------- | ------------------ | -| 2022.4.x | :white_check_mark: | | 2022.5.x | :white_check_mark: | +| 2022.6.x | :white_check_mark: | +| 2022.7.x | :white_check_mark: | ## Reporting a Vulnerability diff --git a/website/docs/releases/v2022.7.md b/website/docs/releases/v2022.7.md index 80f9d9e57..c3adaf04a 100644 --- a/website/docs/releases/v2022.7.md +++ b/website/docs/releases/v2022.7.md @@ -22,6 +22,45 @@ slug: "2022.7" Sources now have a path template to specify which path users created by it should be assigned. Additionally, you can set the path in the user_write stage in any flow, and it can be dynamically overwritten within a flow's context. +- API Authentication using JWT + + OAuth Refresh tokens that have been issued with the scope `goauthentik.io/api` can now be used to authenticate to the API on behalf of the user the token belongs to. + +- Version-family tagged Container images + + Instead of having to choose between using the `:latest` tag and explicit versions like `:2022.7.1`, there are now also version-family tags (:2022.7). This allows for sticking with a single version but still getting bugfix updates. + +## Minor changes/fixes + +- api: add basic jwt support with required scope (#2624) +- ci: add version family (#3059) +- core: add limit of 20 to group recursion +- core: fix migrations when creating bootstrap token +- core: trigger bootstrap tasks in server if we're debugging +- core: user paths (#3085) +- internal: dont sample gunicorn proxied requests +- internal: failback with self-signed cert if cert for tenant fails to load +- internal: fix routing to embedded outpost +- internal: skip tracing for go healthcheck and metrics endpoints +- lifecycle: fix confusing success messages in startup healthiness check +- lifecycle: run bootstrap tasks inline when using automated install +- lifecycle: Update postgres healthcheck for compose with user information (#3143) +- policies: consolidate log user and application +- providers/oauth2: dont lowercase URL for token requests (#3114) +- providers/oauth2: fix OAuth form_post response mode for code response_type +- providers/oauth2: if a redirect_uri cannot be parsed as regex, compare strict (#3070) +- providers/oauth2: remove deprecated verification_keys (#3071) +- providers/oauth2: token revoke (#3077) +- providers/proxy: only send misconfiguration event once +- web/admin: link bound group under policies +- web/admin: only pre-select oauth2 provider key if creating a new instance +- web/admin: remove invalid requirement for usernames +- web/elements: add spinner when loading dynamic routes +- web/flows: add divider to identification stage for security key +- web/flows: fix error when webauthn operations failed and user retries +- web/flows: remove autofocus from password field of identifications tage +- web/flows: statically import webauthn-related stages for safari issues + ## Upgrading This release does not introduce any new requirements.