Update dexidp/dex Docker tag to v2.36.0 (!75) · Merge requests · Iron Bank Containers / Opensource / dexidp / dex

This MR contains the following updates:

Package	Type	Update	Change
dexidp/dex	ironbank-docker	minor	`v2.35.3` -> `v2.36.0`
dexidp/dex		minor	`v2.35.3` -> `v2.36.0`
dexidp/dex	stage	minor	`v2.35.3` -> `v2.36.0`

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the logs for more information.

Release Notes

dexidp/dex

`v2.36.0`

Compare Source

The official container image for this release can be pulled from

ghcr.io/dexidp/dex:v2.36.0

What's Changed

Enhancements 🚀

TLS configure for OIDC connector by @xtremerui in https://github.com/dexidp/dex/pull/1632
Add icon for gitea by @pinpox in https://github.com/dexidp/dex/pull/2733
fix: Do not use connector data from the refresh token field by @nabokihms in https://github.com/dexidp/dex/pull/2729
Add preferredEmailDomain config option for GitHub connector by @nobuyo in https://github.com/dexidp/dex/pull/2740
Move unique functionality into getGroups to reduce calls to google by @snuggie12 in https://github.com/dexidp/dex/pull/2628
fix: prevent server-side request forgery using Kubernetes storage by @nabokihms in https://github.com/dexidp/dex/pull/2479
fix: return 401 if password is invalid by @nabokihms in https://github.com/dexidp/dex/pull/2796
feat: Add default robots.txt by @nabokihms in https://github.com/dexidp/dex/pull/2834
Skip redirection to approval when it is not required (#2686) by @nobuyo in https://github.com/dexidp/dex/pull/2805
feat: Bump dependencies and Makefile refactoring by @nabokihms in https://github.com/dexidp/dex/pull/2844

Bug Fixes 🐛

Make admin email optional when no service account path is configured by @sagikazarmark in https://github.com/dexidp/dex/pull/2695
Only initialize google admin service if necessary by @sagikazarmark in https://github.com/dexidp/dex/pull/2700

Dependency Updates ⬆️

build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2697
fix: Update gomplate version to 3.11.3 fix CVE-2022-27665 by @nabokihms in https://github.com/dexidp/dex/pull/2705
build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by @dependabot in https://github.com/dexidp/dex/pull/2708
build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 by @dependabot in https://github.com/dexidp/dex/pull/2715
build(deps): bump google.golang.org/api from 0.98.0 to 0.101.0 by @dependabot in https://github.com/dexidp/dex/pull/2720
build(deps): bump github.com/mattn/go-sqlite3 from 1.14.15 to 1.14.16 by @dependabot in https://github.com/dexidp/dex/pull/2721
build(deps): bump aquasecurity/trivy-action from 0.7.1 to 0.8.0 by @dependabot in https://github.com/dexidp/dex/pull/2723
build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 by @dependabot in https://github.com/dexidp/dex/pull/2718
build(deps): bump golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2724
build(deps): bump alpine from 3.16.2 to 3.17.0 by @dependabot in https://github.com/dexidp/dex/pull/2746
build(deps): bump github.com/prometheus/client_golang from 1.13.0 to 1.14.0 by @dependabot in https://github.com/dexidp/dex/pull/2735
build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.5 to 3.5.6 by @dependabot in https://github.com/dexidp/dex/pull/2744
build(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 by @dependabot in https://github.com/dexidp/dex/pull/2751
build(deps): bump golang from 1.19.3-alpine3.16 to 1.19.4-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2750
build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2755
build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.5 to 3.5.6 by @dependabot in https://github.com/dexidp/dex/pull/2743
build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 by @dependabot in https://github.com/dexidp/dex/pull/2754
build(deps): bump helm/kind-action from 1.4.0 to 1.5.0 by @dependabot in https://github.com/dexidp/dex/pull/2758
build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0 by @dependabot in https://github.com/dexidp/dex/pull/2741
build(deps): bump google.golang.org/api from 0.101.0 to 0.104.0 by @dependabot in https://github.com/dexidp/dex/pull/2753
build(deps): bump google.golang.org/grpc from 1.49.0 to 1.51.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2742
build(deps): bump golang.org/x/net from 0.3.0 to 0.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2761
build(deps): bump entgo.io/ent from 0.11.3 to 0.11.4 by @dependabot in https://github.com/dexidp/dex/pull/2725
build(deps): bump google.golang.org/api from 0.104.0 to 0.105.0 by @dependabot in https://github.com/dexidp/dex/pull/2760
build(deps): bump golang.org/x/net from 0.4.0 to 0.5.0 by @dependabot in https://github.com/dexidp/dex/pull/2774
build(deps): bump google.golang.org/api from 0.105.0 to 0.106.0 by @dependabot in https://github.com/dexidp/dex/pull/2772
build(deps): bump github.com/coreos/go-oidc/v3 from 3.4.0 to 3.5.0 by @dependabot in https://github.com/dexidp/dex/pull/2770
build(deps): bump golang.org/x/crypto from 0.4.0 to 0.5.0 by @dependabot in https://github.com/dexidp/dex/pull/2773
build(deps): bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 by @dependabot in https://github.com/dexidp/dex/pull/2777
build(deps): bump entgo.io/ent from 0.11.4 to 0.11.5 by @dependabot in https://github.com/dexidp/dex/pull/2779
build(deps): bump alpine from 3.17.0 to 3.17.1 by @dependabot in https://github.com/dexidp/dex/pull/2780
build(deps): bump mheap/github-action-required-labels from 2 to 3 by @dependabot in https://github.com/dexidp/dex/pull/2769
build(deps): bump google.golang.org/api from 0.106.0 to 0.107.0 by @dependabot in https://github.com/dexidp/dex/pull/2788
build(deps): bump golang from 1.19.4-alpine3.16 to 1.19.5-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2782
build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 by @dependabot in https://github.com/dexidp/dex/pull/2783
build(deps): bump google.golang.org/api from 0.107.0 to 0.108.0 by @dependabot in https://github.com/dexidp/dex/pull/2793
build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2784
chore: Upgrade golangci-lint to v1.50.1 from v1.46.0 by @dlipovetsky in https://github.com/dexidp/dex/pull/2790
ci: Use go 1.19 by @dlipovetsky in https://github.com/dexidp/dex/pull/2791
build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.6 to 3.5.7 by @dependabot in https://github.com/dexidp/dex/pull/2798
build(deps): bump docker/build-push-action from 3 to 4 by @dependabot in https://github.com/dexidp/dex/pull/2807
build(deps): bump golang from 1.19.5-alpine3.16 to 1.20.0-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2811
build(deps): bump aquasecurity/trivy-action from 0.8.0 to 0.9.0 by @dependabot in https://github.com/dexidp/dex/pull/2810
build(deps): bump alpine from 3.17.1 to 3.17.2 by @dependabot in https://github.com/dexidp/dex/pull/2821
build(deps): bump aquasecurity/trivy-action from 0.9.0 to 0.9.1 by @dependabot in https://github.com/dexidp/dex/pull/2822
build(deps): bump entgo.io/ent from 0.11.5 to 0.11.8 by @dependabot in https://github.com/dexidp/dex/pull/2823
build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 by @dependabot in https://github.com/dexidp/dex/pull/2818
build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 by @dependabot in https://github.com/dexidp/dex/pull/2828
build(deps): bump golang.org/x/net from 0.4.0 to 0.7.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2832
build(deps): bump golang.org/x/sys from 0.0.0-20220114195835-da31bd327af9 to 0.1.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/2837
build(deps): bump golang.org/x/net from 0.0.0-20220114011407-0dd24b26b47d to 0.7.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/2846
build(deps): bump golang from 1.20.0-alpine3.16 to 1.20.1-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2827
build(deps): bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 by @dependabot in https://github.com/dexidp/dex/pull/2850
build(deps): bump golang from 1.20.1-alpine3.16 to 1.20.2-alpine3.16 by @dependabot in https://github.com/dexidp/dex/pull/2849
feat: Bump gomplate 3.11.4 by @nabokihms in https://github.com/dexidp/dex/pull/2840
build(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in https://github.com/dexidp/dex/pull/2856
build(deps): bump golang.org/x/oauth2 from 0.4.0 to 0.6.0 by @dependabot in https://github.com/dexidp/dex/pull/2847
build(deps): bump google.golang.org/api from 0.108.0 to 0.112.0 by @dependabot in https://github.com/dexidp/dex/pull/2853
build(deps): bump google.golang.org/api from 0.112.0 to 0.114.0 by @dependabot in https://github.com/dexidp/dex/pull/2869
build(deps): bump actions/setup-go from 3 to 4 by @dependabot in https://github.com/dexidp/dex/pull/2863
build(deps): bump github.com/russellhaering/goxmldsig from 1.2.0 to 1.3.0 by @dependabot in https://github.com/dexidp/dex/pull/2862
build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 by @dependabot in https://github.com/dexidp/dex/pull/2866
build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2867
build(deps): bump golang.org/x/crypto from 0.0.0-20220112180741-5e0467b6c7ce to 0.1.0 in /examples by @dependabot in https://github.com/dexidp/dex/pull/2845
build(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 in /api/v2 by @dependabot in https://github.com/dexidp/dex/pull/2816
chore: upgrade tools by @sagikazarmark in https://github.com/dexidp/dex/pull/2870

Other Changes

Bump image in examples/k8s/dex.yaml to v2.32.0 by @stealthybox in https://github.com/dexidp/dex/pull/2569

New Contributors

@pinpox made their first contribution in https://github.com/dexidp/dex/pull/2733
@nobuyo made their first contribution in https://github.com/dexidp/dex/pull/2740
@dlipovetsky made their first contribution in https://github.com/dexidp/dex/pull/2790
@seankhliao made their first contribution in https://github.com/dexidp/dex/pull/2812
@stealthybox made their first contribution in https://github.com/dexidp/dex/pull/2569

Full Changelog: https://github.com/dexidp/dex/compare/v2.35.3...v2.36.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about these updates again.

If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Update dexidp/dex Docker tag to v2.36.0