github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-05-20 15:22:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,185 Commits 3 Branches 0 Tags
76166cfc0adedd785420639c5c1abce3fefcf9ed
Commit Graph

1185 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
76166cfc0a build(deps): bump github.com/go-chi/chi/v5 from 5.2.2 to 5.2.3 (#415) 
Bumps [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-chi/chi/compare/v5.2.2...v5.2.3)

---
updated-dependencies:
- dependency-name: github.com/go-chi/chi/v5
  dependency-version: 5.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-01 13:51:23 +00:00
dependabot[bot]
c3e5a0d6b4 build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.9 (#414) 
Bumps [github.com/spf13/pflag](https://github.com/spf13/pflag) from 1.0.7 to 1.0.9.
- [Release notes](https://github.com/spf13/pflag/releases)
- [Commits](https://github.com/spf13/pflag/compare/v1.0.7...v1.0.9)

---
updated-dependencies:
- dependency-name: github.com/spf13/pflag
  dependency-version: 1.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-01 13:48:14 +00:00
dependabot[bot]
794053d709 build(deps): bump google-github-actions/auth (#412) 
Bumps the gh-actions group with 1 update in the / directory: [google-github-actions/auth](https://github.com/google-github-actions/auth).


Updates `google-github-actions/auth` from 2.1.7 to 2.1.12
- [Release notes](https://github.com/google-github-actions/auth/releases)
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md)
- [Commits](6fc4af4b14...b7593ed2ef)

---
updated-dependencies:
- dependency-name: google-github-actions/auth
  dependency-version: 2.1.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-27 00:21:46 +00:00
Trong Huu Nguyen
da69847027 feat(openid): add opt-in toggle for typ header in accordance with RFC7523bis 
Some providers require that the `typ` header has a value exactly equal
to `client-authentication+jwt` in accordance with changes introduced by
RFC7523bis.

This commit allows for opting in to setting the `typ` header with this new value.

The default behaviour is to use the previous de facto standard value, `JWT`.
Once the changes in RFC7523bis lands in the affected standards and
identity providers start supporting the new `typ` header (Entra ID being
notable for not supporting this as of this commit), we will default to
use `client-authentication+jwt`.
 2025-08-26 08:29:27 +02:00
Trong Huu Nguyen
da089b9fe3 feat: remove automaxprocs 
The same features are now supported natively in Go 1.25.
 2025-08-26 08:29:27 +02:00
Trong Huu Nguyen
40d87b84a4 build: go 1.25.0 2025-08-26 08:29:26 +02:00
Trong Huu Nguyen
39b723b753 build: bump liberator and httprc 2025-08-26 08:29:26 +02:00
Trong Huu Nguyen
55a3021f18 ci: ratchet update 2025-08-26 08:29:21 +02:00
dependabot[bot]
437fae4a14 build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 (#409) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-version: 1.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-25 13:09:44 +00:00
dependabot[bot]
e865047bbe build(deps): bump github.com/lestrrat-go/jwx/v3 from 3.0.8 to 3.0.10 (#404) 
Bumps [github.com/lestrrat-go/jwx/v3](https://github.com/lestrrat-go/jwx) from 3.0.8 to 3.0.10.
- [Release notes](https://github.com/lestrrat-go/jwx/releases)
- [Changelog](https://github.com/lestrrat-go/jwx/blob/develop/v3/Changes)
- [Commits](https://github.com/lestrrat-go/jwx/compare/v3.0.8...v3.0.10)

---
updated-dependencies:
- dependency-name: github.com/lestrrat-go/jwx/v3
  dependency-version: 3.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-21 07:38:25 +00:00
dependabot[bot]
1ace7d6500 build(deps): bump github.com/prometheus/client_golang (#401) 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.22.0 to 1.23.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.22.0...v1.23.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-version: 1.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 16:44:54 +00:00
dependabot[bot]
70d5bf7355 build(deps): bump golang.org/x/crypto from 0.40.0 to 0.41.0 (#406) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.40.0 to 0.41.0.
- [Commits](https://github.com/golang/crypto/compare/v0.40.0...v0.41.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 16:40:27 +00:00
dependabot[bot]
ebcafc77e7 build(deps): bump the redis group with 3 updates (#405) 
Bumps the redis group with 3 updates: [github.com/redis/go-redis/extra/redisotel/v9](https://github.com/redis/go-redis), [github.com/redis/go-redis/extra/redisprometheus/v9](https://github.com/redis/go-redis) and [github.com/redis/go-redis/v9](https://github.com/redis/go-redis).


Updates `github.com/redis/go-redis/extra/redisotel/v9` from 9.11.0 to 9.12.0
- [Release notes](https://github.com/redis/go-redis/releases)
- [Changelog](https://github.com/redis/go-redis/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/redis/go-redis/compare/v9.11.0...v9.12.0)

Updates `github.com/redis/go-redis/extra/redisprometheus/v9` from 9.11.0 to 9.12.0
- [Release notes](https://github.com/redis/go-redis/releases)
- [Changelog](https://github.com/redis/go-redis/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/redis/go-redis/compare/v9.11.0...v9.12.0)

Updates `github.com/redis/go-redis/v9` from 9.11.0 to 9.12.0
- [Release notes](https://github.com/redis/go-redis/releases)
- [Changelog](https://github.com/redis/go-redis/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/redis/go-redis/compare/v9.11.0...v9.12.0)

---
updated-dependencies:
- dependency-name: github.com/redis/go-redis/extra/redisotel/v9
  dependency-version: 9.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: redis
- dependency-name: github.com/redis/go-redis/extra/redisprometheus/v9
  dependency-version: 9.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: redis
- dependency-name: github.com/redis/go-redis/v9
  dependency-version: 9.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: redis
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 16:30:46 +00:00
dependabot[bot]
e29e31fd34 build(deps): bump golang from 1.24 to 1.25 in the docker group (#407) 
Bumps the docker group with 1 update: golang.


Updates `golang` from 1.24 to 1.25

---
updated-dependencies:
- dependency-name: golang
  dependency-version: '1.25'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: docker
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 10:46:05 +00:00
dependabot[bot]
79b3835fb9 build(deps): bump docker/login-action in the gh-actions group (#403) 
Bumps the gh-actions group with 1 update: [docker/login-action](https://github.com/docker/login-action).


Updates `docker/login-action` from 3.4.0 to 3.5.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](74a5d14239...184bdaa072)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: 3.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gh-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-11 10:43:33 +00:00
dependabot[bot]
ad10dc9b84 build(deps): bump google-github-actions/auth in the gh-actions group (#400) 
Bumps the gh-actions group with 1 update: [google-github-actions/auth](https://github.com/google-github-actions/auth).


Updates `google-github-actions/auth` from 2.1.11 to 2.1.12
- [Release notes](https://github.com/google-github-actions/auth/releases)
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md)
- [Commits](140bb5113f...b7593ed2ef)

---
updated-dependencies:
- dependency-name: google-github-actions/auth
  dependency-version: 2.1.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 09:37:57 +00:00
dependabot[bot]
8ad7cdfde3 build(deps): bump the gh-actions group with 2 updates (#399) 
Bumps the gh-actions group with 2 updates: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) and [google-github-actions/auth](https://github.com/google-github-actions/auth).


Updates `sigstore/cosign-installer` from e40248c492a99ad409432e2ea978d7a2811f2e1f to d58896d6a1865668819e1d91763c7751a165e159
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](e40248c492...d58896d6a1)

Updates `google-github-actions/auth` from 2.1.10 to 2.1.11
- [Release notes](https://github.com/google-github-actions/auth/releases)
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md)
- [Commits](ba79af0395...140bb5113f)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: d58896d6a1865668819e1d91763c7751a165e159
  dependency-type: direct:production
  dependency-group: gh-actions
- dependency-name: google-github-actions/auth
  dependency-version: 2.1.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 11:29:33 +00:00
dependabot[bot]
39bf7b4063 build(deps): bump github.com/go-viper/mapstructure/v2 (#398) 
Bumps [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/go-viper/mapstructure/releases)
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-viper/mapstructure/compare/v2.3.0...v2.4.0)

---
updated-dependencies:
- dependency-name: github.com/go-viper/mapstructure/v2
  dependency-version: 2.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 10:40:19 +00:00
dependabot[bot]
3adf2228ed build(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7 (#397) 
Bumps [github.com/spf13/pflag](https://github.com/spf13/pflag) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/spf13/pflag/releases)
- [Commits](https://github.com/spf13/pflag/compare/v1.0.6...v1.0.7)

---
updated-dependencies:
- dependency-name: github.com/spf13/pflag
  dependency-version: 1.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 10:12:08 +00:00
dependabot[bot]
dab329ba9f build(deps): bump github.com/bmatcuk/doublestar/v4 from 4.8.1 to 4.9.1 (#396) 
Bumps [github.com/bmatcuk/doublestar/v4](https://github.com/bmatcuk/doublestar) from 4.8.1 to 4.9.1.
- [Release notes](https://github.com/bmatcuk/doublestar/releases)
- [Commits](https://github.com/bmatcuk/doublestar/compare/v4.8.1...v4.9.1)

---
updated-dependencies:
- dependency-name: github.com/bmatcuk/doublestar/v4
  dependency-version: 4.9.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 10:07:31 +00:00
dependabot[bot]
084562ca56 build(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 (#394) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.39.0 to 0.40.0.
- [Commits](https://github.com/golang/crypto/compare/v0.39.0...v0.40.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-14 08:51:43 +00:00
dependabot[bot]
fea80fca48 build(deps): bump github.com/KimMachineGun/automemlimit (#393) 
Bumps [github.com/KimMachineGun/automemlimit](https://github.com/KimMachineGun/automemlimit) from 0.7.3 to 0.7.4.
- [Release notes](https://github.com/KimMachineGun/automemlimit/releases)
- [Commits](https://github.com/KimMachineGun/automemlimit/compare/v0.7.3...v0.7.4)

---
updated-dependencies:
- dependency-name: github.com/KimMachineGun/automemlimit
  dependency-version: 0.7.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-14 08:47:25 +00:00
Trong Huu Nguyen
75ff84ba28 refactor: suppress some noisy startup logs 2025-07-09 13:33:40 +02:00
Trong Huu Nguyen
9809a7e064 build: go 1.24.5 2025-07-09 08:38:05 +02:00
Trong Huu Nguyen
2e3da2bb64 feat: add separate health probe listener 
This adds an optional health probe listener, mostly for use in rutime
environments where you want separate public and private listeners.

The existing /oauth2/ping endpoint on the main listener is kept for
backwards compatibility.
 2025-07-08 11:26:22 +02:00
dependabot[bot]
fddff23a8b build(deps): bump sigstore/cosign-installer in the gh-actions group (#392) 
Bumps the gh-actions group with 1 update: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer).


Updates `sigstore/cosign-installer` from d9374b96fed791ab117111a9a307a92b68bf3145 to e40248c492a99ad409432e2ea978d7a2811f2e1f
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d9374b96fe...e40248c492)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: e40248c492a99ad409432e2ea978d7a2811f2e1f
  dependency-type: direct:production
  dependency-group: gh-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 09:44:11 +00:00
Trong Huu Nguyen
4e536328cf refactor(charts): use checksum annotation instead of relying on reloader 2025-07-04 09:59:10 +02:00
Trong Huu Nguyen
fa70c6f878 refactor(charts): move non-secret configuration to deployment 
Also converts secrets to use data instead of stringData to avoid stale
keys being kept, due to server-side apply merging stringData with
existing data instead of overwriting (i.e. removing unset keys).
 2025-07-04 09:57:35 +02:00
Trong Huu Nguyen
17a4683c4f fix(charts): set valkey connection idle timeout for forward-auth 2025-07-01 14:45:56 +02:00
Trong Huu Nguyen
a3f0350629 build(deps): bump otel dependencies 2025-07-01 14:03:05 +02:00
Trong Huu Nguyen
a820dc5b9b perf(session/redis): disable caller tracing 
This drops the calling function, filepath and line number attributes
for redisotel tracing. The underlying implementation here calls
runtime.Callers, which are more expensive than we'd like.
 2025-07-01 14:03:04 +02:00
Trong Huu Nguyen
f562f6479a feat(charts): replace in-cluster valkey with aiven valkey 2025-07-01 14:03:02 +02:00
Trong Huu Nguyen
ca6f2f9ea3 feat(charts): disable session inactivity for forward-auth 2025-07-01 14:02:34 +02:00
dependabot[bot]
9d23d055dd build(deps): bump github.com/lestrrat-go/jwx/v3 from 3.0.7 to 3.0.8 (#389) 
Bumps [github.com/lestrrat-go/jwx/v3](https://github.com/lestrrat-go/jwx) from 3.0.7 to 3.0.8.
- [Release notes](https://github.com/lestrrat-go/jwx/releases)
- [Changelog](https://github.com/lestrrat-go/jwx/blob/develop/v3/Changes)
- [Commits](https://github.com/lestrrat-go/jwx/compare/v3.0.7...v3.0.8)

---
updated-dependencies:
- dependency-name: github.com/lestrrat-go/jwx/v3
  dependency-version: 3.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 09:11:29 +00:00
dependabot[bot]
4ade142324 build(deps): bump the redis group with 3 updates (#390) 
Bumps the redis group with 3 updates: [github.com/redis/go-redis/extra/redisotel/v9](https://github.com/redis/go-redis), [github.com/redis/go-redis/extra/redisprometheus/v9](https://github.com/redis/go-redis) and [github.com/redis/go-redis/v9](https://github.com/redis/go-redis).


Updates `github.com/redis/go-redis/extra/redisotel/v9` from 9.10.0 to 9.11.0
- [Release notes](https://github.com/redis/go-redis/releases)
- [Changelog](https://github.com/redis/go-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/go-redis/compare/v9.10.0...v9.11.0)

Updates `github.com/redis/go-redis/extra/redisprometheus/v9` from 9.10.0 to 9.11.0
- [Release notes](https://github.com/redis/go-redis/releases)
- [Changelog](https://github.com/redis/go-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/go-redis/compare/v9.10.0...v9.11.0)

Updates `github.com/redis/go-redis/v9` from 9.10.0 to 9.11.0
- [Release notes](https://github.com/redis/go-redis/releases)
- [Changelog](https://github.com/redis/go-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/go-redis/compare/v9.10.0...v9.11.0)

---
updated-dependencies:
- dependency-name: github.com/redis/go-redis/extra/redisotel/v9
  dependency-version: 9.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: redis
- dependency-name: github.com/redis/go-redis/extra/redisprometheus/v9
  dependency-version: 9.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: redis
- dependency-name: github.com/redis/go-redis/v9
  dependency-version: 9.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: redis
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 09:07:44 +00:00
dependabot[bot]
bcb290157b build(deps): bump github.com/go-viper/mapstructure/v2 (#387) 
Bumps [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/go-viper/mapstructure/releases)
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-viper/mapstructure/compare/v2.2.1...v2.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-viper/mapstructure/v2
  dependency-version: 2.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 09:03:40 +00:00
dependabot[bot]
82b2178976 build(deps): bump sigstore/cosign-installer in the gh-actions group (#388) 
Bumps the gh-actions group with 1 update: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer).


Updates `sigstore/cosign-installer` from 84f54a2bcd1ecf70e51a05388183dce4e1487230 to d9374b96fed791ab117111a9a307a92b68bf3145
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](84f54a2bcd...d9374b96fe)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: d9374b96fed791ab117111a9a307a92b68bf3145
  dependency-type: direct:production
  dependency-group: gh-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-30 09:05:42 +00:00
dependabot[bot]
5faf18d8d2 build(deps): bump sigstore/cosign-installer in the gh-actions group (#386) 
Bumps the gh-actions group with 1 update: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer).


Updates `sigstore/cosign-installer` from e9a05e6d32d7ed22b5656cd874ef31af58d05bfa to 84f54a2bcd1ecf70e51a05388183dce4e1487230
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](e9a05e6d32...84f54a2bcd)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: 84f54a2bcd1ecf70e51a05388183dce4e1487230
  dependency-type: direct:production
  dependency-group: gh-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-23 08:00:19 +00:00
dependabot[bot]
9c9890a74d build(deps): bump github.com/go-chi/chi/v5 from 5.2.1 to 5.2.2 (#385) 
Bumps [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) from 5.2.1 to 5.2.2.
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-chi/chi/compare/v5.2.1...v5.2.2)

---
updated-dependencies:
- dependency-name: github.com/go-chi/chi/v5
  dependency-version: 5.2.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-20 17:02:32 +00:00
Trong Huu Nguyen
4bf3b1bdd4 refactor: move string generator to crypto package 2025-06-16 09:55:44 +02:00
Trong Huu Nguyen
4e1c8e68f8 feat(openid): retry front-channel logouts 2025-06-16 09:55:44 +02:00
Trong Huu Nguyen
a156c11ace refactor(session): use SetSpanAttributes on refresh 2025-06-16 09:55:43 +02:00
Trong Huu Nguyen
1a138c66a3 refactor: move retry package 2025-06-16 09:55:42 +02:00
dependabot[bot]
294535bbba build(deps): bump github.com/lestrrat-go/jwx/v3 from 3.0.4 to 3.0.7 (#384) 
Bumps [github.com/lestrrat-go/jwx/v3](https://github.com/lestrrat-go/jwx) from 3.0.4 to 3.0.7.
- [Release notes](https://github.com/lestrrat-go/jwx/releases)
- [Changelog](https://github.com/lestrrat-go/jwx/blob/develop/v3/Changes)
- [Commits](https://github.com/lestrrat-go/jwx/compare/v3.0.4...v3.0.7)

---
updated-dependencies:
- dependency-name: github.com/lestrrat-go/jwx/v3
  dependency-version: 3.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 07:34:08 +00:00
dependabot[bot]
145aeb7315 build(deps): bump github.com/KimMachineGun/automemlimit (#383) 
Bumps [github.com/KimMachineGun/automemlimit](https://github.com/KimMachineGun/automemlimit) from 0.7.2 to 0.7.3.
- [Release notes](https://github.com/KimMachineGun/automemlimit/releases)
- [Commits](https://github.com/KimMachineGun/automemlimit/compare/v0.7.2...v0.7.3)

---
updated-dependencies:
- dependency-name: github.com/KimMachineGun/automemlimit
  dependency-version: 0.7.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 07:30:21 +00:00
Trong Huu Nguyen
b3c2c72155 feat(openid): only set max_age parameter for prompt=login 
We generally don't want to instruct the identity provider
to attempt full reauthentication when switching accounts
with `prompt=select_account`.
 2025-06-11 13:28:52 +02:00
Trong Huu Nguyen
052d310280 fix(openid): require expires_in for token responses 
While RFC 6749 specify this field as recommended:

> If omitted, the authorization server SHOULD provide the
> expiration time via other means or document the default value.

and equivalently the OIDC Core spec specifies the same field as optional,
we will explicitly enforce that these fields are returned from the AS.

This isn't a breaking change as the existing session refresh logic implicitly
depends on this field and its value.

While there are probably some providers that omit the `expires_in` field
or sets it to zero with the intent of returning access tokens that do not
expire, we assume these are relatively rare. We might revisit this
at some point in the future, should our assumptions be wrong.
 2025-06-11 13:07:18 +02:00
Trong Huu Nguyen
bf2f97f400 feat: set more session and token-related span attributes 2025-06-10 13:51:15 +02:00
Trong Huu Nguyen
3813cd2ea3 ci: trigger build 2025-06-10 10:43:48 +02:00
dependabot[bot]
789b01f680 build(deps): bump github.com/lestrrat-go/jwx/v3 from 3.0.1 to 3.0.4 (#382) 
Bumps [github.com/lestrrat-go/jwx/v3](https://github.com/lestrrat-go/jwx) from 3.0.1 to 3.0.4.
- [Release notes](https://github.com/lestrrat-go/jwx/releases)
- [Changelog](https://github.com/lestrrat-go/jwx/blob/develop/v3/Changes)
- [Commits](https://github.com/lestrrat-go/jwx/compare/v3.0.1...v3.0.4)

---
updated-dependencies:
- dependency-name: github.com/lestrrat-go/jwx/v3
  dependency-version: 3.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-10 08:00:43 +00:00