sync forked master with base master #115

iamazzeez · 2022-11-22T05:54:00Z

Overview

Need to keep forked repo updated with base repo

What this PR does / why we need it

This pr is needed to be in sync with base repo dexidp:master

Special notes for your reviewer

Does this PR introduce a user-facing change?

…/russellhaering/goxmldsig-1.2.0

Signed-off-by: Engin Diri <engin.diri@mail.schwarz>

Bumps golang from 1.17.7-alpine3.14 to 1.17.8-alpine3.14. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…alpine3.14

feat: Add acr_values support for OIDC

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.3.0 to 1.4.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md) - [Commits](spf13/cobra@v1.3.0...v1.4.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…/spf13/cobra-1.4.0

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.0 to 1.7.1. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.7.0...v1.7.1) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…/stretchr/testify-1.7.1

Bumps alpine from 3.15.0 to 3.15.1. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

build(deps): bump alpine from 3.15.0 to 3.15.1

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Update alpine version

Bumps alpine from 3.15.1 to 3.15.3. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.70.0 to 0.74.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.70.0...v0.74.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps alpine from 3.15.3 to 3.15.4. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…ang.org/api-0.74.0

Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.27.1 to 1.28.0. - [Release notes](https://github.com/protocolbuffers/protobuf-go/releases) - [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash) - [Commits](protocolbuffers/protobuf-go@v1.27.1...v1.28.0) --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

fix: Implicit Grant discovery

…ang.org/protobuf-1.28.0

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Looks like Atlas (the new migration library under Ent) cannot handle precision properly. An issue has been reported to Ent: ent/ent#2454 Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Update ent

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.2.2 to 0.2.3. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.2.2...0.2.3) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [entgo.io/ent](https://github.com/ent/ent) from 0.11.2 to 0.11.3. - [Release notes](https://github.com/ent/ent/releases) - [Commits](ent/ent@v0.11.2...v0.11.3) --- updated-dependencies: - dependency-name: entgo.io/ent dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…nt-0.11.3 build(deps): bump entgo.io/ent from 0.11.2 to 0.11.3

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Update golang.org/x packages

Signed-off-by: Jann Fischer <jfischer@redhat.com>

docs: Add Argo CD to list of Dex adopters

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

fix: refresh token only once for all concurrent requests

This reverts commit 4947772. Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Make admin email optional when no service account path is configured

Bumps golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…alpine3.16 build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Only initialize google admin service if necessary

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.5.0 to 1.6.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.0 to 1.8.1. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.0...v1.8.1) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.98.0 to 0.101.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.98.0...v0.101.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…#2721) Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.15 to 1.14.16. - [Release notes](https://github.com/mattn/go-sqlite3/releases) - [Commits](mattn/go-sqlite3@v1.14.15...v1.14.16) --- updated-dependencies: - dependency-name: github.com/mattn/go-sqlite3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.7.1 to 0.8.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.7.1...0.8.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.6.0 to 1.6.1. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.6.0...v1.6.1) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…2724) Bumps golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Rui Yang <ruiya@vmware.com>

Signed-off-by: Pablo Ovelleiro Corral <mail@pablo.tools>

sonarcloud · 2022-11-22T05:54:21Z

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information

dependabot bot and others added 30 commits March 4, 2022 09:34

Merge pull request #2424 from dexidp/dependabot/go_modules/github.com…

b83ba01

…/russellhaering/goxmldsig-1.2.0

feat: Add acr_values support for OIDC

5d9d681

Signed-off-by: Engin Diri <engin.diri@mail.schwarz>

Merge pull request #2426 from dexidp/dependabot/docker/golang-1.17.8-…

a322f42

…alpine3.14

Merge pull request #2418 from dirien/acr_values

cb9f0b5

feat: Add acr_values support for OIDC

fix: Implicit Grant discovery

57e9611

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

Merge pull request #2437 from dexidp/dependabot/go_modules/github.com…

f1cc713

…/spf13/cobra-1.4.0

Merge pull request #2440 from dexidp/dependabot/go_modules/github.com…

20e2e42

…/stretchr/testify-1.7.1

build(deps): bump alpine from 3.15.0 to 3.15.1

df1cb1c

Bumps alpine from 3.15.0 to 3.15.1. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Merge pull request #2444 from dexidp/dependabot/docker/alpine-3.15.1

090593b

build(deps): bump alpine from 3.15.0 to 3.15.1

chore: update alpine version

863416f

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Merge pull request #2446 from dexidp/update-base-image

897ae8d

Update alpine version

build(deps): bump alpine from 3.15.1 to 3.15.3

6692759

Bumps alpine from 3.15.1 to 3.15.3. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Merge pull request #2456 from dexidp/dependabot/docker/alpine-3.15.3

2ebcd70

build(deps): bump alpine from 3.15.3 to 3.15.4

b163944

Bumps alpine from 3.15.3 to 3.15.4. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Merge pull request #2461 from dexidp/dependabot/docker/alpine-3.15.4

e462d69

Merge pull request #2458 from dexidp/dependabot/go_modules/google.gol…

cf78e74

…ang.org/api-0.74.0

Merge pull request #2433 from flant/implicit_flow_discovery

50dc2f5

fix: Implicit Grant discovery

Merge pull request #2451 from dexidp/dependabot/go_modules/google.gol…

493c0eb

…ang.org/protobuf-1.28.0

feat: update entgo library

07a43f2

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

feat: update generated storage files

20b03b3

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

feat: use the new atlas engine for migrations

0c3c577

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

fix: define milisecond precision for postgres

b51e73b

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

revert: atlas and precision change

9b1a840

Looks like Atlas (the new migration library under Ent) cannot handle precision properly. An issue has been reported to Ent: ent/ent#2454 Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Merge pull request #2428 from dexidp/update-ent

a51ed2c

Update ent

dependabot bot and others added 25 commits September 29, 2022 04:04

Merge pull request #2684 from dexidp/dependabot/go_modules/entgo.io/e…

d3864d1

…nt-0.11.3 build(deps): bump entgo.io/ent from 0.11.2 to 0.11.3

chore(deps): update golang.org/x packages

542c2f5

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Merge pull request #2688 from dexidp/dep-updates

c70a14b

Update golang.org/x packages

Add Argo CD to list of Dex adopters

32f61e1

Signed-off-by: Jann Fischer <jfischer@redhat.com>

Merge pull request #2691 from jannfis/docs/add-adopter-argocd

ffeb4d5

docs: Add Argo CD to list of Dex adopters

fix: refresh token only once for all concurrent requests

4b5f1d5

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

Merge pull request #2692 from flant/refresh-once

e4bceef

fix: refresh token only once for all concurrent requests

Revert "fix: check for no serviceAccountFilePath and no email (#2679)"

6a59f08

This reverts commit 4947772. Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

fix(connector/google): make admin email optional for default creds

9bcce63

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Merge pull request #2695 from dexidp/fix-google-admin-regression

eecf645

Make admin email optional when no service account path is configured

Merge pull request #2697 from dexidp/dependabot/docker/golang-1.19.2-…

274f4bd

…alpine3.16 build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16

fix(connector/google): only initialize admin service if necessary

cadce3c

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Merge pull request #2700 from dexidp/fix-google-fallback-config-load

0ddb2e4

Only initialize google admin service if necessary

fix: Update gomplate version to 3.11.3 fix CVE-2022-27665 (#2705)

fe19bb3

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

TLS configure for OIDC connector (#1632)

54345b6

Signed-off-by: Rui Yang <ruiya@vmware.com>

Add icon for gitea (#2733)

576f990

Signed-off-by: Pablo Ovelleiro Corral <mail@pablo.tools>

iamazzeez self-assigned this Nov 22, 2022

iamazzeez requested review from Dmaddu and kalroy November 22, 2022 05:54

iamazzeez merged commit 1be39ab into chef:master Nov 22, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

sync forked master with base master #115

sync forked master with base master #115

iamazzeez commented Nov 22, 2022 •

edited

Loading

sonarcloud bot commented Nov 22, 2022

sync forked master with base master #115

sync forked master with base master #115

Conversation

iamazzeez commented Nov 22, 2022 • edited Loading

Overview

What this PR does / why we need it

Special notes for your reviewer

Does this PR introduce a user-facing change?

sonarcloud bot commented Nov 22, 2022

iamazzeez commented Nov 22, 2022 •

edited

Loading