web/admin: always retrieve selected provider when editing the application#19341
Merged
web/admin: always retrieve selected provider when editing the application#19341
Conversation
## What
- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
- Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`
## Note
Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.
* main: (43 commits) core, web: update translations (#11858) web/admin: fix code-based MFA toggle not working in wizard (#11854) sources/kerberos: add kiprop to ignored system principals (#11852) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#11846) translate: Updates for file locale/en/LC_MESSAGES/django.po in it (#11845) translate: Updates for file web/xliff/en.xlf in zh_CN (#11847) translate: Updates for file web/xliff/en.xlf in zh-Hans (#11848) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#11849) translate: Updates for file web/xliff/en.xlf in it (#11850) website: 2024.10 Release Notes (#11839) translate: Updates for file web/xliff/en.xlf in zh-Hans (#11814) core, web: update translations (#11821) core: bump goauthentik.io/api/v3 from 3.2024083.13 to 3.2024083.14 (#11830) core: bump service-identity from 24.1.0 to 24.2.0 (#11831) core: bump twilio from 9.3.5 to 9.3.6 (#11832) core: bump pytest-randomly from 3.15.0 to 3.16.0 (#11833) website/docs: Update social-logins github (#11822) website/docs: remove � (#11823) lifecycle: fix kdc5-config missing (#11826) website/docs: update preview status of different features (#11817) ...
* main: website: bump elliptic from 6.5.7 to 6.6.0 in /website (#11869) core: bump selenium from 4.25.0 to 4.26.0 (#11875) core: bump goauthentik.io/api/v3 from 3.2024083.14 to 3.2024100.1 (#11876) website/docs: add info about invalidation flow, default flows in general (#11800) website: fix docs redirect (#11873) website: remove RC disclaimer for version 2024.10 (#11871) website: update supported versions (#11841) web: bump API Client version (#11870) root: backport version bump 2024.10.0 (#11868) website/docs: 2024.8.4 release notes (#11862) web/admin: provide default invalidation flows for LDAP and Radius (#11861)
* main: core: add `None` check to a device's `extra_description` (#11904) providers/oauth2: fix size limited index for tokens (#11879) web: fix missing status code on failed build (#11903) website: bump docusaurus-theme-openapi-docs from 4.1.0 to 4.2.0 in /website (#11897) translate: Updates for file locale/en/LC_MESSAGES/django.po in de (#11891) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#11884) translate: Updates for file web/xliff/en.xlf in tr (#11878) translate: Updates for file locale/en/LC_MESSAGES/django.po in tr (#11866) core: bump google-api-python-client from 2.149.0 to 2.151.0 (#11885) core: bump selenium from 4.26.0 to 4.26.1 (#11886) core, web: update translations (#11896) website: bump docusaurus-plugin-openapi-docs from 4.1.0 to 4.2.0 in /website (#11898) core: bump watchdog from 5.0.3 to 6.0.0 (#11899) core: bump ruff from 0.7.1 to 0.7.2 (#11900) core: bump django-pglock from 1.6.2 to 1.7.0 (#11901) website/docs: fix release notes to say Federation (#11889)
* main: website/docs: fix slug matching redirect URI causing broken refresh (#11950) website/integrations: jellyfin: update plugin catalog location (#11948) translate: Updates for file locale/en/LC_MESSAGES/django.po in de (#11942) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#11946) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#11947) website/docs: clarify traefik ingress setup (#11938) core: bump importlib-metadata from 8.4.0 to 8.5.0 (#11934) web: bump API Client version (#11930) root: backport version bump `2024.10.1` (#11929) website/docs: `2024.10.1` Release Notes (#11926) website: bump path-to-regexp from 1.8.0 to 1.9.0 in /website (#11924) core: bump sentry-sdk from 2.17.0 to 2.18.0 (#11918) website: bump the docusaurus group in /website with 9 updates (#11917) core: bump goauthentik.io/api/v3 from 3.2024100.1 to 3.2024100.2 (#11915) core, web: update translations (#11914)
* main: ci: fix dockerfile warning (#11956)
* main: (21 commits) web: bump API Client version (#11997) sources/kerberos: use new python-kadmin implementation (#11932) core: add ability to provide reason for impersonation (#11951) website/integrations: update vcenter integration docs (#11768) core, web: update translations (#11995) website: bump postcss from 8.4.48 to 8.4.49 in /website (#11996) web: bump API Client version (#11992) blueprints: add default Password policy (#11793) stages/captcha: Run interactive captcha in Frame (#11857) core, web: update translations (#11979) core: bump packaging from 24.1 to 24.2 (#11985) core: bump ruff from 0.7.2 to 0.7.3 (#11986) core: bump msgraph-sdk from 1.11.0 to 1.12.0 (#11987) website: bump the docusaurus group in /website with 9 updates (#11988) website: bump postcss from 8.4.47 to 8.4.48 in /website (#11989) stages/password: use recovery flow from brand (#11953) core: bump golang.org/x/sync from 0.8.0 to 0.9.0 (#11962) web: bump cookie, swagger-client and express in /web (#11966) core, web: update translations (#11959) core: bump debugpy from 1.8.7 to 1.8.8 (#11961) ...
* main: providers/ldap: fix global search_full_directory permission not being sufficient (#12028) website/docs: 2024.10.2 release notes (#12025) lifecycle: fix ak exit status not being passed (#12024) core: use versioned_script for path only (#12003) core, web: update translations (#12020) core: bump google-api-python-client from 2.152.0 to 2.153.0 (#12021) providers/oauth2: fix manual device code entry (#12017) crypto: validate that generated certificate's name is unique (#12015) core, web: update translations (#12006) core: bump google-api-python-client from 2.151.0 to 2.152.0 (#12007) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#12011) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#12010) translate: Updates for file web/xliff/en.xlf in zh-Hans (#12012) translate: Updates for file web/xliff/en.xlf in zh_CN (#12013) providers/proxy: fix Issuer when AUTHENTIK_HOST_BROWSER is set (#11968) website/docs: move S3 ad GeoIP to System Management/Operations (#11998) website/integrations: nextcloud: add SSE warning (#11976)
* main: translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#12045) translate: Updates for file web/xliff/en.xlf in zh_CN (#12047) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#12044) translate: Updates for file web/xliff/en.xlf in zh-Hans (#12046) web/flows: fix invisible captcha call (#12048) rbac: fix incorrect object_description for object-level permissions (#12029) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#12036) core: bump coverage from 7.6.4 to 7.6.5 (#12037) ci: bump codecov/codecov-action from 4 to 5 (#12038) release: 2024.10.2 (#12031)
* main: (28 commits) providers/scim: accept string and int for SCIM IDs (#12093) website: bump the docusaurus group in /website with 9 updates (#12086) core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link (#12080) translate: Updates for file locale/en/LC_MESSAGES/django.po in de (#12079) scripts: remove read_replicas from generated dev config (#12078) core: bump geoip2 from 4.8.0 to 4.8.1 (#12071) core: bump goauthentik.io/api/v3 from 3.2024100.2 to 3.2024102.2 (#12072) core: bump maxmind/geoipupdate from v7.0.1 to v7.1.0 (#12073) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#12074) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#12075) translate: Updates for file web/xliff/en.xlf in zh-Hans (#12076) translate: Updates for file web/xliff/en.xlf in zh_CN (#12077) web/admin: auto-prefill user path for new users based on selected path (#12070) core: bump aiohttp from 3.10.2 to 3.10.11 (#12069) web/admin: fix brand title not respected in application list (#12068) core: bump pyjwt from 2.9.0 to 2.10.0 (#12063) web: add italian locale (#11958) web/admin: better footer links (#12004) core, web: update translations (#12052) core: bump twilio from 9.3.6 to 9.3.7 (#12061) ...
* main: (33 commits) ci: mirror repo to internal repo (#12160) core: bump goauthentik.io/api/v3 from 3.2024102.2 to 3.2024104.1 (#12149) core: bump debugpy from 1.8.8 to 1.8.9 (#12150) core: bump webauthn from 2.2.0 to 2.3.0 (#12151) core: bump pydantic from 2.10.0 to 2.10.1 (#12152) translate: Updates for file web/xliff/en.xlf in zh_CN (#12156) translate: Updates for file web/xliff/en.xlf in zh-Hans (#12157) core: bump sentry-sdk from 2.18.0 to 2.19.0 (#12153) web: bump API Client version (#12147) root: Backport version change (#12146) website/docs: update info about footer links to match new UI (#12120) website/docs: prepare release notes (#12142) providers/oauth2: fix migration (#12138) providers/oauth2: fix migration dependencies (#12123) web: bump API Client version (#12129) providers/oauth2: fix redirect uri input (#12122) providers/proxy: fix redirect_uri (#12121) website/docs: prepare release notes (#12119) web: bump API Client version (#12118) security: fix CVE 2024 52289 (#12113) ...
* main: ci: only mirror if secret is available (#12181) root: fix database ssl options not set correctly (#12180) core, web: update translations (#12145) core: bump tornado from 6.4.1 to 6.4.2 (#12165) website: bump the docusaurus group in /website with 9 updates (#12172) website: bump typescript from 5.6.3 to 5.7.2 in /website (#12173) ci: bump actions/checkout from 3 to 4 (#12174) core: bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#12175) core: bump coverage from 7.6.7 to 7.6.8 (#12176) core: bump ruff from 0.7.4 to 0.8.0 (#12177)
* main: website/docs: Fix CSP syntax (#12124)
* main: website/docs: Add note about single group per role (#12169) website/docs: Fix documentation about attribute merging for indirect membership (#12168) root: support running authentik in subpath (#8675) docs: fix contribution link (#12189) core, web: update translations (#12190) core: Bump msgraph-sdk from 1.12.0 to 1.13.0 (#12191) core: Bump selenium from 4.26.1 to 4.27.0 (#12192)
* main: (31 commits) web/admin: bugfix: dual select initialization revision (#12051) web: update tests for Chromedriver 131 (#12199) website/integrations: add Aruba Orchestrator (#12220) core: bump aws-cdk-lib from 2.167.1 to 2.171.1 (#12237) website: bump aws-cdk from 2.167.1 to 2.171.1 in /website (#12241) core, web: update translations (#12236) core: bump python-kadmin-rs from 0.2.0 to 0.3.0 (#12238) core: bump pytest from 8.3.3 to 8.3.4 (#12239) core: bump drf-spectacular from 0.27.2 to 0.28.0 (#12240) core, web: update translations (#12222) core: Bump ruff from 0.8.0 to 0.8.1 (#12224) core: Bump ua-parser from 0.18.0 to 1.0.0 (#12225) core: Bump msgraph-sdk from 1.13.0 to 1.14.0 (#12226) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#12234) website/docs: install: add aws (#12082) core: Bump pyjwt from 2.10.0 to 2.10.1 (#12217) core: Bump fido2 from 1.1.3 to 1.2.0 (#12218) core: Bump cryptography from 43.0.3 to 44.0.0 (#12219) providers/oauth2: allow m2m for JWKS without alg in keys (#12196) translate: Updates for file locale/en/LC_MESSAGES/django.po in fr (#12210) ...
* main: web: simplify `?inline` handler for Storybook (#12246) website/docs: Update Traefik middleware example to reflect latest version of Traefik (#12267) website/docs: add . in https://netbird.company* (#12166) core: bump goauthentik.io/api/v3 from 3.2024104.1 to 3.2024104.2 (#12263) core: bump pydantic from 2.10.2 to 2.10.3 (#12262) core: bump github.com/getsentry/sentry-go from 0.29.1 to 0.30.0 (#12264) core, web: update translations (#12268) website: bump @types/react from 18.3.12 to 18.3.13 in /website (#12269) website: bump prettier from 3.4.1 to 3.4.2 in /website (#12270) ci: bump actions/attest-build-provenance from 1 to 2 (#12271) core: bump golang.org/x/sync from 0.9.0 to 0.10.0 (#12272) core: bump django from 5.0.9 to 5.0.10 (#12273) core: bump webauthn from 2.3.0 to 2.4.0 (#12274) website/integrations: add The Lounge (#11971) core: bump python-kadmin-rs from 0.3.0 to 0.4.0 (#12257) root: fix health status code (#12255) ci: fix should_push always being false (#12252) web: bump API Client version (#12251) providers/oauth2: Add provider federation between OAuth2 Providers (#12083) website/integrations: mastodon: set correct uid field (#11945)
* main: website/docs: add page about the Cobalt pentest (#12249) core: bump aws-cdk-lib from 2.171.1 to 2.172.0 (#12296) website: bump aws-cdk from 2.171.1 to 2.172.0 in /website (#12295) core: bump sentry-sdk from 2.19.1 to 2.19.2 (#12297) core: bump coverage from 7.6.8 to 7.6.9 (#12299) core, web: update translations (#12290) root: fix override locale only if it is not empty (#12283) translate: Updates for file web/xliff/en.xlf in fr (#12276) core: bump twilio from 9.3.7 to 9.3.8 (#12282) website: bump path-to-regexp and express in /website (#12279) core: bump sentry-sdk from 2.19.0 to 2.19.1 (#12280) core: bump ruff from 0.8.1 to 0.8.2 (#12281) website/docs: fix lint (#12287) website/integrations: netbird: fix redirect URI regex (#12284)
* main: flows: better test stage's challenge responses (#12316) enterprise/stages/authenticator_endpoint_gdtc: don't set frame options globally (#12311) stages/identification: fix invalid challenge warning when no captcha stage is set (#12312) website/docs: prepare 2024.10.5 release notes (#12309) website: bump nanoid from 3.3.7 to 3.3.8 in /website (#12307) flows: silent authz flow (#12213) root: use healthcheck in depends_on for postgres and redis (#12301) ci: ensure mark jobs always run and reflect correct status (#12288) enterprise: allow deletion/modification of users when in read-only mode (#12289) web/flows: resize captcha iframes (#12260)
* main: (118 commits) outposts: fix version label (#12486) web: only load version context when authenticated (#12482) core: bump goauthentik.io/api/v3 from 3.2024120.2 to 3.2024121.2 (#12478) ci: bump helm/kind-action from 1.11.0 to 1.12.0 (#12479) web: fix build dev build (#12473) root: fix dev build version being invalid semver (#12472) internal: fix missing trailing slash in outpost websocket (#12470) web: bump API Client version (#12469) admin: monitor worker version (#12463) core: bump jinja2 from 3.1.4 to 3.1.5 (#12467) web: bump API Client version (#12468) release: 2024.12.1 (#12466) web: misc fixes for admin and flow inspector (#12461) website/docs: 2024.12.1 release notes (#12462) core: bump goauthentik.io/api/v3 from 3.2024120.1 to 3.2024120.2 (#12456) core: bump urllib3 from 2.2.3 to 2.3.0 (#12457) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#12454) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#12453) translate: Updates for file web/xliff/en.xlf in zh-Hans (#12455) translate: Updates for file web/xliff/en.xlf in zh_CN (#12458) ...
…ing. \# What \# Why \# How \# Designs \# Test Steps \# Other Notes
…rom failing." This reverts commit dddde09.
* main: website/integrations: meshcentral: document (#12509) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#12524) core: bump goauthentik.io/api/v3 from 3.2024121.2 to 3.2024121.3 (#12522) web: bump API Client version (#12520) website/integrations: chronograf: document (#12474) website/integrations: update preparation placeholder (#12507) providers/saml: fix handle Accept: application/xml for SAML Metadata endpoint (#12483) (#12518) core: bump aws-cdk-lib from 2.173.3 to 2.173.4 (#12513) website: bump aws-cdk from 2.173.3 to 2.173.4 in /website (#12514) core: bump coverage from 7.6.9 to 7.6.10 (#12499) core: bump aws-cdk-lib from 2.173.2 to 2.173.3 (#12500) website: bump aws-cdk from 2.173.2 to 2.173.3 in /website (#12501) core: bump github.com/go-ldap/ldap/v3 from 3.4.9 to 3.4.10 (#12502) website/docs: New "Whats Up Docker" URL (#12488)
* main: core: bump github.com/getsentry/sentry-go from 0.30.0 to 0.31.1 (#12543) core: bump google-api-python-client from 2.156.0 to 2.157.0 (#12544) core: bump ruff from 0.8.4 to 0.8.5 (#12545) core: bump msgraph-sdk from 1.15.0 to 1.16.0 (#12546) Update index.mdx (#12542) web: fix source selection and outpost integration health (#12530) Ading a step to paperless guide (#12539) website/integrations: Semaphore (#12515) website/integrations: komga: document (#12476) website/integrations: fix missing quote in paperless-ngx (#12537) website/integrations: cloudflare access: upd placeholder for saas (#12536) website/integrations: veeam-enterprise-manager: don't hardcode helpcenter doc version (#12538)
* main: core: bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 (#12571) website: bump the docusaurus group in /website with 9 updates (#12569) core: bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 (#12572) core: bump ruff from 0.8.5 to 0.8.6 (#12573) ci: release: fix AWS cfn template permissions (#12576) translate: Updates for file web/xliff/en.xlf in fr (#12578) translate: Updates for file locale/en/LC_MESSAGES/django.po in fr (#12577) sources/kerberos: authenticate with the user's username instead of the first username in authentik (#12497) website/integrations: Fix deprecated terraform ressource authentik_scope_mapping in docs (#12554) website/user-sources Fix Free IPA docs page (#12549) core: bump aws-cdk-lib from 2.173.4 to 2.174.0 (#12574) website/integrations: semaphore: fix formatting (#12567) website: bump aws-cdk from 2.173.4 to 2.174.0 in /website (#12570) website/integrations: Update Frappe Application index.md (#12527) website: add api reference docs to redirect file (#12551)
* main: lib: add expression helper ak_create_jwt to create JWTs (#12599) api: cleanup owner permissions (#12598) website: bump aws-cdk from 2.174.0 to 2.174.1 in /website (#12593) core: bump aws-cdk-lib from 2.174.0 to 2.174.1 (#12594) website/integrations: portainer: group config steps (#12548) translate: Updates for file web/xliff/en.xlf in fi (#12586) translate: Updates for file locale/en/LC_MESSAGES/django.po in fi (#12584) website/docs: fix Nginx redirection example (#12561)
* main: website: revise full development environment instructions (#12638) website: bump typescript from 5.7.2 to 5.7.3 in /website (#12620) website: bump aws-cdk from 2.174.1 to 2.175.0 in /website (#12621) ci: bump docker/setup-qemu-action from 3.2.0 to 3.3.0 (#12622) core: bump twilio from 9.4.1 to 9.4.2 (#12623) core: bump python-kadmin-rs from 0.5.2 to 0.5.3 (#12624) core: bump ruff from 0.8.6 to 0.9.0 (#12625) core: bump pydantic from 2.10.4 to 2.10.5 (#12626) core: bump google-api-python-client from 2.157.0 to 2.158.0 (#12628) core: bump goauthentik.io/api/v3 from 3.2024121.3 to 3.2024122.1 (#12629) web: bump API Client version (#12617) release: 2024.12.2 (#12615) website/docs: prepare 2024.12.2 release notes (#12614) providers/saml: fix invalid SAML Response when assertion and response are signed (#12611) core: fix error when creating new user with default path (#12609) rbac: permissions endpoint: allow authenticated users (#12608) website/docs: update customer portal (#12603) website/docs: policy for email whitelist: modernize (#12558)
* main: (65 commits) stages/redirect: fix query parameter when redirecting to flow (#12750) website/integrations: cloudflare-access: refactor (#12663) sources/kerberos: handle principal expire time (#12748) lifecycle: build binary dependencies which link against SSL directly (#12724) website/docs: style guide: document styling preferences for URLs (#12715) website/integrations: nextcloud: fix broken link (#12744) core: bump selenium from 4.27.1 to 4.28.0 (#12745) lifecycle: move AWS CFN generation to lifecycle and fix CI (#12743) core: search users' attributes (#12740) web/components: ak-number-input: add support for min (#12703) website/integrations: nextcloud: fix url for "disable username changes" (#12725) core: bump pytest-github-actions-annotate-failures from 0.2.0 to 0.3.0 (#12735) website: bump katex from 0.16.11 to 0.16.21 in /website (#12731) web: bump katex from 0.16.11 to 0.16.21 in /web (#12730) website/integrations: Fix URL for authentik installation instead of mobilizon installation (#12729) core: bump debugpy from 1.8.11 to 1.8.12 (#12718) core: bump ruff from 0.9.1 to 0.9.2 (#12717) core: bump webauthn from 2.4.0 to 2.5.0 (#12719) core: bump structlog from 24.4.0 to 25.1.0 (#12720) website/integrations: all: install -> installation (#12676) ...
* main: web: update gen-client-ts to OpenAPI 7.11.0 (#12756) website/integrations: rustdesk-server-pro (#12706) core: bump codespell from 2.3.0 to 2.4.0 (#12762) root: docker: ensure apt packages are up-to-date (#12683) ci: fix missing build args for dev and release (#12760) web: bump vite from 5.4.11 to 5.4.14 in /web (#12757) web: bump undici from 6.21.0 to 6.21.1 in /web (#12755) lifecycle: fix cryptography's OpenSSL path (#12753)
* main: (111 commits) root: correctly use correct schema for install_id (#13018) website: bump docusaurus-plugin-openapi-docs from 4.3.3 to 4.3.4 in /website (#13011) web: bump API Client version (#13017) core: bump aws-cdk-lib from 2.178.1 to 2.178.2 (#13013) core: bump oss/go/microsoft/golang from 1.23-fips-bookworm to 1.24-fips-bookworm (#13012) website: bump docusaurus-theme-openapi-docs from 4.3.3 to 4.3.4 in /website (#13010) lifecycle/aws: bump aws-cdk from 2.178.1 to 2.178.2 in /lifecycle/aws (#13009) core: bump github.com/sethvargo/go-envconfig from 1.1.0 to 1.1.1 (#13008) web/admin: fix source selection for identification stage (#13007) core: bump sentry-sdk from 2.20.0 to 2.21.0 (#13014) website/integrations: Open WebUI (#12939) root: use correct default schema for install_id (#13006) website/docs: fix a minor typo (#13004) enterprise/providers/ssf: fixes v2 (#13003) root: make default postgres schema configurable (#12949) providers/oauth2: cleanup tokens when user is deactivated (#12859) website/docs: fix Nginx redirection example (#12920) core: bump twilio from 9.4.4 to 9.4.5 (#12993) core: bump coverage from 7.6.11 to 7.6.12 (#12994) core: bump cryptography from 44.0.0 to 44.0.1 (#12992) ...
* main: (53 commits) core, web: update translations (#18380) web: re-add en.xlf locale (#18469) stages/user_write: Fix user attributes are not sanitized under certains conditions (#17890) providers/scim: compare users/groups before sending update request (#18456) enterprise/endpoints/connectors/agent: fix Apple JWE encryption when FIPS is enabled (#18464) website: bump @types/react from 19.2.6 to 19.2.7 in /website (#18357) core: bump goauthentik/fips-debian from `ac4c80b` to `de70579` (#18419) core: bump github.com/getsentry/sentry-go from 0.39.0 to 0.40.0 (#18416) website: bump prettier-plugin-packagejson from 2.5.19 to 2.5.20 in /website (#18460) core: bump goauthentik.io/api/v3 from 3.2025120.7 to 3.2025120.11 (#18461) website/integrations: add GLPI (#17937) website/integrations: small fixes (#18423) enterprise: Apple Platform SSO (#15318) crypto: only generate managed keypair if non-existent (#18457) ci: remove translation-rename (#18444) translate: Updates for project authentik and language tr (#18438) translate: Updates for project authentik and language fr (#18431) translate: Updates for project authentik and language ru (#18442) translate: Updates for project authentik and language cs_CZ (#18443) translate: Updates for project authentik and language pt (#18437) ...
* main: (44 commits) build(deps): bump django from 5.2.8 to 5.2.9 (#18566) web: Adjust colors (#18427) admin/files: delete applications cache on migration (#18565) core: bump astral-sh/uv from 0.9.14 to 0.9.15 (#18555) core: bump goauthentik.io/api/v3 from 3.2025120.11 to 3.2025120.15 (#18551) core: bump goauthentik/fips-debian from `c718f60` to `cf233be` (#18553) ci: bump actions/checkout from 6.0.0 to 6.0.1 (#18554) ci: bump actions/stale from 10.1.0 to 10.1.1 (#18556) ci: bump golangci/golangci-lint-action from 9.1.0 to 9.2.0 (#18557) ci: bump actions/setup-node from 6.0.0 to 6.1.0 in /.github/actions/setup (#18559) core: bump library/golang from 1.25.4-trixie to 1.25.5-trixie (#18558) providers/scim: cache ServiceProviderConfig (#18047) web/i18n: Locale Context Merge Branch (#18426) website: Glossary (#16007) endpoints/stage: v2, better error handling, more settings (#18545) website: Docusaurus 3.9.2 (#18506) website/integrations: add hoop.dev (#17868) web/flows: update default background image (#18540) endpoints: implement endpoint stage (#18468) website/integrations: add salesforce (#18516) ...
* main: (40 commits) enterprise/stages/mtls: fix traefik certificate parsing (#18607) wed/admin: change s to S in "Stage" (#18632) flows: refresh unauthenticated tabs (#18621) flows: keep ?next url when using cancel (#18619) core, web: update translations (#18620) ci: bump actions/setup-node from 6.0.0 to 6.1.0 (#18552) core: bump goauthentik/fips-debian from `cf233be` to `a80dbbd` (#18594) web: bump @sentry/browser from 10.28.0 to 10.29.0 in /web in the sentry group across 1 directory (#18623) website/docs: adds note about ak_create_jwt function (#18614) api: fix IPC auth (#18612) web: bump mermaid from 11.12.1 to 11.12.2 in /web (#18602) web: Codemirror fixes (#18610) web: bump packages in /web (#18604) website/docs: expressions: fix markdown (#18613) website/docs: add missing API sidebar entry (#18586) web: bump yaml from 2.8.1 to 2.8.2 in /web (#18605) web/elements: update AppIcon story with files change (#18608) api: test action decorator (#18583) crypto: separate permissions for certificate and private keydownload (#18588) core: bump github.com/spf13/cobra from 1.10.1 to 1.10.2 (#18592) ...
* main: (23 commits) *: Auto compress images (#18673) website/integrations: update kimai doc (#18629) root: skip current tab when refreshing others (#18674) core: add digraph group hierarchy (#17050) core: bump astral-sh/uv from 0.9.15 to 0.9.16 (#18668) core: bump goauthentik.io/api/v3 from 3.2025120.16 to 3.2025120.18 (#18661) web: bump type-fest from 5.3.0 to 5.3.1 in /web (#18663) ci: bump peter-evans/create-pull-request from 7.0.9 to 7.0.11 (#18666) web: bump vite from 7.2.6 to 7.2.7 in /web (#18662) core: bump goauthentik/fips-debian from `a80dbbd` to `10c8086` (#18665) ci: bump actions/create-github-app-token from 2.2.0 to 2.2.1 (#18664) ci: bump astral-sh/setup-uv from 7.1.4 to 7.1.5 in /.github/actions/setup (#18667) website/docs: background tasks: add more detail about "next run" (#18660) website/docs: install-config: fix dump_config command (#18659) website/integrations: wordpress: fix redirect uri (#18658) stages/mtls: always include cert in flow plan (#18657) endpoints: fix UI bugs, add user binding, etc (#18609) sources/ldap: make server info optional (#18648) web/admin: fix event volume chart not updating with query (#18649) web: Bump types, fix ESLint errors (#17546) ...
* main: (69 commits) website/docs: fix incorrect menu reference in data exports doc (#18752) translate: Updates for project authentik and language zh-Hans (#18756) translate: Updates for project authentik and language tr_TR (#18758) translate: Updates for project authentik and language fi_FI (#18759) translate: Updates for project authentik and language pl_PL (#18754) translate: Updates for project authentik and language ru_RU (#18745) translate: Updates for project authentik and language ko_KR (#18760) translate: Updates for project authentik and language ja_JP (#18755) translate: Updates for project authentik and language de_DE (#18749) translate: Updates for project authentik and language nl_NL (#18751) translate: Updates for project authentik and language pt_BR (#18746) translate: Updates for project authentik and language es_ES (#18748) translate: Updates for project authentik and language it_IT (#18750) translate: Updates for project authentik and language cs_CZ (#18753) translate: Updates for project authentik and language fr_FR (#18747) stages/identification: Add WebAuthn conditional UI (passkey autofill) support (#18377) api: allow configuring default page_size and max_page_size (#18165) root: do not require backend approval for npm workspace dependencies (#18738) outpost/proxyv2: more tests, fix pg password with spaces, and existing session on restart (#18211) web: bump @types/guacamole-common-js from 1.5.4 to 1.5.5 in /web (#18717) ...
* main: (54 commits) website/docs: 2025.10.3 release notes (#18868) website/docs: Add docs for passkey autofill (WebauthN Conditional UI) (#18805) website/docs: adjust RBAC-related details in 2025.12 release notes (#18863) outposts: fix permission errors for related certificates (#18861) web/admin/rbac: misc object permission fixes (#18859) core: bump library/golang from `5d35fb8` to `8e8f9c8` (#18855) rbac: alter migrated direct permission roles (#18860) core: add skip s3_test_server_available to TestResolveFileUrlS3Backend (#18858) ci: replace codecov test-results action (#18862) core: bump goauthentik/fips-debian from `c10cd2c` to `2f19fc1` (#18856) admin/files: fix get_objects_for_user queryset argument in FileUsedByView (#18845) core: skip s3 tests if endpoint isn't available (#18841) crypto: Store details parsed from includeDetails in database instead (#18013) website/docs: add jellyseer integration doc (#18812) admin/files: revert add check for /media existence (#18636) (#18829) core: bump goauthentik.io/api/v3 from 3.2025120.26 to 3.2026020.1 (#18815) packages/django-dramatiq-postgres: broker: close django connections on consumer close (#18833) core: remove superuser check from `Token` list (#18684) website/docs: add icon info to style guide (#18832) core: list applications fix (#18798) ...
* main: (60 commits) web/maintenance: no unknown tag names (#18944) web/maintenance: fix missing custom web component imports (#18942) website/docs: add note to active directory source doc (#18787) ci: bump actions/attest-build-provenance from 3.0.0 to 3.1.0 (#18960) web: bump @sentry/browser from 10.31.0 to 10.32.0 in /web in the sentry group across 1 directory (#18957) web: bump the swc group across 1 directory with 11 updates (#18958) web: bump chromedriver from 143.0.2 to 143.0.3 in /web (#18959) core: bump goauthentik.io/api/v3 from 3.2026020.3 to 3.2026020.4 (#18956) root: move docker files to lifecycle/containers and change docker-compose to compose (#16624) flows/executor: fix KeyError when session has no existing plan (#18951) web/admin: fix endpoints user binding (#18935) website/docs: Fix version parsing. (#18948) website/docs: release notes: add endpoint device links to 2025.12 notes (#18940) website/docs: Fix labels, Pre-Release detection (#18945) website/docs: endpoint devices (#18634) stages/identification: replace sleep with make_password (#18883) web/elements: progress-bar and table loading header (#18934) crypto: fix extra cert data in db migration (#18937) website/integrations: Add launch URL for Immich (#18921) web/flow: Fix spurious double submit on ak-stage-autosubmit (#18727) ...
* main: website/docs: improve endpoint devices docs (#19007) enterprise/search: add static autocomplete structure (#19008) enterprise/reports: improve export list, confirmation (#18981) providers/oauth2: Automated OpenID Conformance tests (#14785) ci: bump docker/setup-buildx-action from 3.11.1 to 3.12.0 (#18999) blueprints: fix flaky tests (#19002) web: fix Open button selecting row instead of navigating (#18992) events: notifications live update (#18980) web/admin: Fix haveibeenpwned link in PasswordPolicyForm (#18984) web/admin: fix dark theme on map (#18985) blueprints: add InternallyManagedMixin instead of large list (#18983) website/integrations: Fix path for Cloudflare Access (#18979)
* main: website/docs: Prioritize "Release Candidate" over "Current Release" (#18975) core: bump goauthentik.io/api/v3 from 3.2026020.4 to 3.2026020.5 (#19017) web: bump the eslint group across 1 directory with 3 updates (#19019) web/admin: prevent file upload attempt when backend not managed (#18646) api: rework schema generation (#18977) web: bump globby from 16.0.0 to 16.1.0 in /web (#18995) core: bump openapitools/openapi-generator-cli from v7.16.0 to v7.18.0 in /scripts/api (#19018) web: bump the rollup group across 1 directory with 4 updates (#18994)
* main: (48 commits) website/integrations: karakeep: don't hardcode wellknown's slug (#19127) core, web: bump qs from 6.14.0 to 6.14.1 in /packages/docusaurus-config (#19130) core: bump library/node from `ccfd9da` to `03729a7` in /website (#19125) core: bump github.com/jackc/pgx/v5 from 5.7.6 to 5.8.0 (#19088) web: bump the swc group across 1 directory with 11 updates (#19124) core: bump library/nginx from `ad85427` to `ca871a8` in /website (#19126) web: Capitalize language display names, code owner fix (#19119) web: Fix Impersonation, Lit Reactive Controller Contexts (#19114) web: bump the eslint group across 1 directory with 3 updates (#19110) core: bump library/nginx from `fb01117` to `ad85427` in /website (#19112) web: bump the storybook group across 1 directory with 5 updates (#19111) website/docs: release notes: Add more integrations (#19109) website/integrations: Add Audiobookshelf (#19104) website/integrations: Add Pulse (#19105) web/maintenance/no unknown attributes (part 1) (#18970) Update Vaultwarden documentation by removing warning (#19102) web: Fix stale flow background (#19015) web: fix promoted source button hover losing blue color (#19048) web: bump knip from 5.77.1 to 5.78.0 in /web (#19090) website/docs: endpoint devices: add path to macos setup (#19093) ...
* main: (24 commits) web/maintenance: no missing element type definitions (#18950) core: add prettier failure on duplicate group names (#18941) website/integrations: make grafana terraform section expand (#19192) lib: update error logging (#18628) core, web: update translations (#19179) web: bump @formatjs/intl-listformat from 8.1.0 to 8.1.1 in /web (#19182) ci: bump getsentry/action-release from 3.4.0 to 3.5.0 (#19183) web: bump knip from 5.78.0 to 5.79.0 in /web (#19181) lifecycle: fix migration conn_options for psycopg connection (#19134) website/docs: remove duplicates in slo docs (#19170) web/admin: adjust sync threshold, add tooltip (#19131) web: Fix user library colors, modal z-indexes, table progress bars (#19152) web: fix slug auto-updating when editing existing applications (#19169) core: handle deserialization errors from FileField migration (#19067) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#19137) website/integrations: vaultwarden: add custom email scope (#19160) ci: bump int128/docker-manifest-create-action from 2.10.0 to 2.12.0 (#19138) core, web: update translations (#19135) web: bump globals from 16.5.0 to 17.0.0 in /web (#19154) web/user: fix consent delete form missing details (#19147) ...
* main: (44 commits) web: Fix flow inspector advancement event. (#19309) web: bump knip from 5.80.0 to 5.80.1 in /web (#19301) core: bump urllib3 from 2.5.0 to v2.6.3 (#19287) endpoints: show agent version (#19239) core: bump django from v5.2.9 to 5.2.10 (#19290) web/admin: add banner to flow import form (#19288) web: bump chromedriver from 143.0.3 to 143.0.4 in /web (#19244) stages/password: replace session-based retries with reputation (#18643) website/integations: fix aws spelling (#19253) website/docs: update entra id provider docs (#18366) stages/prompt: optimize API endpoints (#19251) web: bump the rollup group across 1 directory with 4 updates (#19206) web: bump vite from 7.3.0 to 7.3.1 in /web (#19245) website/docs: update github social login script example (#19246) website/integrations: update AWS (#17861) core: bump goauthentik.io/api/v3 from 3.2026020.8 to 3.2026020.10 (#19242) website: Fix typos. (#19243) core: fix read replica routing during transactions (#19086) website/glossary: improve (#18969) stages/authenticator_static: set max token length to 100 chars (#19162) ...
* main: website/docs: update unique email policy (#19305) core: bump library/nginx from `ca871a8` to `7272239` in /website (#19334) web: bump @types/node from 25.0.3 to 25.0.6 in /web (#19331) core: bump axllent/mailpit from v1.28.1 to v1.28.2 in /tests/e2e (#19329) web: bump knip from 5.80.1 to 5.80.2 in /web (#19332) web: bump pino from 10.1.0 to 10.1.1 in /web (#19333) website/docs: add flow import warnings (#19307) website/docs: Fix documentation example for `app_entitlements_attributes`. (#19316) website/docs: update m2m doc (#18963) website/docs: Fix typo in GitHub OAuth Source instructions (#18936) website/docs: deprecate GCDT auth stage (#19306) core, web: update translations (#19237)
…tion # What Re-writes the `fetch` function for ak-provider-search-input so that, if there’s an assigned value and it does not appear in the currently retrieved list of providers, prepend it to the list so that it is always present and always selectable. # Why Our pagination windows can restrict the list of objects retrieved from the server, and when we’re chasing composite objects we have to retrieve the displayable elements of that object from their respective tables. This combination means that a paginated retrieval may not have the object indicated by the parent object’s PK for that object collection. We have to retrieve it separately if it’s not in the current collection. This problem is probably endemic to some of our design decisions.
✅ Deploy Preview for authentik-storybook ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
❌ 2 Tests Failed:
View the top 2 failed test(s) by shortest run time
To view more test analytics, go to the Test Analytics Dashboard |
BeryJu
approved these changes
Jan 13, 2026
Member
BeryJu
left a comment
There was a problem hiding this comment.
We probably need to do this for every search-select object
authentik-automation bot
pushed a commit
that referenced
this pull request
Jan 13, 2026
…tion (#19341) * web: Add InvalidationFlow to Radius Provider dialogues ## What - Bugfix: adds the InvalidationFlow to the Radius Provider dialogues - Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated to the Notification. - Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/` ## Note Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current dialogues at the moment. * This (temporary) change is needed to prevent the unit tests from failing. \# What \# Why \# How \# Designs \# Test Steps \# Other Notes * Revert "This (temporary) change is needed to prevent the unit tests from failing." This reverts commit dddde09. * website: fix bad escaping of URLs in release notes ## What Fixes bad escaping of URLs in the release notes that resulted in mangled output. v2024.6.4 had entries that looked like this: ``` ##### `GET` /providers/google_workspace/{#123;id}#125;/ ``` v2025.4.md had entries that looked like this: ``` ##### `GET` /policies/unique_password/{#125;#123;policy_uuid}/ ``` A couple of straightforward search-and-replaces has fixed the issue. ## Notes Two of the release notes had bad escaping of URLs. I'm not sure how the error was made or got past, but it was obvious when visiting the page. @BeryJu suggested that the bug is due to our using `{...}` to symbolize parameters in a URL while Docusaurus wants to interpret `{...}` as an internal template instruction, resulting in odd behavior. In either case, docusarus interpreted the hashtagged entries as links to unrelated issues in Github (the same two issues, which were "bump version of pylint" and "bump version of sentry"), which could be very confusing. The inconsistencies between the two releases, and the working releases, suggests that the error was introduced manually. * web/admin: always retrieve selected provider when editing the application # What Re-writes the `fetch` function for ak-provider-search-input so that, if there’s an assigned value and it does not appear in the currently retrieved list of providers, prepend it to the list so that it is always present and always selectable. # Why Our pagination windows can restrict the list of objects retrieved from the server, and when we’re chasing composite objects we have to retrieve the displayable elements of that object from their respective tables. This combination means that a paginated retrieval may not have the object indicated by the parent object’s PK for that object collection. We have to retrieve it separately if it’s not in the current collection. This problem is probably endemic to some of our design decisions.
Contributor
|
🍒 Cherry-pick to |
BeryJu
pushed a commit
that referenced
this pull request
Jan 13, 2026
…tion (cherry-pick #19341 to version-2025.12) (#19370) web/admin: always retrieve selected provider when editing the application (#19341) * web: Add InvalidationFlow to Radius Provider dialogues ## What - Bugfix: adds the InvalidationFlow to the Radius Provider dialogues - Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated to the Notification. - Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/` ## Note Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current dialogues at the moment. * This (temporary) change is needed to prevent the unit tests from failing. \# What \# Why \# How \# Designs \# Test Steps \# Other Notes * Revert "This (temporary) change is needed to prevent the unit tests from failing." This reverts commit dddde09. * website: fix bad escaping of URLs in release notes ## What Fixes bad escaping of URLs in the release notes that resulted in mangled output. v2024.6.4 had entries that looked like this: ``` ##### `GET` /providers/google_workspace/{#123;id}#125;/ ``` v2025.4.md had entries that looked like this: ``` ##### `GET` /policies/unique_password/{#125;#123;policy_uuid}/ ``` A couple of straightforward search-and-replaces has fixed the issue. ## Notes Two of the release notes had bad escaping of URLs. I'm not sure how the error was made or got past, but it was obvious when visiting the page. @BeryJu suggested that the bug is due to our using `{...}` to symbolize parameters in a URL while Docusaurus wants to interpret `{...}` as an internal template instruction, resulting in odd behavior. In either case, docusarus interpreted the hashtagged entries as links to unrelated issues in Github (the same two issues, which were "bump version of pylint" and "bump version of sentry"), which could be very confusing. The inconsistencies between the two releases, and the working releases, suggests that the error was introduced manually. * web/admin: always retrieve selected provider when editing the application # What Re-writes the `fetch` function for ak-provider-search-input so that, if there’s an assigned value and it does not appear in the currently retrieved list of providers, prepend it to the list so that it is always present and always selectable. # Why Our pagination windows can restrict the list of objects retrieved from the server, and when we’re chasing composite objects we have to retrieve the displayable elements of that object from their respective tables. This combination means that a paginated retrieval may not have the object indicated by the parent object’s PK for that object collection. We have to retrieve it separately if it’s not in the current collection. This problem is probably endemic to some of our design decisions. Co-authored-by: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
web/admin: always retrieve selected provider when editing the application
What
Re-writes the
fetchfunction for ak-provider-search-input so that, if there’s an assigned value and it does not appear in the currently retrieved list of providers, prepend it to the list so that it is always present and always selectable.Why
Our pagination windows can restrict the list of objects retrieved from the server, and when we’re chasing composite objects we have to retrieve the displayable elements of that object from their respective tables. This combination means that a paginated retrieval may not have the object indicated by the parent object’s PK for that object collection. We have to retrieve it separately if it’s not in the current collection.
This problem is probably endemic to some of our design decisions.