website/docs: update release notes for 2022.12

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-12-27 14:00:33 +01:00
parent f9b46145de
commit 1615723f10
No known key found for this signature in database
2 changed files with 77 additions and 25 deletions

View file

@ -43,8 +43,11 @@ image:
## Minor changes/fixes ## Minor changes/fixes
- blueprints: add `!If` tag (#4264)
- blueprints: add conditions to blueprint schema
- blueprints: add !Env tag
- blueprints: Added conditional entry application (#4167) - blueprints: Added conditional entry application (#4167)
- blueprints: don't require auth on invalidation flow - blueprints: better OCI support in UI (#4263)
- blueprints: fixed bug causing filtering with an empty query (#4106) - blueprints: fixed bug causing filtering with an empty query (#4106)
- blueprints: Support nested custom tags in `!Find` and `!Format` tags (#4127) - blueprints: Support nested custom tags in `!Find` and `!Format` tags (#4127)
- core: bundle geoip (#4250) - core: bundle geoip (#4250)
@ -52,6 +55,7 @@ image:
- events: improve handling creation of events with non-pickleable objects - events: improve handling creation of events with non-pickleable objects
- events: remove legacy logger declaration - events: remove legacy logger declaration
- events: save login event in session after login - events: save login event in session after login
- flows: fix redirect from plan context "redirect" not being wrapped in flow response
- flows: set stage name and verbose_name for in_memory stages - flows: set stage name and verbose_name for in_memory stages
- internal: dont error if environment config isn't found - internal: dont error if environment config isn't found
- internal: remove sentry proxy - internal: remove sentry proxy
@ -62,29 +66,53 @@ image:
- lifecycle: improve explanation for user: root and docket socket mount - lifecycle: improve explanation for user: root and docket socket mount
- policies: don't log context when policy returns None - policies: don't log context when policy returns None
- policies: log correct cache state - policies: log correct cache state
- policies: make name required
- policies/password: Always add generic message to failing zxcvbn check (#4100) - policies/password: Always add generic message to failing zxcvbn check (#4100)
- providers: add preview for mappings (#4254) - providers: add preview for mappings (#4254)
- providers/ldap: improve mapping of LDAP filters to authentik queries - providers/ldap: improve mapping of LDAP filters to authentik queries
- providers/oauth2: optimise and cache signing key, prevent key being loaded multiple times
- providers/oauth2: set amr values based on login event - providers/oauth2: set amr values based on login event
- providers/proxy: correctly set id_token_hint if possible - providers/proxy: correctly set id_token_hint if possible
- providers/saml: set AuthnContextClassRef based on login event - providers/saml: set AuthnContextClassRef based on login event
- root: allow custom settings via python module - root: allow custom settings via python module
- root: migrate to hosted sentry with rate-limited DSN
- security: fix CVE 2022 23555 (#4274)
- security: fix CVE 2022 46145 (#4140)
- security: fix CVE 2022 46172 (#4275)
- stages/authenticator_duo: fix imported duo devices not being confirmed - stages/authenticator_duo: fix imported duo devices not being confirmed
- stages/authenticator_validate: fix validation to ensure configuration stage is set - stages/authenticator_validate: fix validation to ensure configuration stage is set
- stages/authenticator_validate: improve validation for not_configured_action - stages/authenticator_validate: improve validation for not_configured_action
- stages/authenticator_validate: log duo error
- stages/authenticator_validate: save used mfa devices in login event - stages/authenticator_validate: save used mfa devices in login event
- stages/captcha: customisable URLs (#3832) - stages/captcha: customisable URLs (#3832)
- stages/invitation: fix incorrect pk check for invitation's flow
- stages/user_login: prevent double success message when logging in via source - stages/user_login: prevent double success message when logging in via source
- stages/user_write: always ignore `component` field and prevent warning - stages/user_write: always ignore `component` field and prevent warning
- web: fix authentication with Plex on iOS (#4095) - web: fix authentification with Plex on iOS (#4095)
- web: ignore d3 circular deps warning, treat unresolved import as error
- web: use version family subdomain for in-app doc links
- web/admin: better show metadata download for saml provider - web/admin: better show metadata download for saml provider
- web/admin: break all in code blocks in event info
- web/admin: clarify phrasing that user ID is required
- web/admin: fix action button order for blueprints - web/admin: fix action button order for blueprints
- web/admin: fix alignment in tables with multiple elements in cell - web/admin: fix alignment in tables with multiple elements in cell
- web/admin: fix empty request being sent due to multiple forms in duo import modal - web/admin: fix empty request being sent due to multiple forms in duo import modal
- web/admin: improve i18n for documentation link in outpost form
- web/admin: improve UI for removing users from groups and groups from users - web/admin: improve UI for removing users from groups and groups from users
- web/admin: more consistent label usage, use compact labels
- web/admin: rework markdown, correctly render Admonitions, fix links - web/admin: rework markdown, correctly render Admonitions, fix links
- web/admin: show bound policies order first to match stages - web/admin: show bound policies order first to match stages
- web/admin: show policy binding form when creating policy in bound list
- web/admin: show stage binding form when creating stage in bound list
- web/elements: fix alignment for checkboxes in table
- web/elements: fix alignment with checkbox in table
- web/elements: fix log level for diagram
- web/elements: fix table select-all checkbox being checked with no elements
- web/elements: unselect top checkbox in table when not all elements are selected
- web/flows: fix display for long redirect URLs
- web/flows: improve error messages for failed duo push - web/flows: improve error messages for failed duo push
- web/flows: update flow background
- web/user: fix styling for clear all button in notification drawer
## API Changes ## API Changes

View file

@ -10249,6 +10249,7 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/DummyPolicyRequest' $ref: '#/components/schemas/DummyPolicyRequest'
required: true
security: security:
- authentik: [] - authentik: []
responses: responses:
@ -10323,6 +10324,7 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/DummyPolicyRequest' $ref: '#/components/schemas/DummyPolicyRequest'
required: true
security: security:
- authentik: [] - authentik: []
responses: responses:
@ -10626,6 +10628,7 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/EventMatcherPolicyRequest' $ref: '#/components/schemas/EventMatcherPolicyRequest'
required: true
security: security:
- authentik: [] - authentik: []
responses: responses:
@ -10700,6 +10703,7 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/EventMatcherPolicyRequest' $ref: '#/components/schemas/EventMatcherPolicyRequest'
required: true
security: security:
- authentik: [] - authentik: []
responses: responses:
@ -11212,6 +11216,7 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest'
required: true
security: security:
- authentik: [] - authentik: []
responses: responses:
@ -11286,6 +11291,7 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest'
required: true
security: security:
- authentik: [] - authentik: []
responses: responses:
@ -11550,6 +11556,7 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/PasswordPolicyRequest' $ref: '#/components/schemas/PasswordPolicyRequest'
required: true
security: security:
- authentik: [] - authentik: []
responses: responses:
@ -11624,6 +11631,7 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/PasswordPolicyRequest' $ref: '#/components/schemas/PasswordPolicyRequest'
required: true
security: security:
- authentik: [] - authentik: []
responses: responses:
@ -12144,6 +12152,7 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/ReputationPolicyRequest' $ref: '#/components/schemas/ReputationPolicyRequest'
required: true
security: security:
- authentik: [] - authentik: []
responses: responses:
@ -12218,6 +12227,7 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/ReputationPolicyRequest' $ref: '#/components/schemas/ReputationPolicyRequest'
required: true
security: security:
- authentik: [] - authentik: []
responses: responses:
@ -26978,7 +26988,6 @@ components:
title: Policy uuid title: Policy uuid
name: name:
type: string type: string
nullable: true
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -27012,6 +27021,7 @@ components:
- bound_to - bound_to
- component - component
- meta_model_name - meta_model_name
- name
- pk - pk
- verbose_name - verbose_name
- verbose_name_plural - verbose_name_plural
@ -27021,7 +27031,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -27036,6 +27046,8 @@ components:
type: integer type: integer
maximum: 2147483647 maximum: 2147483647
minimum: -2147483648 minimum: -2147483648
required:
- name
DummyStage: DummyStage:
type: object type: object
description: DummyStage Serializer description: DummyStage Serializer
@ -27392,7 +27404,6 @@ components:
title: Policy uuid title: Policy uuid
name: name:
type: string type: string
nullable: true
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -27430,6 +27441,7 @@ components:
- bound_to - bound_to
- component - component
- meta_model_name - meta_model_name
- name
- pk - pk
- verbose_name - verbose_name
- verbose_name_plural - verbose_name_plural
@ -27439,7 +27451,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -27458,6 +27470,8 @@ components:
- $ref: '#/components/schemas/AppEnum' - $ref: '#/components/schemas/AppEnum'
description: Match events created by selected application. When left empty, description: Match events created by selected application. When left empty,
all applications are matched. all applications are matched.
required:
- name
EventRequest: EventRequest:
type: object type: object
description: Event Serializer description: Event Serializer
@ -27540,7 +27554,6 @@ components:
title: Policy uuid title: Policy uuid
name: name:
type: string type: string
nullable: true
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -27567,6 +27580,7 @@ components:
- component - component
- expression - expression
- meta_model_name - meta_model_name
- name
- pk - pk
- verbose_name - verbose_name
- verbose_name_plural - verbose_name_plural
@ -27576,7 +27590,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -27586,6 +27600,7 @@ components:
minLength: 1 minLength: 1
required: required:
- expression - expression
- name
FilePathRequest: FilePathRequest:
type: object type: object
description: Serializer to upload file description: Serializer to upload file
@ -28240,7 +28255,6 @@ components:
title: Policy uuid title: Policy uuid
name: name:
type: string type: string
nullable: true
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -28272,6 +28286,7 @@ components:
- bound_to - bound_to
- component - component
- meta_model_name - meta_model_name
- name
- pk - pk
- verbose_name - verbose_name
- verbose_name_plural - verbose_name_plural
@ -28281,7 +28296,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -28295,6 +28310,8 @@ components:
type: integer type: integer
maximum: 2147483647 maximum: 2147483647
minimum: -2147483648 minimum: -2147483648
required:
- name
IdentificationChallenge: IdentificationChallenge:
type: object type: object
description: Identification challenges with all UI elements description: Identification challenges with all UI elements
@ -32967,7 +32984,6 @@ components:
title: Policy uuid title: Policy uuid
name: name:
type: string type: string
nullable: true
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -32998,6 +33014,7 @@ components:
- component - component
- days - days
- meta_model_name - meta_model_name
- name
- pk - pk
- verbose_name - verbose_name
- verbose_name_plural - verbose_name_plural
@ -33007,7 +33024,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -33020,6 +33037,7 @@ components:
type: boolean type: boolean
required: required:
- days - days
- name
PasswordPolicy: PasswordPolicy:
type: object type: object
description: Password Policy Serializer description: Password Policy Serializer
@ -33031,7 +33049,6 @@ components:
title: Policy uuid title: Policy uuid
name: name:
type: string type: string
nullable: true
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -33100,6 +33117,7 @@ components:
- bound_to - bound_to
- component - component
- meta_model_name - meta_model_name
- name
- pk - pk
- verbose_name - verbose_name
- verbose_name_plural - verbose_name_plural
@ -33109,7 +33127,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -33161,6 +33179,8 @@ components:
minimum: 0 minimum: 0
description: If the zxcvbn score is equal or less than this value, the policy description: If the zxcvbn score is equal or less than this value, the policy
will fail. will fail.
required:
- name
PasswordStage: PasswordStage:
type: object type: object
description: PasswordStage Serializer description: PasswordStage Serializer
@ -33583,7 +33603,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -33678,7 +33698,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -33728,7 +33748,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -33834,7 +33854,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -34388,7 +34408,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -34405,7 +34425,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -34698,7 +34718,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -35413,7 +35433,6 @@ components:
title: Policy uuid title: Policy uuid
name: name:
type: string type: string
nullable: true
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -35437,6 +35456,7 @@ components:
- bound_to - bound_to
- component - component
- meta_model_name - meta_model_name
- name
- pk - pk
- verbose_name - verbose_name
- verbose_name_plural - verbose_name_plural
@ -35542,11 +35562,13 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged. will be logged. By default, only execution errors are logged.
required:
- name
PolicyTestRequest: PolicyTestRequest:
type: object type: object
description: Test policy execution for a user with context description: Test policy execution for a user with context
@ -36280,7 +36302,6 @@ components:
title: Policy uuid title: Policy uuid
name: name:
type: string type: string
nullable: true
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -36312,6 +36333,7 @@ components:
- bound_to - bound_to
- component - component
- meta_model_name - meta_model_name
- name
- pk - pk
- verbose_name - verbose_name
- verbose_name_plural - verbose_name_plural
@ -36321,7 +36343,7 @@ components:
properties: properties:
name: name:
type: string type: string
nullable: true minLength: 1
execution_logging: execution_logging:
type: boolean type: boolean
description: When this option is enabled, all executions of this policy description: When this option is enabled, all executions of this policy
@ -36334,6 +36356,8 @@ components:
type: integer type: integer
maximum: 2147483647 maximum: 2147483647
minimum: -2147483648 minimum: -2147483648
required:
- name
ResidentKeyRequirementEnum: ResidentKeyRequirementEnum:
enum: enum:
- discouraged - discouraged