From 782341441a3013e0934f91b25d5893f750fc2758 Mon Sep 17 00:00:00 2001 From: Jens L Date: Tue, 29 Aug 2023 19:57:14 +0200 Subject: [PATCH] website: update 2023.8 release notes (#6666) * update main release notes Signed-off-by: Jens Langhammer * update sidebar Signed-off-by: Jens Langhammer * Apply suggestions from code review Co-authored-by: Tana M Berry Signed-off-by: Jens L. --------- Signed-off-by: Jens Langhammer Signed-off-by: Jens L. Co-authored-by: Tana M Berry --- SECURITY.md | 2 +- website/docs/releases/2023/v2023.8.md | 28 ++++++++++++++++++++++++--- website/sidebars.js | 3 ++- 3 files changed, 28 insertions(+), 5 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 0e3b00b9e..0d9d6a673 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -16,8 +16,8 @@ Even if the issue is not a CVE, we still greatly appreciate your help in hardeni | Version | Supported | | --- | --- | -| 2023.5.x | ✅ | | 2023.6.x | ✅ | +| 2023.8.x | ✅ | ## Reporting a Vulnerability diff --git a/website/docs/releases/2023/v2023.8.md b/website/docs/releases/2023/v2023.8.md index 3075d54df..cc0426fdc 100644 --- a/website/docs/releases/2023/v2023.8.md +++ b/website/docs/releases/2023/v2023.8.md @@ -23,9 +23,17 @@ slug: "/releases/2023.8" ## New features +- Enterprise (preview) + + This is the first release to include the _Enterprise_ section, where you can acquire a license in our Customer Portal and get enterprise licenses for your authentik instance. See more info [here](../../enterprise/index.md) + +- Config reloading + + For better security and to better support running in a cloud-native environment, authentik now supports dynamic PostgreSQL and Email credentials. In previous versions, both the authentik server and worker containers required restarting to detect the new credentials. In 2023.8, these credentials are automatically refreshed just before they are used. This means you can use something like [Hashicorp Vault](https://vaultproject.io) to manage short-term credentials that are rotated once a day or even more frequently without needing to restart authentik. + ## Upgrading -This release does not introduce any new requirements. +This release changes the PostgreSQL dependency to require Version 12 or later, which only affects Kubernetes installs. See [here](../../troubleshooting/postgres/upgrade_kubernetes.md) for more info on upgrading. ### docker-compose @@ -50,11 +58,14 @@ image: ## Minor changes/fixes +- \*: fix api errors raised in general validate() to specify a field (#6663) - api: optimise pagination in API schema (#6478) - blueprints: fix blueprint importer logging potentially sensitive data (#6567) +- blueprints: fix tag values not resolved correctly (#6653) - blueprints: prevent duplicate password stage in default flow when using combined identification stage (#6432) - core: bump django from 4.1.7 to 4.2 (#5238) - core: fix UUID filter field for users api (#6203) +- core: fix filtering users by type attribute (#6638) - core: rework recursive group membership (#6017) - enterprise: add more info to enterprise forecast (#6292) - enterprise: initial enterprise (#5721) @@ -63,15 +74,18 @@ image: - outposts/ldap: add more tests (#6188) - outposts/ldap: add test for attribute filtering (#6189) - outposts: Fix infinite self-recursion in traefik reconciler (#6336) -- outposts: fix patch processing (#6338) +- outposts: fix Kubernetes patch processing (#6338) - outposts: make metrics compliant with Prometheus best-practices (#6398) - outposts: support json patch for Kubernetes (#6319) - providers/oauth2: fix aud (Audience) field type which can be a list of… (#6447) - providers/oauth2: fix grant_type password raising an exception (#6333) +- providers/oauth2: fix id_token being saved incorrectly leading to lost claims (#6645) +- providers/proxy: fix JWKS URL in embedded outpost (#6644) - providers/proxy: only intercept auth header when a value is set (#6488) - providers/proxy: set outpost session cookie to httponly and secure wh… (#6482) -- root: add get_int to config loader instead of casting to int everywhere (#6436) - root: always use persistent database connections (#6560) +- root: config: config discovery parity between Go and Python +- root: config: remove redundant default configs - root: migrate bootstrap to blueprints (#6433) - root: partial Live-updating config (#5959) - root: replace builtin psycopg libpq binary implementation with distro… (#6448) @@ -85,14 +99,22 @@ image: - web/admin: fix admin overview layout (#6220) - web/admin: fix user sorting by active field (#6485) - web/admin: hide pagination when no data is loaded yet (#6353) +- web/admin: make version clickable for stable releases (#6626) +- web/admin: only show token expiry when token is set to expire (#6643) +- web/admin: set required flag to false for user attributes (#6418) +- web/common: make API errors more prominent in developer tools (#6637) +- web/elements: improve table error handling, prevent infinite loading … (#6636) - web/flows: fix identification stage band color (#6489) - web/flows: update flow background (#6579) - web/user: fix alignment between image icons and fallback text icons (#6416) - web/user: fix app icon size for user interface - web/user: fix background alignment (#6383) - web/user: fix user settings colours on dark theme (#6499) +- web/user: fix user settings elements not being in cards (#6608) +- web/user: only render expand element when required (#6641) - web: fix app icon rendering, style refinements (#6409) - web: refactor locale handler into top-level context handler (#6022) +- web: replace deprecated terser rollup plugin, remove unused plugin (#6615) - web: rework and expand tooltips (#6435) ## API Changes diff --git a/website/sidebars.js b/website/sidebars.js index 01f84ba55..6b8a56bdf 100644 --- a/website/sidebars.js +++ b/website/sidebars.js @@ -272,13 +272,14 @@ const docsSidebar = { description: "Release notes for recent authentik versions", }, items: [ + "releases/2023/v2023.8", "releases/2023/v2023.6", "releases/2023/v2023.5", - "releases/2023/v2023.4", { type: "category", label: "Previous versions", items: [ + "releases/2023/v2023.4", "releases/2023/v2023.3", "releases/2023/v2023.2", "releases/2023/v2023.1",