-
Notifications
You must be signed in to change notification settings - Fork 828
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump k8s.io/client-go from 0.21.0 to 0.21.2 in /k8s #1586
Merged
strehle
merged 1 commit into
develop
from
dependabot/go_modules/k8s/k8s.io/client-go-0.21.2
Jun 30, 2021
Merged
Bump k8s.io/client-go from 0.21.0 to 0.21.2 in /k8s #1586
strehle
merged 1 commit into
develop
from
dependabot/go_modules/k8s/k8s.io/client-go-0.21.2
Jun 30, 2021
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dependabot
bot
added
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
labels
Jun 18, 2021
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/178584014 The labels on this github issue will be updated when the story is started. |
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/go_modules/k8s/k8s.io/client-go-0.21.2
branch
3 times, most recently
from
June 30, 2021 05:32
e733866
to
97b67f7
Compare
@dependabot rebase |
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.21.0 to 0.21.2. - [Release notes](https://github.com/kubernetes/client-go/releases) - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.21.0...v0.21.2) --- updated-dependencies: - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/go_modules/k8s/k8s.io/client-go-0.21.2
branch
from
June 30, 2021 05:34
97b67f7
to
35a69d7
Compare
strehle
added a commit
that referenced
this pull request
Jun 30, 2021
…nimal_user_lookup * 'develop' of github.com:cloudfoundry/uaa: (76 commits) Bump k8s.io/client-go from 0.21.0 to 0.21.2 in /k8s (#1586) Bump commons-io from 2.7 to 2.10.0 (#1582) Bump k8s.io/api from 0.21.0 to 0.21.2 in /k8s (#1585) Bump github.com/onsi/gomega from 1.11.0 to 1.13.0 in /k8s (#1573) Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.4 in /k8s (#1575) Bump k8s.io/apimachinery from 0.21.0 to 0.21.2 in /k8s (#1587) Github userUserInfo from local configuration (#1595) Add '-Xdebug' jvm args to application container run in cargo if '-Dxdebug=true' option is sepcified for 'gradle run'. (#1592) Bump Guava Dependencies (#1581) Document the 'userInfoUrl' property for OAuth identity provider config Bump Spring Dependencies (#1591) Fix issue 1584 Test that we redirect when client allows only SAML Backfill test cases for using refresh token value that was created with refresh_token_validity seconds specified [#178076368] Bump Spring Dependencies (#1580) fix: test token audience claim in an unordered way Bump Spring Dependencies (#1577) Bump bouncyCastleVersion from 1.68 to 1.69 Small improvements for the consent form (#1561) Use Claims class to desrialize the token string. ...
strehle
added a commit
that referenced
this pull request
Jul 8, 2021
…-reset-filter-refactor # By Markus Strehle (70) and others # Via GitHub (33) and Markus Strehle (3) * 'develop' of github.com:cloudfoundry/uaa: (269 commits) Bump github.com/onsi/gomega from 1.13.0 to 1.14.0 in /k8s (#1599) cleanup code from sonar findings and add additional tests cleanup code from sonar findings and add additional tests More test parameters for UaaUrlUtils.findMatchingRedirectUri() tests fix: Open Redirect Security Issue via some UAA endpoints, including logout.do BigInteger encoding fixed (#1579) Set startStopTimeout to be configurable (#1594) switch to StaleUrlCache origin sync Bump jasmine-core from 3.7.1 to 3.8.0 in /uaa (#1598) Bump jasmine from 3.7.0 to 3.8.0 in /uaa (#1597) Bump dependency (#1596) Performance optimation: Prevent expensive duplicate key exception and use upsert instead (#1562) Refactor: query minimal user information everywhere authorities not needed (#1322) Allow to use Account Chooser without Idp Discovery (#1550) Bump k8s.io/client-go from 0.21.0 to 0.21.2 in /k8s (#1586) Bump commons-io from 2.7 to 2.10.0 (#1582) Update dependencies.gradle update Create dependencies.gradle ... # Conflicts: # server/src/main/java/org/cloudfoundry/identity/uaa/authentication/SessionResetFilter.java
akarollil
added a commit
to GESoftware-CF/uaa
that referenced
this pull request
Aug 5, 2021
* tag 'v75.6.0': Update UAA image reference in k8s deployment template to 75.6.0 Bump k8s.io/client-go from 0.21.3 to 0.22.0 in /k8s (cloudfoundry#1639) Bump k8s.io/api from 0.21.3 to 0.22.0 in /k8s (cloudfoundry#1638) fix generateDocs PKCE support in IDP (OIDC) proxy authorization flow (cloudfoundry#1606) fix: upgrade org.springframework.security.oauth:spring-security-oauth2 from 2.4.0.RELEASE to 2.5.1.RELEASE (cloudfoundry#1632) fix: upgrade org.passay:passay from 1.2.0 to 1.6.0 (cloudfoundry#1633) Do not expire invitations on GET requests (cloudfoundry#1128) revert back revert to last working fix bundle install update (cloudfoundry#1627) update kramdown 2.3.1 (cloudfoundry#1626) Fix bug with origin chooser and selected allowed provider configuration update activesupport 5.2.4.3 (cloudfoundry#1625) update jquery (cloudfoundry#1618) Update Font-Awesome (cloudfoundry#1617) Bump commons-io from 2.10.0 to 2.11.0 (cloudfoundry#1616) rebase rebase merge develop Bump passay version 1.6.1 (cloudfoundry#1612) Bump Spring Dependencies (cloudfoundry#1611) Bump k8s.io/client-go from 0.21.2 to 0.21.3 in /k8s (cloudfoundry#1609) Bump k8s.io/apimachinery from 0.21.2 to 0.21.3 in /k8s (cloudfoundry#1608) Add workaround for revoke access dialog from issue cloudfoundry#1036 (cloudfoundry#1254) Bump spring oauth2 version to 2.5.1.RELEASE (cloudfoundry#1601) Bump addressable from 2.5.0 to 2.8.0 in /uaa/slate (cloudfoundry#1603) Add property option for mail.smtp.ssl.protocols (cloudfoundry#1605) Add property option for mail.smtp.ssl.protocols (cloudfoundry#1604) Fix CF-UAA version number Bump maven dependencies (cloudfoundry#1600) Bump Tomcat dependency Bump github.com/onsi/gomega from 1.13.0 to 1.14.0 in /k8s (cloudfoundry#1599) cleanup code from sonar findings and add additional tests cleanup code from sonar findings and add additional tests More test parameters for UaaUrlUtils.findMatchingRedirectUri() tests fix: Open Redirect Security Issue via some UAA endpoints, including logout.do BigInteger encoding fixed (cloudfoundry#1579) Set startStopTimeout to be configurable (cloudfoundry#1594) switch to StaleUrlCache origin sync Bump jasmine-core from 3.7.1 to 3.8.0 in /uaa (cloudfoundry#1598) Bump jasmine from 3.7.0 to 3.8.0 in /uaa (cloudfoundry#1597) Bump dependency (cloudfoundry#1596) Performance optimation: Prevent expensive duplicate key exception and use upsert instead (cloudfoundry#1562) Refactor: query minimal user information everywhere authorities not needed (cloudfoundry#1322) Allow to use Account Chooser without Idp Discovery (cloudfoundry#1550) Bump k8s.io/client-go from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1586) Bump commons-io from 2.7 to 2.10.0 (cloudfoundry#1582) Update dependencies.gradle update Create dependencies.gradle cleanup PR - remove orphan class - use new class in all tests - dependency cosmetics Bump k8s.io/api from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1585) Bump github.com/onsi/gomega from 1.11.0 to 1.13.0 in /k8s (cloudfoundry#1573) Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.4 in /k8s (cloudfoundry#1575) Bump k8s.io/apimachinery from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1587) Github userUserInfo from local configuration (cloudfoundry#1595) Add '-Xdebug' jvm args to application container run in cargo if '-Dxdebug=true' option is sepcified for 'gradle run'. (cloudfoundry#1592) Bump Guava Dependencies (cloudfoundry#1581) Document the 'userInfoUrl' property for OAuth identity provider config Bump Spring Dependencies (cloudfoundry#1591) Fix issue 1584 Test that we redirect when client allows only SAML Backfill test cases for using refresh token value that was created with refresh_token_validity seconds specified [#178076368] Bump Spring Dependencies (cloudfoundry#1580) fix: test token audience claim in an unordered way Bump Spring Dependencies (cloudfoundry#1577) Bump bouncyCastleVersion from 1.68 to 1.69 Small improvements for the consent form (cloudfoundry#1561) Use Claims class to desrialize the token string. feat: output message when DB cannot be initialized refactor: extract variable formatting: whitespaces do not sleep more than 1 minute fix: test runner flakes fix: authTime can be later than 2037 Bump nokogiri from 1.11.0 to 1.11.4 in /uaa/slate Backfilled unit test Make Java 11 our minimum Additional test cases to verify that ldap bindSecret is not included in the response for the CVE issue where the delete-identity-provider response contained sensitive data #178139149 (cloudfoundry#1572) Adjust unit test to new constructor signature, after rebasing on top of the 'develop' branch Share common 'userInfoUrl' property between OIDC and OAuth2 config + Use it to fetch OAuth2 user info Various code/spaces improvements Implement support for Github OAuth 2.0 provider feat: error log on internal error feat: validate java version Fixed the CVE issue where the delete-identity-provider response contains relyingPartySecret value #178139149 Fix comment Include passcode prompt in json response if discovery or account chooser are enabled Bump bcprov-jdk15on from 1.66 to 1.67 in /server (cloudfoundry#1564) Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:4c7f2d881bc9c4a075232064e906d032c9512b03b87c06cbb2501560cb2f14e4 Return existing records on update failure Restore explicit imports. login_hint should not automatically bypass discovery logic Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /samples/api (cloudfoundry#1544) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /samples/app (cloudfoundry#1546) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /server (cloudfoundry#1545) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /statsd (cloudfoundry#1547) Bump jasmine-core from 3.6.0 to 3.7.1 in /uaa Bump jasmine from 3.6.4 to 3.7.0 in /uaa Bump k8s.io/client-go from 0.20.5 to 0.21.0 in /k8s Bump k8s.io/apimachinery from 0.20.5 to 0.21.0 in /k8s Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.1 in /k8s Bump Spring Dependencies (cloudfoundry#1559) refactor: extract shared code into helper methods Rename variable and test case for clarity Invert boolean method to have a more intuitive naming Add additional tests Only update user if token not issued by UAA Fix wrong username mapping on jwt Bearer with UAA token Bump tomcat-embed-core from 9.0.37 to 9.0.44 in /uaa (cloudfoundry#1548) Bump k8s.io/client-go from 0.20.2 to 0.20.5 in /k8s (cloudfoundry#1541) Bump github.com/onsi/ginkgo from 1.14.2 to 1.15.2 in /k8s (cloudfoundry#1535) Bump k8s.io/api from 0.20.2 to 0.20.5 in /k8s (cloudfoundry#1542) refactor: rename Bump github.com/onsi/gomega from 1.10.4 to 1.11.0 in /k8s (cloudfoundry#1532) Dependeny Updagtes (cloudfoundry#1538) refactor: implement recommendation from thymeleaf (cloudfoundry#1512) Fix typo feat: for unit tests, add time out to waiting for DB to start Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:7fd48f08134e279a4fe2b8a200ecfdca8cda847175df38f1293e9818d7dd53cc Bump dependency Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:c1d54700f1e6b8fabe49917a8e4ca59f381a11c69982439525f9af8a08f29e0c Add MockMvc Test to show performance improvement Fix bug with invalid login_hint on login page Move read configurations and parameters to allow earlier decisions Restructure login method to not read all IdentityProviders on login_hint Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:37fcf63a156b75174fbc7be0e3809d64cda6851de0bfe6fa7f12793d919de96a Added "final" modifier for method-local constant better name for matches function capitilize first letter of log sentence meaningful name for number of url-decode attempts javadoc explaining integrity bypass fix fix double dot path traversal integrity check bypass redirect resolver tests should cover path traversal bypass for both registered paths containing wildcards and those that do not unit tests for redirect_uri path integrity check bypass add lombok dependency Add PKCE support
akarollil
added a commit
to GESoftware-CF/uaa
that referenced
this pull request
Aug 5, 2021
* tag 'v75.6.0': Update UAA image reference in k8s deployment template to 75.6.0 Bump k8s.io/client-go from 0.21.3 to 0.22.0 in /k8s (cloudfoundry#1639) Bump k8s.io/api from 0.21.3 to 0.22.0 in /k8s (cloudfoundry#1638) fix generateDocs PKCE support in IDP (OIDC) proxy authorization flow (cloudfoundry#1606) fix: upgrade org.springframework.security.oauth:spring-security-oauth2 from 2.4.0.RELEASE to 2.5.1.RELEASE (cloudfoundry#1632) fix: upgrade org.passay:passay from 1.2.0 to 1.6.0 (cloudfoundry#1633) Do not expire invitations on GET requests (cloudfoundry#1128) revert back revert to last working fix bundle install update (cloudfoundry#1627) update kramdown 2.3.1 (cloudfoundry#1626) Fix bug with origin chooser and selected allowed provider configuration update activesupport 5.2.4.3 (cloudfoundry#1625) update jquery (cloudfoundry#1618) Update Font-Awesome (cloudfoundry#1617) Bump commons-io from 2.10.0 to 2.11.0 (cloudfoundry#1616) rebase rebase merge develop Bump passay version 1.6.1 (cloudfoundry#1612) Bump Spring Dependencies (cloudfoundry#1611) Bump k8s.io/client-go from 0.21.2 to 0.21.3 in /k8s (cloudfoundry#1609) Bump k8s.io/apimachinery from 0.21.2 to 0.21.3 in /k8s (cloudfoundry#1608) Add workaround for revoke access dialog from issue cloudfoundry#1036 (cloudfoundry#1254) Bump spring oauth2 version to 2.5.1.RELEASE (cloudfoundry#1601) Bump addressable from 2.5.0 to 2.8.0 in /uaa/slate (cloudfoundry#1603) Add property option for mail.smtp.ssl.protocols (cloudfoundry#1605) Add property option for mail.smtp.ssl.protocols (cloudfoundry#1604) Fix CF-UAA version number Bump maven dependencies (cloudfoundry#1600) Bump Tomcat dependency Bump github.com/onsi/gomega from 1.13.0 to 1.14.0 in /k8s (cloudfoundry#1599) cleanup code from sonar findings and add additional tests cleanup code from sonar findings and add additional tests More test parameters for UaaUrlUtils.findMatchingRedirectUri() tests fix: Open Redirect Security Issue via some UAA endpoints, including logout.do BigInteger encoding fixed (cloudfoundry#1579) Set startStopTimeout to be configurable (cloudfoundry#1594) switch to StaleUrlCache origin sync Bump jasmine-core from 3.7.1 to 3.8.0 in /uaa (cloudfoundry#1598) Bump jasmine from 3.7.0 to 3.8.0 in /uaa (cloudfoundry#1597) Bump dependency (cloudfoundry#1596) Performance optimation: Prevent expensive duplicate key exception and use upsert instead (cloudfoundry#1562) Refactor: query minimal user information everywhere authorities not needed (cloudfoundry#1322) Allow to use Account Chooser without Idp Discovery (cloudfoundry#1550) Bump k8s.io/client-go from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1586) Bump commons-io from 2.7 to 2.10.0 (cloudfoundry#1582) Update dependencies.gradle update Create dependencies.gradle cleanup PR - remove orphan class - use new class in all tests - dependency cosmetics Bump k8s.io/api from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1585) Bump github.com/onsi/gomega from 1.11.0 to 1.13.0 in /k8s (cloudfoundry#1573) Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.4 in /k8s (cloudfoundry#1575) Bump k8s.io/apimachinery from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1587) Github userUserInfo from local configuration (cloudfoundry#1595) Add '-Xdebug' jvm args to application container run in cargo if '-Dxdebug=true' option is sepcified for 'gradle run'. (cloudfoundry#1592) Bump Guava Dependencies (cloudfoundry#1581) Document the 'userInfoUrl' property for OAuth identity provider config Bump Spring Dependencies (cloudfoundry#1591) Fix issue 1584 Test that we redirect when client allows only SAML Backfill test cases for using refresh token value that was created with refresh_token_validity seconds specified [#178076368] Bump Spring Dependencies (cloudfoundry#1580) fix: test token audience claim in an unordered way Bump Spring Dependencies (cloudfoundry#1577) Bump bouncyCastleVersion from 1.68 to 1.69 Small improvements for the consent form (cloudfoundry#1561) Use Claims class to desrialize the token string. feat: output message when DB cannot be initialized refactor: extract variable formatting: whitespaces do not sleep more than 1 minute fix: test runner flakes fix: authTime can be later than 2037 Bump nokogiri from 1.11.0 to 1.11.4 in /uaa/slate Backfilled unit test Make Java 11 our minimum Additional test cases to verify that ldap bindSecret is not included in the response for the CVE issue where the delete-identity-provider response contained sensitive data #178139149 (cloudfoundry#1572) Adjust unit test to new constructor signature, after rebasing on top of the 'develop' branch Share common 'userInfoUrl' property between OIDC and OAuth2 config + Use it to fetch OAuth2 user info Various code/spaces improvements Implement support for Github OAuth 2.0 provider feat: error log on internal error feat: validate java version Fixed the CVE issue where the delete-identity-provider response contains relyingPartySecret value #178139149 Fix comment Include passcode prompt in json response if discovery or account chooser are enabled Bump bcprov-jdk15on from 1.66 to 1.67 in /server (cloudfoundry#1564) Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:4c7f2d881bc9c4a075232064e906d032c9512b03b87c06cbb2501560cb2f14e4 Return existing records on update failure Restore explicit imports. login_hint should not automatically bypass discovery logic Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /samples/api (cloudfoundry#1544) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /samples/app (cloudfoundry#1546) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /server (cloudfoundry#1545) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /statsd (cloudfoundry#1547) Bump jasmine-core from 3.6.0 to 3.7.1 in /uaa Bump jasmine from 3.6.4 to 3.7.0 in /uaa Bump k8s.io/client-go from 0.20.5 to 0.21.0 in /k8s Bump k8s.io/apimachinery from 0.20.5 to 0.21.0 in /k8s Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.1 in /k8s Bump Spring Dependencies (cloudfoundry#1559) refactor: extract shared code into helper methods Rename variable and test case for clarity Invert boolean method to have a more intuitive naming Add additional tests Only update user if token not issued by UAA Fix wrong username mapping on jwt Bearer with UAA token Bump tomcat-embed-core from 9.0.37 to 9.0.44 in /uaa (cloudfoundry#1548) Bump k8s.io/client-go from 0.20.2 to 0.20.5 in /k8s (cloudfoundry#1541) Bump github.com/onsi/ginkgo from 1.14.2 to 1.15.2 in /k8s (cloudfoundry#1535) Bump k8s.io/api from 0.20.2 to 0.20.5 in /k8s (cloudfoundry#1542) refactor: rename Bump github.com/onsi/gomega from 1.10.4 to 1.11.0 in /k8s (cloudfoundry#1532) Dependeny Updagtes (cloudfoundry#1538) refactor: implement recommendation from thymeleaf (cloudfoundry#1512) Fix typo feat: for unit tests, add time out to waiting for DB to start Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:7fd48f08134e279a4fe2b8a200ecfdca8cda847175df38f1293e9818d7dd53cc Bump dependency Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:c1d54700f1e6b8fabe49917a8e4ca59f381a11c69982439525f9af8a08f29e0c Add MockMvc Test to show performance improvement Fix bug with invalid login_hint on login page Move read configurations and parameters to allow earlier decisions Restructure login method to not read all IdentityProviders on login_hint Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:37fcf63a156b75174fbc7be0e3809d64cda6851de0bfe6fa7f12793d919de96a Added "final" modifier for method-local constant better name for matches function capitilize first letter of log sentence meaningful name for number of url-decode attempts javadoc explaining integrity bypass fix fix double dot path traversal integrity check bypass redirect resolver tests should cover path traversal bypass for both registered paths containing wildcards and those that do not unit tests for redirect_uri path integrity check bypass add lombok dependency Add PKCE support
akarollil
added a commit
to GESoftware-CF/uaa
that referenced
this pull request
Aug 11, 2021
Conflicts resolved in a gradle build and dependency files, a bunch of template files, and a couple of tests: UU dependencies.gradle UU k8s/templates/values/image.yml UU server/build.gradle UU server/src/main/java/org/cloudfoundry/identity/uaa/login/LoginInfoEndpoint.java UU server/src/main/resources/templates/web/accounts/email_sent.html UU server/src/main/resources/templates/web/accounts/new_activation_email.html UU server/src/main/resources/templates/web/home.html UU server/src/main/resources/templates/web/idp_discovery/account_chooser.html UU server/src/main/resources/templates/web/idp_discovery/password.html UU server/src/test/java/org/cloudfoundry/identity/uaa/oauth/beans/LegacyRedirectResolverTest.java UU uaa/src/test/java/org/cloudfoundry/identity/uaa/login/LoginMockMvcTests.java * master: Update UAA image reference in k8s deployment template to 75.6.0 Bump k8s.io/client-go from 0.21.3 to 0.22.0 in /k8s (cloudfoundry#1639) Bump k8s.io/api from 0.21.3 to 0.22.0 in /k8s (cloudfoundry#1638) fix generateDocs PKCE support in IDP (OIDC) proxy authorization flow (cloudfoundry#1606) fix: upgrade org.springframework.security.oauth:spring-security-oauth2 from 2.4.0.RELEASE to 2.5.1.RELEASE (cloudfoundry#1632) fix: upgrade org.passay:passay from 1.2.0 to 1.6.0 (cloudfoundry#1633) Do not expire invitations on GET requests (cloudfoundry#1128) revert back revert to last working fix bundle install update (cloudfoundry#1627) update kramdown 2.3.1 (cloudfoundry#1626) Fix bug with origin chooser and selected allowed provider configuration update activesupport 5.2.4.3 (cloudfoundry#1625) update jquery (cloudfoundry#1618) Update Font-Awesome (cloudfoundry#1617) Bump commons-io from 2.10.0 to 2.11.0 (cloudfoundry#1616) rebase rebase merge develop Bump passay version 1.6.1 (cloudfoundry#1612) Bump Spring Dependencies (cloudfoundry#1611) Bump k8s.io/client-go from 0.21.2 to 0.21.3 in /k8s (cloudfoundry#1609) Bump k8s.io/apimachinery from 0.21.2 to 0.21.3 in /k8s (cloudfoundry#1608) Add workaround for revoke access dialog from issue cloudfoundry#1036 (cloudfoundry#1254) Bump spring oauth2 version to 2.5.1.RELEASE (cloudfoundry#1601) Bump addressable from 2.5.0 to 2.8.0 in /uaa/slate (cloudfoundry#1603) Add property option for mail.smtp.ssl.protocols (cloudfoundry#1605) Add property option for mail.smtp.ssl.protocols (cloudfoundry#1604) Fix CF-UAA version number Bump maven dependencies (cloudfoundry#1600) Bump Tomcat dependency Bump github.com/onsi/gomega from 1.13.0 to 1.14.0 in /k8s (cloudfoundry#1599) cleanup code from sonar findings and add additional tests cleanup code from sonar findings and add additional tests More test parameters for UaaUrlUtils.findMatchingRedirectUri() tests fix: Open Redirect Security Issue via some UAA endpoints, including logout.do BigInteger encoding fixed (cloudfoundry#1579) Set startStopTimeout to be configurable (cloudfoundry#1594) switch to StaleUrlCache origin sync Bump jasmine-core from 3.7.1 to 3.8.0 in /uaa (cloudfoundry#1598) Bump jasmine from 3.7.0 to 3.8.0 in /uaa (cloudfoundry#1597) Bump dependency (cloudfoundry#1596) Performance optimation: Prevent expensive duplicate key exception and use upsert instead (cloudfoundry#1562) Refactor: query minimal user information everywhere authorities not needed (cloudfoundry#1322) Allow to use Account Chooser without Idp Discovery (cloudfoundry#1550) Bump k8s.io/client-go from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1586) Bump commons-io from 2.7 to 2.10.0 (cloudfoundry#1582) Update dependencies.gradle update Create dependencies.gradle cleanup PR - remove orphan class - use new class in all tests - dependency cosmetics Bump k8s.io/api from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1585) Bump github.com/onsi/gomega from 1.11.0 to 1.13.0 in /k8s (cloudfoundry#1573) Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.4 in /k8s (cloudfoundry#1575) Bump k8s.io/apimachinery from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1587) Github userUserInfo from local configuration (cloudfoundry#1595) Add '-Xdebug' jvm args to application container run in cargo if '-Dxdebug=true' option is sepcified for 'gradle run'. (cloudfoundry#1592) Bump Guava Dependencies (cloudfoundry#1581) Document the 'userInfoUrl' property for OAuth identity provider config Bump Spring Dependencies (cloudfoundry#1591) Fix issue 1584 Test that we redirect when client allows only SAML Backfill test cases for using refresh token value that was created with refresh_token_validity seconds specified [#178076368] Bump Spring Dependencies (cloudfoundry#1580) fix: test token audience claim in an unordered way Bump Spring Dependencies (cloudfoundry#1577) Bump bouncyCastleVersion from 1.68 to 1.69 Small improvements for the consent form (cloudfoundry#1561) Use Claims class to desrialize the token string. feat: output message when DB cannot be initialized refactor: extract variable formatting: whitespaces do not sleep more than 1 minute fix: test runner flakes fix: authTime can be later than 2037 Bump nokogiri from 1.11.0 to 1.11.4 in /uaa/slate Backfilled unit test Make Java 11 our minimum Additional test cases to verify that ldap bindSecret is not included in the response for the CVE issue where the delete-identity-provider response contained sensitive data #178139149 (cloudfoundry#1572) Adjust unit test to new constructor signature, after rebasing on top of the 'develop' branch Share common 'userInfoUrl' property between OIDC and OAuth2 config + Use it to fetch OAuth2 user info Various code/spaces improvements Implement support for Github OAuth 2.0 provider feat: error log on internal error feat: validate java version Fixed the CVE issue where the delete-identity-provider response contains relyingPartySecret value #178139149 Fix comment Include passcode prompt in json response if discovery or account chooser are enabled Bump bcprov-jdk15on from 1.66 to 1.67 in /server (cloudfoundry#1564) Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:4c7f2d881bc9c4a075232064e906d032c9512b03b87c06cbb2501560cb2f14e4 Return existing records on update failure Restore explicit imports. login_hint should not automatically bypass discovery logic Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /samples/api (cloudfoundry#1544) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /samples/app (cloudfoundry#1546) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /server (cloudfoundry#1545) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /statsd (cloudfoundry#1547) Bump jasmine-core from 3.6.0 to 3.7.1 in /uaa Bump jasmine from 3.6.4 to 3.7.0 in /uaa Bump k8s.io/client-go from 0.20.5 to 0.21.0 in /k8s Bump k8s.io/apimachinery from 0.20.5 to 0.21.0 in /k8s Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.1 in /k8s Bump Spring Dependencies (cloudfoundry#1559) refactor: extract shared code into helper methods Rename variable and test case for clarity Invert boolean method to have a more intuitive naming Add additional tests Only update user if token not issued by UAA Fix wrong username mapping on jwt Bearer with UAA token Bump tomcat-embed-core from 9.0.37 to 9.0.44 in /uaa (cloudfoundry#1548) Bump k8s.io/client-go from 0.20.2 to 0.20.5 in /k8s (cloudfoundry#1541) Bump github.com/onsi/ginkgo from 1.14.2 to 1.15.2 in /k8s (cloudfoundry#1535) Bump k8s.io/api from 0.20.2 to 0.20.5 in /k8s (cloudfoundry#1542) refactor: rename Bump github.com/onsi/gomega from 1.10.4 to 1.11.0 in /k8s (cloudfoundry#1532) Dependeny Updagtes (cloudfoundry#1538) refactor: implement recommendation from thymeleaf (cloudfoundry#1512) Fix typo feat: for unit tests, add time out to waiting for DB to start Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:7fd48f08134e279a4fe2b8a200ecfdca8cda847175df38f1293e9818d7dd53cc Bump dependency Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:c1d54700f1e6b8fabe49917a8e4ca59f381a11c69982439525f9af8a08f29e0c Add MockMvc Test to show performance improvement Fix bug with invalid login_hint on login page Move read configurations and parameters to allow earlier decisions Restructure login method to not read all IdentityProviders on login_hint Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:37fcf63a156b75174fbc7be0e3809d64cda6851de0bfe6fa7f12793d919de96a Added "final" modifier for method-local constant better name for matches function capitilize first letter of log sentence meaningful name for number of url-decode attempts javadoc explaining integrity bypass fix fix double dot path traversal integrity check bypass redirect resolver tests should cover path traversal bypass for both registered paths containing wildcards and those that do not unit tests for redirect_uri path integrity check bypass add lombok dependency Add PKCE support
akarollil
added a commit
to GESoftware-CF/uaa
that referenced
this pull request
Aug 12, 2021
Merge conflicts fixed in the following: UU uaa/src/main/webapp/WEB-INF/spring/oauth-endpoints.xml UU uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/token/JwtBearerGrantMockMvcTests.java * master: Update UAA image reference in k8s deployment template to 75.6.0 Bump k8s.io/client-go from 0.21.3 to 0.22.0 in /k8s (cloudfoundry#1639) Bump k8s.io/api from 0.21.3 to 0.22.0 in /k8s (cloudfoundry#1638) fix generateDocs PKCE support in IDP (OIDC) proxy authorization flow (cloudfoundry#1606) fix: upgrade org.springframework.security.oauth:spring-security-oauth2 from 2.4.0.RELEASE to 2.5.1.RELEASE (cloudfoundry#1632) fix: upgrade org.passay:passay from 1.2.0 to 1.6.0 (cloudfoundry#1633) Do not expire invitations on GET requests (cloudfoundry#1128) revert back revert to last working fix bundle install update (cloudfoundry#1627) update kramdown 2.3.1 (cloudfoundry#1626) Fix bug with origin chooser and selected allowed provider configuration update activesupport 5.2.4.3 (cloudfoundry#1625) update jquery (cloudfoundry#1618) Update Font-Awesome (cloudfoundry#1617) Bump commons-io from 2.10.0 to 2.11.0 (cloudfoundry#1616) rebase rebase merge develop Bump passay version 1.6.1 (cloudfoundry#1612) Bump Spring Dependencies (cloudfoundry#1611) Bump k8s.io/client-go from 0.21.2 to 0.21.3 in /k8s (cloudfoundry#1609) Bump k8s.io/apimachinery from 0.21.2 to 0.21.3 in /k8s (cloudfoundry#1608) Add workaround for revoke access dialog from issue cloudfoundry#1036 (cloudfoundry#1254) Bump spring oauth2 version to 2.5.1.RELEASE (cloudfoundry#1601) Bump addressable from 2.5.0 to 2.8.0 in /uaa/slate (cloudfoundry#1603) Add property option for mail.smtp.ssl.protocols (cloudfoundry#1605) Add property option for mail.smtp.ssl.protocols (cloudfoundry#1604) Fix CF-UAA version number Bump maven dependencies (cloudfoundry#1600) Bump Tomcat dependency Bump github.com/onsi/gomega from 1.13.0 to 1.14.0 in /k8s (cloudfoundry#1599) cleanup code from sonar findings and add additional tests cleanup code from sonar findings and add additional tests More test parameters for UaaUrlUtils.findMatchingRedirectUri() tests fix: Open Redirect Security Issue via some UAA endpoints, including logout.do BigInteger encoding fixed (cloudfoundry#1579) Set startStopTimeout to be configurable (cloudfoundry#1594) switch to StaleUrlCache origin sync Bump jasmine-core from 3.7.1 to 3.8.0 in /uaa (cloudfoundry#1598) Bump jasmine from 3.7.0 to 3.8.0 in /uaa (cloudfoundry#1597) Bump dependency (cloudfoundry#1596) Performance optimation: Prevent expensive duplicate key exception and use upsert instead (cloudfoundry#1562) Refactor: query minimal user information everywhere authorities not needed (cloudfoundry#1322) Allow to use Account Chooser without Idp Discovery (cloudfoundry#1550) Bump k8s.io/client-go from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1586) Bump commons-io from 2.7 to 2.10.0 (cloudfoundry#1582) Update dependencies.gradle update Create dependencies.gradle cleanup PR - remove orphan class - use new class in all tests - dependency cosmetics Bump k8s.io/api from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1585) Bump github.com/onsi/gomega from 1.11.0 to 1.13.0 in /k8s (cloudfoundry#1573) Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.4 in /k8s (cloudfoundry#1575) Bump k8s.io/apimachinery from 0.21.0 to 0.21.2 in /k8s (cloudfoundry#1587) Github userUserInfo from local configuration (cloudfoundry#1595) Add '-Xdebug' jvm args to application container run in cargo if '-Dxdebug=true' option is sepcified for 'gradle run'. (cloudfoundry#1592) Bump Guava Dependencies (cloudfoundry#1581) Document the 'userInfoUrl' property for OAuth identity provider config Bump Spring Dependencies (cloudfoundry#1591) Fix issue 1584 Test that we redirect when client allows only SAML Backfill test cases for using refresh token value that was created with refresh_token_validity seconds specified [#178076368] Bump Spring Dependencies (cloudfoundry#1580) fix: test token audience claim in an unordered way Bump Spring Dependencies (cloudfoundry#1577) Bump bouncyCastleVersion from 1.68 to 1.69 Small improvements for the consent form (cloudfoundry#1561) Use Claims class to desrialize the token string. feat: output message when DB cannot be initialized refactor: extract variable formatting: whitespaces do not sleep more than 1 minute fix: test runner flakes fix: authTime can be later than 2037 Bump nokogiri from 1.11.0 to 1.11.4 in /uaa/slate Backfilled unit test Make Java 11 our minimum Additional test cases to verify that ldap bindSecret is not included in the response for the CVE issue where the delete-identity-provider response contained sensitive data #178139149 (cloudfoundry#1572) Adjust unit test to new constructor signature, after rebasing on top of the 'develop' branch Share common 'userInfoUrl' property between OIDC and OAuth2 config + Use it to fetch OAuth2 user info Various code/spaces improvements Implement support for Github OAuth 2.0 provider feat: error log on internal error feat: validate java version Fixed the CVE issue where the delete-identity-provider response contains relyingPartySecret value #178139149 Fix comment Include passcode prompt in json response if discovery or account chooser are enabled Bump bcprov-jdk15on from 1.66 to 1.67 in /server (cloudfoundry#1564) Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:4c7f2d881bc9c4a075232064e906d032c9512b03b87c06cbb2501560cb2f14e4 Return existing records on update failure Restore explicit imports. login_hint should not automatically bypass discovery logic Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /samples/api (cloudfoundry#1544) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /samples/app (cloudfoundry#1546) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /server (cloudfoundry#1545) Bump tomcat-embed-core from 9.0.37 to 9.0.45 in /statsd (cloudfoundry#1547) Bump jasmine-core from 3.6.0 to 3.7.1 in /uaa Bump jasmine from 3.6.4 to 3.7.0 in /uaa Bump k8s.io/client-go from 0.20.5 to 0.21.0 in /k8s Bump k8s.io/apimachinery from 0.20.5 to 0.21.0 in /k8s Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.1 in /k8s Bump Spring Dependencies (cloudfoundry#1559) refactor: extract shared code into helper methods Rename variable and test case for clarity Invert boolean method to have a more intuitive naming Add additional tests Only update user if token not issued by UAA Fix wrong username mapping on jwt Bearer with UAA token Bump tomcat-embed-core from 9.0.37 to 9.0.44 in /uaa (cloudfoundry#1548) Bump k8s.io/client-go from 0.20.2 to 0.20.5 in /k8s (cloudfoundry#1541) Bump github.com/onsi/ginkgo from 1.14.2 to 1.15.2 in /k8s (cloudfoundry#1535) Bump k8s.io/api from 0.20.2 to 0.20.5 in /k8s (cloudfoundry#1542) refactor: rename Bump github.com/onsi/gomega from 1.10.4 to 1.11.0 in /k8s (cloudfoundry#1532) Dependeny Updagtes (cloudfoundry#1538) refactor: implement recommendation from thymeleaf (cloudfoundry#1512) Fix typo feat: for unit tests, add time out to waiting for DB to start Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:7fd48f08134e279a4fe2b8a200ecfdca8cda847175df38f1293e9818d7dd53cc Bump dependency Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:c1d54700f1e6b8fabe49917a8e4ca59f381a11c69982439525f9af8a08f29e0c Add MockMvc Test to show performance improvement Fix bug with invalid login_hint on login page Move read configurations and parameters to allow earlier decisions Restructure login method to not read all IdentityProviders on login_hint Update UAA image reference in k8s deployment template to cloudfoundry/uaa@sha256:37fcf63a156b75174fbc7be0e3809d64cda6851de0bfe6fa7f12793d919de96a Added "final" modifier for method-local constant better name for matches function capitilize first letter of log sentence meaningful name for number of url-decode attempts javadoc explaining integrity bypass fix fix double dot path traversal integrity check bypass redirect resolver tests should cover path traversal bypass for both registered paths containing wildcards and those that do not unit tests for redirect_uri path integrity check bypass add lombok dependency Add PKCE support
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
accepted
Accepted the issue
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps k8s.io/client-go from 0.21.0 to 0.21.2.
Commits
6711973
Update dependencies to v0.21.2 tag3c428df
Merge pull request #102800 from pohly/automated-cherry-pick-of-#102788-upstre...fe825e6
client-go: reduce log level of reflector again6277e97
sync: remove Godeps/b63b1ba
Merge pull request #102587 from saschagrunert/release-1.21c18505f
Revert "Cleanup portforward streams after their usage"ffd8cfc
Merge pull request #102196 from kolyshkin/automated-cherry-pick-of-#102147-up...a802afb
vendor: bump runc to rc95c04de52
Merge pull request #100951 from saschagrunert/automated-cherry-pick-of-#99839...322fe85
Cleanup portforward streams after their usageDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)