Skip to content

Releases: ory/kratos

v0.5.2-alpha.1

22 Oct 13:10
@aeneasr aeneasr
v0.5.2-alpha.1
79fcd8a
This commit was signed with the committer’s verified signature.
aeneasr hackerman
GPG key ID: 1A463E422E5E2222
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.5.2-alpha.1 Pre-release
Pre-release

This release addresses bugs and user experience issues.

0.5.2-alpha.1 (2020-10-22)

Bug Fixes

  • Add debug quickstart yml (#780) (16e6b4d)
  • Gracefully handle double slashes in URLs (aeb9414), closes #779
  • Merge gobuffalo CGO fix (fea2e77)
  • Remove obsolete recovery_token and add link to schema (acf6ac4)
  • Return correct error in login csrf (dd9cab0), closes #785
  • Use correct assert package (76be5b0)

Documentation

  • Small improvements to discord oidc provider guide (#783) (6a3c453)

Tests

  • Add tests for csrf behavior (48993e2), closes #785
  • Mark link as enabled in e2e test (c214b81)
  • Resolve schema test regression (bb7af1b)

Changelog

35aef2d autogen(docs): generate and format documentation
8720041 autogen(docs): regenerate and update changelog
8ce70d1 autogen(docs): regenerate and update changelog
bb4277f autogen(docs): regenerate and update changelog
850155d autogen(docs): update milestone document
20da86c autogen(docs): update milestone document
6eddbcb autogen: add v0.5.1-alpha.1 to version.schema.json
79fcd8a autogen: pin v0.5.2-alpha.1 release commit
6a3c453 docs: small improvements to discord oidc provider guide (#783)
16e6b4d fix: add debug quickstart yml (#780)
aeb9414 fix: gracefully handle double slashes in URLs
fea2e77 fix: merge gobuffalo CGO fix
acf6ac4 fix: remove obsolete recovery_token and add link to schema
dd9cab0 fix: return correct error in login csrf
76be5b0 fix: use correct assert package
48993e2 test: add tests for csrf behavior
c214b81 test: mark link as enabled in e2e test
bb7af1b test: resolve schema test regression

Docker images

  • docker pull oryd/kratos:v0
  • docker pull oryd/kratos:v0.5
  • docker pull oryd/kratos:v0.5.2
  • docker pull oryd/kratos:v0.5.2-alpha.1
  • docker pull oryd/kratos:latest
  • docker pull oryd/kratos:v0-sqlite
  • docker pull oryd/kratos:v0.5-sqlite
  • docker pull oryd/kratos:v0.5.2-sqlite
  • docker pull oryd/kratos:v0.5.2-alpha.1-sqlite
  • docker pull oryd/kratos:latest-sqlite
Assets 22

v0.5.1-alpha.1

20 Oct 07:20
@aeneasr aeneasr
v0.5.1-alpha.1
b85b36b
This commit was signed with the committer’s verified signature.
aeneasr hackerman
GPG key ID: 1A463E422E5E2222
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.5.1-alpha.1 Pre-release
Pre-release

This release resolves an issue where ORY Kratos Docker Images without CGO and SQLite support would fail to boot even when SQLite was not used as a data source.

0.5.1-alpha.1 (2020-10-20)

Bug Fixes

  • Do not require sqlite without build tag (2ee787b)
  • Use extra dc config file for quickstart-dev (72c03f9)

Documentation

Features

  • Auto-update docker and git tags on release (08084a9)
  • Use fixed versions for docker-compose (e73c4ce)

Tests

  • Increase waittime (5e911d6)
  • Reduce flakes by increasing wait time for expiry test (cddf29e)

Unclassified

Changelog

33df2b4 autogen(docs): generate and format documentation
3fd4b21 autogen(docs): generate and format documentation
75e45cb autogen(docs): regenerate and update changelog
91a45bf autogen(docs): regenerate and update changelog
d64e088 autogen(docs): regenerate and update changelog
4fc1ec9 autogen(docs): update milestone document
ff3d0c7 autogen: add v0.5.0-alpha.1 to version.schema.json
b85b36b autogen: pin v0.5.1-alpha.1 release commit
5cf358a chore: update docusaurus template (#774)
295c376 chore: update docusaurus template (#775)
14e7f65 docs: fix spelling mistake
bf401a2 docs: fix spelling mistake (#772)
e614859 docs: improve schemas (#773)
08084a9 feat: auto-update docker and git tags on release
e73c4ce feat: use fixed versions for docker-compose
2ee787b fix: do not require sqlite without build tag
72c03f9 fix: use extra dc config file for quickstart-dev
8be02c8 styles: format
5e911d6 test: increase waittime
cddf29e test: reduce flakes by increasing wait time for expiry test

Docker images

  • docker pull oryd/kratos:v0
  • docker pull oryd/kratos:v0.5
  • docker pull oryd/kratos:v0.5.1
  • docker pull oryd/kratos:v0.5.1-alpha.1
  • docker pull oryd/kratos:latest
  • docker pull oryd/kratos:v0-sqlite
  • docker pull oryd/kratos:v0.5-sqlite
  • docker pull oryd/kratos:v0.5.1-sqlite
  • docker pull oryd/kratos:v0.5.1-alpha.1-sqlite
  • docker pull oryd/kratos:latest-sqlite
Assets 22

v0.5.0-alpha.1

15 Oct 14:10
@aeneasr aeneasr
v0.5.0-alpha.1
557d37d
This commit was signed with the committer’s verified signature.
aeneasr hackerman
GPG key ID: 1A463E422E5E2222
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.5.0-alpha.1 Pre-release
Pre-release

The ORY team and community is very proud to present the next ORY Kratos iteration!

ORY Kratos is now capable of handling native (iOS, Android, Windows, macOS, ...) login, registration, settings, recovery, and verification flows. As a goodie on top, we released a reference React Native application which you can find on GitHub.

We co-released our reference React Native application which acts as a reference on implementing these flows:

Registration

Welcome

Settings

In total, almost 1200 files were changed in about 480 commits. While you can find a list of all changes in the changelist below, these are the changes we are most proud of:

  • We renamed login, registration, ... requests to "flows" consistently across the code base, APIs, and data storage. We now:
    • Initiate a login, registration, ... flow;
    • Fetch a login, registration, ... flow; and
    • Complete a login, registration, ... flow using a login flow method such as "Log in with username and password".
  • All self-service flows are now capable of handling API-based requests that do not originate from Browser such as Chrome. This is set groundwork for handling native flows (see above)!
  • The self service documentation has been refactored and simplified. We added code samples, screenshots, payloads, and curl commands to make things easier and clearer to understand. Video guides have also been added to help you and the community get things done faster!
  • Documentation for rotating important secrets such as the cookie and session secrets was added.
  • The need for reverse proxies was removed by adding the ability to change the ORY Kratos Session Cookie domain and path! The kratos-selfservice-ui-node reference implementation no longer requires HTTP Request piping which greatly simplifies the network layout and codebase!
  • The ORY Kratos CLI is now capable of managing identities with an interface that works almost like the Docker CLI we all love!
  • Admins are now able to initiate account recovery for identities.
  • Email verification and account recovery were refactored. It is now possible to add additional strategies (e.g. recovery codes) in the future, greatly increasing the feature set and security capabilities of future ORY Kratos versions!
  • Lookup to Have I Been Pwnd is no longer a hard requirement, allowing registration processes to complete when the service is unavailable or the network is slow.
  • We contributed several issues and features in upstream projects such as justinas/nosurf, gobuffalo/pop, and many more!
  • The build pipeline has been upgraded to support cross-compilation of CGO with Go 1.15+.
  • Fetching flows no longer requires CSRF cookies to be set, improving developer experience while not compromising on security!
  • ORY Kratos now has ORY Kratos Session Cookies (set in the HTTP Cookie header) and ORY Kratos Session Tokens (set as a HTTP Bearer Authorization token or the X-Session-Token HTTP Header).

Additionally tons of bugs were fixed, tests added, documentation improved, and much more. Please note that several things have changed in a breaking fashion. You can find details for the individual breaking changes in the changelog below.

We would like to thank all community members who contributed towards this release (in no particular order):

Have fun exploring the new release, we hope you like it! If you haven't already, join the ORY Community Slack where we hold weekly community hangouts via video chat and answer your questions, exchange ideas, and present new developments!

0.5.0-alpha.1 (2020-10-15)

Bug Fixes

  • Add missing 'recovery' path in oathkeeper access-rules.yml (#763) (f180dba)

  • Add missing error handling (43c1446)

  • Add ory-prettier-styles to main repo (#744) (aeaddbc)

  • Add remote help description (f66bbe1)

  • Add serve help description (2eb072b)

  • Allow using json with form layout in password registration (bd2225c)

  • Annotate whoami endpoint with cookie and token (a8a781c)

  • Bump datadog version to fix build failure (4dfd322)

  • Change KRATOS_ADMIN_ENDPOINT to KRATOS_ADMIN_URL (763fdc5)

  • Clarify fetch use (8eb2e6f)

  • Complete verification by redirecting to UI with success (f0ecf51)

  • Correct cookie domain on logout (#646) (6d77e04), closes #645

  • Correct help message for import (a5f46d2)

  • Correct password and profile swagger annotations (668c184)

  • Correct password registration method api spec (08dd582)

  • Correct PHONY spelling (#739) (e3d3617)

  • Cover more test cases for persister (37d2e08)

  • Create decoder only once (34dc43b)

  • Deprecate packr2 dependency in makefile (be9a84d), closes #711 #750

  • Do not propagate parent validation error (bf6093d)

  • Don't resend verification emails once verified (#583) (a4d9969), closes #578

  • Enforce endpoint to be set (171ac18)

  • Escape jsx characters in api documentation (0946094)

  • Exit with code 1 on unimplemented CLI commands (66943d7)

  • Explicitly ignore fprint return values (f50e582)

  • Explicitly ignore fprintf results (a83dc50)

  • Fallback to default return url if logout after url is not defined (#594) (7edd367)

  • Favor packr2 over pkger (ac18a45):

    See markbates/pkger#117

  • Find and replace "request" references (41fb673)

  • Force exe buildmode for windows CGO (e017bb5)

  • Html form parse regression issue (6b07cbb)

  • Ignore x/net false positives (7044b95)

  • Improve debugging output for login hook and restructure files (dabac40)

  • Improve debugging output for registration hook and restructure files (ec11775)

  • Improve expired error responses (124a92e)

  • Improve hook tests (55ba485)

  • Improve makefile dependency building (8e1d69a)

  • Improve pagination when listing identities (c60bf44)

  • Improve po...

Read more
Assets 22

v0.4.6-alpha.1

13 Jul 12:35
@aeneasr aeneasr
v0.4.6-alpha.1
ad90e77
Compare
Choose a tag to compare
v0.4.6-alpha.1 Pre-release
Pre-release

Resolves build and install issues and includes a few bugfixes.

0.4.6-alpha.1 (2020-07-13)

Bug Fixes

  • Use proper binary name in dockerfile (d36bbb0)

Changelog

ad90e77 autogen: pin v0.4.6-alpha.1 release commit
d36bbb0 fix: use proper binary name in dockerfile

Docker images

  • docker pull oryd/kratos:v0
  • docker pull oryd/kratos:v0.4
  • docker pull oryd/kratos:v0.4.6
  • docker pull oryd/kratos:v0.4.6-alpha.1
  • docker pull oryd/kratos:latest
  • docker pull oryd/kratos:v0-sqlite
  • docker pull oryd/kratos:v0.4-sqlite
  • docker pull oryd/kratos:v0.4.6-sqlite
  • docker pull oryd/kratos:v0.4.6-alpha.1-sqlite
  • docker pull oryd/kratos:latest-sqlite
Assets 23

v0.4.3-alpha.1

08 Jul 12:48
@aeneasr aeneasr
v0.4.3-alpha.1
a3a34b1
This commit was signed with the committer’s verified signature. The key has expired.
aeneasr hackerman
GPG key ID: 998E76A674F4A689
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.4.3-alpha.1 Pre-release
Pre-release

We are very happy to announce the 0.4 release of ORY Kratos with 163 commits and 817 changed files with 52,681 additions and 9,876 deletions.

There have been many improvements and bugfixes merged. The biggest changes are:

  1. Account recovery ("reset password") has been implemented.
  2. Documentation has been improved with easier to understand examples - currently only for account recovery so let us know what you think!
  3. The configuration has been simplified a lot. It is now much easier to enable account recovery and email verification. This is a breaking change - please read the breaking changes section with care!
  4. The Identity Traits JSON Schema has been renamed to the Identity JSON Schema. This is a breaking change - please read the breaking changes section with care!
  5. prompt=login has been renamed to refresh=true. This is a breaking change - please read the breaking changes section with care!
  6. We have reworked how (error) messages are returned. They now include an ID and all the parameters required for translating and customizing UI messages. This is a breaking change - please read the breaking changes section with care!
  7. Instead of keeping track of update_successful with booleans, flows (e.g. the settings flow) that have more than one state now include a state machine. This is a breaking change - please read the breaking changes section with care!
  8. Tons of tests have been added.
  9. We have reworked and fully tested the migration pipeline to prevent breaking schema changes in future versions.
  10. ORY Kratos now supports login with Azure AD and the Microsoft Identity Platform.

Before upgrading, please make a backup of your database and read the section "Breaking Changes" with care!

0.4.3-alpha.1 (2020-07-08)

Bug Fixes

  • Resolve goreleaser build issues (223571b)
  • Update install.sh script (883d99b)

Changelog

44a0525 autogen(docs): generate and format documentation
f80943c autogen(docs): regenerate and update changelog
a3a34b1 autogen: pin v0.4.3-alpha.1 release commit
223571b fix: resolve goreleaser build issues
883d99b fix: update install.sh script

Docker images

  • docker pull oryd/kratos:v0
  • docker pull oryd/kratos:v0.4
  • docker pull oryd/kratos:v0.4.3
  • docker pull oryd/kratos:v0.4.3-alpha.1
  • docker pull oryd/kratos:latest
  • docker pull oryd/kratos:v0-sqlite
  • docker pull oryd/kratos:v0.4-sqlite
  • docker pull oryd/kratos:v0.4.3-sqlite
  • docker pull oryd/kratos:v0.4.3-alpha.1-sqlite
  • docker pull oryd/kratos:latest-sqlite
Assets 23

v0.3.0-alpha.1

15 May 13:26
@aeneasr aeneasr
v0.3.0-alpha.1
43b693a
This commit was signed with the committer’s verified signature. The key has expired.
aeneasr hackerman
GPG key ID: 998E76A674F4A689
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.3.0-alpha.1 Pre-release
Pre-release

This release finalizes the OpenID Connect and OAuth2 login, registration, and settings strategy with JsonNet data transformation! From now on, "Sign in with Google, Github, ..." is officially supported! It's also possible to link and unlink these connections using the Self-Service Settings Flow! The documentation has been updated to reflect those changes and includes guides to setting up "Sign in with GitHub" in under 5 Minutes! Please be aware that existing OpenID Connect connections will stop working. Check out the "Breaking Changes" section for more info! Want to learn more? Check out the docs!

We also changed the config validation output, making it easier than ever to find bugs in your config:

% kratos --config invalid-config.yml serve
INFO[0001] Config file loaded successfully.              path=invalid-config.yml
ERRO[0001] The provided configuration is invalid and could not be loaded. Check the output below to understand why.  config_file=invalid-config.yml

dsn: <nil>
     ^-- one or more required properties are missing

urls.whitelisted_return_to_urls: https://selfservice.office.example.com
                                 ^-- expected array, but got string

FATA[0001] The services failed to start because the configuration is invalid. Check the output above for more details.

This release concludes over 50 commits and 16.000 lines of code changed.

0.3.0-alpha.1 (2020-05-15)

Bug Fixes

  • Access rules of oathkeeper for quick start (#390) (5ed6d05), closes #389:

    To access / as dashboard

  • Active field should not be required (#401) (aed2a5c), closes ory/sdk#14

  • Adopt jsonnet in e2e oidc tests (5e518fb)

  • Detect postgres unique constraint (3a777af)

  • Fix oidc strategy jsonnet test (f6c48bf)

  • Improve config validation error message (#414) (d1e6896), closes #413

  • Reset request id after parse (9550205)

  • Resolve flaky swagger generation (#416) (ac4acfc)

  • Resolve regression issues and bugs (e6d5369)

  • Return correct error on id mismatch (5915f28)

  • Test and implement mapper_url for jsonnet (40ac3dc)

  • Transaction usage in the identity persister (#404) (7f5072d)

Code Refactoring

  • Adopt new request parser (ad16cc9)

  • Dry config and oidc tests (3e98756)

  • Improve oidc flows and payloads and add e2e tests (#381) (f9a5079), closes #387:

    This patch improves the OpenID Connect login and registration user experience by simplifying the network flows and introduces e2e tests using ORY Hydra.

  • Move cypress files to test/e2e (df8e627)

  • Partition files and change creds structure (4f1eb94):

    This patch changes the data model of the OpenID Connect strategy. Instead of using an array of providers as the base config item (e.g. {"type":"oidc","config":[{"provider":"google","subject":"..."}]}) the credentials config is now an object with a providers key: {"type":"oidc","config":{"providers":[{"provider":"google","subject":"..."}]}}. This change allows introduction of future changes to the schema without breaking compatibility.

  • settings: Use common request parser (ad6c402)

  • Moved scanner json to ory/x (#412) (8a0967d)

  • Replace oidc jsonschema with jsonnet (2b45e79), closes #380:

    This patch replaces the previous methodology of merging OIDC data which used JSON Schema with Extensions and JSON Path in favor of a much easier to use approach with JSONNet.

Documentation

  • Document account enumeration defenses for oidc (266329c), closes #32

  • Document new oidc jsonnet mapper (#392) (088b30f)

  • Document oidc strategy (#415) (9f079f4), closes #409 #124 #32

  • Explain that form data is merged with oidc data (#394) (b0dbec4), closes #127

  • Fix links in README (efb6102), closes #403

  • Improve social sign in guide (#393) (647ced3), closes #49:

    This patch changes the social sign in guide to represent more use cases such as Google and Facebook. Additionally, the example has been updated to work with Jsonnet.

    This patch also documents limitations around merging user data from GitHub.

  • Improve the identity data model page (#410) (2915b8f)

  • Include redirect doc in nav (5aaebff), closes #406

  • Prepare v0.3.0-alpha.1 (d6a6f43)

  • Ui should show only active form sections (#395) (4db674d)

  • Update github templates (#408) (6e646b0)

Features

  • Add format and lint for JSONNet files (0a1b244):

    This patch adds two commands kratos jsonnet format and kratos jsonnet lint that help with formatting and linting JSONNet code.

  • Implement oidc settings e2e tests (919925c)

  • Introduce leaklog for debugging oidc map payloads (238d7a4)

  • Write tests and fix bugs for oidc settings (575a61f)

Unclassified

BREAKING CHANGES

  • If you upgrade and have existing Social Sign In connections, it will no longer be possible to use them to sign in. Because the oidc strategy was undocumented and not officially released we do not provide an upgrade guide. If you run into this issue on a production system you may need to use SQL to change the config of those identities. If this is a real issue for you that you're unable to solve, please create an issue on GitHub.
  • This is a breaking change as previous OIDC configurations will not work. Please consult the newly written documentation on OpenID Connect to learn how to use OIDC in your login and registration flows. Since the OIDC feature was not publicly broadcasted yet we have chosen not to provide an upgrade path. If you have issues, please reach out on the forums or slack.

Changelog

15ce3d8 autogen(docs): generate and format documentation
1b4567b autogen(docs): generate and format documentation
6b0ce46 autogen(docs): regenerate and update changelog
bb68c58 autogen(docs): regenerate and update ch...

Read more
Assets 23

v0.2.1-alpha.1

05 May 09:57
@aeneasr aeneasr
v0.2.1-alpha.1
16463ea
This commit was signed with the committer’s verified signature. The key has expired.
aeneasr hackerman
GPG key ID: 998E76A674F4A689
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.1-alpha.1 Pre-release
Pre-release

Resolves a bug in the kratos-selfservice-ui-node application.

0.2.1-alpha.1 (2020-05-05)

Documentation

  • Fix quickstart hero sections (7c6c439)
  • Fix typo in upgrade guide (a1b1d7c)

Changelog

a73a6d8 autogen(docs): generate and format documentation
be9b37e autogen(docs): regenerate and update changelog
dfdb5c6 autogen(docs): regenerate and update changelog
16463ea chore: pin v0.2.1-alpha.1 release commit
7c6c439 docs: fix quickstart hero sections
a1b1d7c docs: fix typo in upgrade guide

Docker images

  • docker pull oryd/kratos:v0
  • docker pull oryd/kratos:v0.2
  • docker pull oryd/kratos:v0.2.1
  • docker pull oryd/kratos:v0.2.1-alpha.1
  • docker pull oryd/kratos:latest
  • docker pull oryd/kratos:v0-sqlite
  • docker pull oryd/kratos:v0.2-sqlite
  • docker pull oryd/kratos:v0.2.1-sqlite
  • docker pull oryd/kratos:v0.2.1-alpha.1-sqlite
  • docker pull oryd/kratos:latest-sqlite
Assets 23

v0.2.0-alpha.2

04 May 14:23
@aeneasr aeneasr
v0.2.0-alpha.2
ab91689
This commit was signed with the committer’s verified signature. The key has expired.
aeneasr hackerman
GPG key ID: 998E76A674F4A689
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.0-alpha.2 Pre-release
Pre-release

This is a heavy release with over hundreds of commits and files changed! Let's
take a look at some of the highlights!

ORY Oathkeeper now optional

Using ORY Oathkeeper to protect your API is now optional. The basic quickstart
now uses a much simpler set up. Go
check it out now!

PostgreSQL, MySQL, CockroachDB support now tested and official!

All three databases now pass acceptance tests and are thus officially supported!

Self-Service Profile Flow

The self-service profile flow has been refactored into a more generic flow
allowing users to make modifications to their traits and credentials. Check out
the docs to learn
more
about the flow and it's features.

Please keep in mind that the flow's APIs have changed. We recommend re-reading
the docs!

Managing Privileged Profile Fields

Flows such as changing ones profile or primary email address should not be
possible unless the login session is fresh. This prevents your colleague or evil
friend to take over your account while you make yourself a coffee.

ORY Kratos now supports this by redirecting the user to the login screen if
changes to sensitive fields are made. The changes will only be applied after
successful reauthentication.

Changes to Hooks

This patch focuses on refactoring how self-service flows terminate and changes
how hooks behave and when they are executed.

Before this patch, it was not clear whether hooks run before or after an
identity is persisted. This caused problems with multiple writes on the HTTP
ResponseWriter and other bugs.

This patch removes certain hooks from after login, registration, and profile
flows. Per default, these flows now respond with an appropriate payload (
redirect for browsers, JSON for API clients) and deprecate the redirect hook.
This patch includes documentation which explains how these hooks work now.

Additionally, the documentation was updated. Especially the sections about hooks
have been refactored. The login and user registration docs have been updated to
reflect the latest changes as well.

BREAKING CHANGE: Please remove the redirect hook from both login,
registration, and settings after configuration. Please remove the session hook
from your login after configuration. Hooks have moved down a level and are now
configured at selfservice.<login|registration|settings>.<after|before>.hooks
instead of selfservice.<login|registration|settings>.<after|before>.
Hooks are now identified by hook: instead of job:. Please rename those
sections accordingly.

We recommend re-reading the
Hooks Documentation.

Changing Passwords

It's now possible to change your password using the Self-Service Settings Flow!
Lean more about this flow
here

End-To-End Tests

We added tons of end-to-end and integration tests to find and fix pesky bugs.

0.2.0-alpha.2 (2020-05-04)

Bug Fixes

  • Allow setting new password in profile flow (3b5fd5c)
  • Automatically append multiStatements parameter to mySQL URI (#374) (39f77bb)
  • Create pop connection without parsed connection options (#366) (10b6481)
  • Declare proper vars for setting version (#383) (2fc7556)
  • Decouple quickstart scenarios (#336) (17363b3), closes #262:

    Creates several docker compose examples which include various
    scenarios of the quickstart.

    The regular quickstart guide now works without ORY Oathkeeper
    and uses the standalone mode of the example app instead.

    Additionally, the Makefile was improved and now automatically pulls
    required dependencies in the appropriate version.

  • Document Schema API and serve over admin endpoint (#299) (4be417c), closes #287
  • Exempt whomai from csrf protection (#329) (31d4065)
  • Fix swagger annotation (#331) (5c5c78f):

    Closes ory/sdk#10

  • Move to ory sqa service (#309) (7c244e0)
  • Properly annotate error API (a6f1300)
  • Resolve docker build permission issues (f3612e8)
  • Resolve failing test issues (2e968e5)
  • Resolve NULL value for seen_at (#259) (a7d1e86), closes #244:

    Previously, errorx tests were not executed which caused several bugs.

  • Revert use host volume mount for sqlite (#272) (#285) (a7477ab):

    This reverts commit 230ab2d.

  • Show log in ui only when unauthenticated or forced (df77310), closes #323
  • Use semver-regex replacer func (d5c9a47)
  • Use sqlite tag on make install (2c82784)
  • docker: Throw away build artifacts (481ec1b)
  • Remove unused returnTo (e64e5b0)
  • Resolve linux install script archive naming (#302) (c98b8aa)
  • Resolve password continuity issues (56a44fa)
  • Self-service error query parameter name (#308) (be257f5):

    The query parameter for the self-service errors endpoint was named id
    in the API docs, whereas it is the error param that is used by the
    handler.

  • Use host volume mount for sqlite (#272) (230ab2d)
  • Use resilient client for HIBP lookup (#288) (735b435), closes #261
  • Verified_at field should not be required (#353) (15d5e26):

    Closes ory/sdk#11

  • config: Rename config key stmp to smtp (#278) (ef95811)
  • session: Regenerate CSRF Token on principal change (#290) (1527ef4), closes #217
  • session: Whoami endpoint now supports all HTTP methods (#283) (4bf645b), closes #270
  • sql: Rename migrations with same version (#280) (07e46b9), closes #279
  • swagger: Move nolint,deadcode instructions to own file (#293) (1935510):

    Closes ory/docs#279

Code Refactoring

Read more
Assets 23

v0.1.1-alpha.1+oryOS.17

19 Feb 08:47
@aeneasr aeneasr
v0.1.1-alpha.1
a125822
Compare
Choose a tag to compare
v0.1.1-alpha.1+oryOS.17 Pre-release
Pre-release

Changelog

a125822 docs: Regenerate and update changelog
b3a8220 docs: Regenerate and update changelog
a141b30 docs: Regenerate and update changelog
7e12e20 docs: Regenerate and update changelog
3c1c67b docs: Regenerate and update changelog
ee07937 docs: Regenerate and update changelog
64ab9e5 fix: Add verify return to address (#252)
7f0996b fix: Clean up docker quickstart (#255)
30d4632 fix: Resolve several verification problems (#253)
5d4f909 fix: Update verify URLs (#258)
6ace1ee refactor: Support context-based SQL transactions (#254)

Docker images

  • docker pull oryd/kratos:v0
  • docker pull oryd/kratos:v0.1
  • docker pull oryd/kratos:v0.1.1
  • docker pull oryd/kratos:v0.1.1-alpha.1
  • docker pull oryd/kratos:latest
  • docker pull oryd/kratos:v0-sqlite
  • docker pull oryd/kratos:v0.1-sqlite
  • docker pull oryd/kratos:v0.1.1-sqlite
  • docker pull oryd/kratos:v0.1.1-alpha.1-sqlite
  • docker pull oryd/kratos:latest-sqlite
Assets 22

v0.1.0-alpha.6+oryOS.16

16 Feb 18:33
@aeneasr aeneasr
v0.1.0-alpha.6
172dc87
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.0-alpha.6+oryOS.16 Pre-release
Pre-release

Changelog

1968396 chore: Regenerate swagger spec and internal client
f09e3a0 ci: Bump ory/sdk orb
922cf0f docs: Regenerate and update changelog
e097c23 docs: Regenerate and update changelog
d8d8bba docs: Regenerate and update changelog
2d1685f docs: Regenerate and update changelog
c4547dc docs: Regenerate and update changelog
f8964e9 docs: Regenerate and update changelog
b012ed9 docs: Regenerate and update changelog
92b8001 docs: Regenerate and update changelog
d7083ab docs: Regenerate and update changelog
a2178bd feat: Add disabled flag to identifier form fields (#238)
172dc87 feat: Add verification to quickstart (#251)
eed00f4 feat: Implement email verification (#245)
256fad3 feat: Improve password validation strategy (#231)
c72f140 fix(swagger): Sanitize before validate
8473c85 fix(swagger): Use correct annotations for request methods (#237)
24eceb7 fix: Adapt quickstart to verify changes (#247)
4421e6b fix: Gracefully handle selfservice request expiry (#242)
29c83fa fix: Set AuthenticatedAt in session issuer hook (#246)
61f5c1d refactor: Move to ory/jsonschema/v3 everywhere (#229)

Docker images

  • docker pull oryd/kratos:v0
  • docker pull oryd/kratos:v0.1
  • docker pull oryd/kratos:v0.1.0
  • docker pull oryd/kratos:v0.1.0-alpha.6
  • docker pull oryd/kratos:latest
  • docker pull oryd/kratos:v0-sqlite
  • docker pull oryd/kratos:v0.1-sqlite
  • docker pull oryd/kratos:v0.1.0-sqlite
  • docker pull oryd/kratos:v0.1.0-alpha.6-sqlite
  • docker pull oryd/kratos:latest-sqlite
Assets 22