Commit Graph

2497 Commits

Author SHA1 Message Date
dependabot-preview[bot]
b3bc45007a
[MISC] (deps): Bump @types/node from 14.0.6 to 14.0.8 in /web (#1073)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.0.6 to 14.0.8.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-02 10:00:47 +10:00
dependabot-preview[bot]
b40fe4a746
[MISC] (deps): Bump @material-ui/core from 4.10.0 to 4.10.1 in /web (#1072)
Bumps [@material-ui/core](https://github.com/mui-org/material-ui/tree/HEAD/packages/material-ui) from 4.10.0 to 4.10.1.
- [Release notes](https://github.com/mui-org/material-ui/releases)
- [Changelog](https://github.com/mui-org/material-ui/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mui-org/material-ui/commits/v4.10.1/packages/material-ui)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 09:33:59 +10:00
Clément Michaud
d6bea97a93
[DOCS] Add a roadmap section to the documentation. (#1062)
* [DOCS] Add a roadmap section to the documentation.

Adding the roadmap will likely help people figure out what are the next big
topics that might be missing for them to take the leap and use Authelia.
Maybe some users are also waiting for a feature to unlock some use cases.

* Apply suggestions from code review

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-06-01 16:55:58 +10:00
Clément Michaud
eec6424bc9
[DEV] Debug authelia when running a suite. (#1060)
* [DEV] Debug authelia when running a suite.

This runs dlv debugger within authelia backend container so that an IDE can remote
debug the application using port 2345.

* Apply suggestions from code review

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-01 16:50:55 +10:00
dependabot-preview[bot]
7dc79b2ac4
[MISC] (deps): Bump arm64v8/alpine from 3.11.6 to 3.12.0 (#1071)
Bumps arm64v8/alpine from 3.11.6 to 3.12.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-01 13:32:31 +10:00
dependabot-preview[bot]
49b3ea7c2e
[MISC] (deps): Bump arm32v7/alpine from 3.11.6 to 3.12.0 (#1069)
Bumps arm32v7/alpine from 3.11.6 to 3.12.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-01 13:05:07 +10:00
dependabot-preview[bot]
f2d57b76a2
[MISC] (deps): Bump alpine from 3.11.6 to 3.12.0 (#1070)
Bumps alpine from 3.11.6 to 3.12.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 11:20:24 +10:00
dependabot-preview[bot]
1aac6f75cc
[MISC] (deps): Bump alpine in /internal/suites/example/compose/kind (#1068)
Bumps alpine from 3.11.6 to 3.12.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-01 10:42:07 +10:00
dependabot-preview[bot]
431d059c2e
[MISC] (deps): Bump github.com/lib/pq from 1.5.2 to 1.6.0 (#1067)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.2 to 1.6.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.2...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-01 09:52:45 +10:00
dependabot-preview[bot]
844a4c58d1
[MISC] (deps): Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 (#1066)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.5.1...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 08:52:59 +10:00
dependabot-preview[bot]
92ddf5949e
[MISC] (deps): Bump @types/node from 14.0.5 to 14.0.6 in /web (#1063)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.0.5 to 14.0.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-30 12:53:08 +10:00
dependabot-preview[bot]
5d3f010a1f
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.4 to 1.1.5 (#1058)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.4...v1.1.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 21:53:52 +02:00
Amir Zarrinkafsh
b27c1fbae9
[CI] Add PathPrefix integration test suite (#1052)
Add a suite for testing the PathPrefix feature implemented earlier to serve authelia under a multi-purpose domain.

Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-27 13:55:44 +02:00
dependabot-preview[bot]
54fe2a9abd
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.3 to 1.1.4 (#1054)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.3...v1.1.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-26 21:32:37 +02:00
dependabot-preview[bot]
9eda7fb612
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.0.2 to 2.1.0 (#1055)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.0.2...v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:20 +02:00
dependabot-preview[bot]
2b8a8a24a1
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.12.0 to 1.13.1 (#1056)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.12.0 to 1.13.1.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.12.0...v1.13.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:10 +02:00
dependabot-preview[bot]
15abe5053a
[MISC] (deps): Bump github-pages and jekyll in /docs (#1051)
Bumps [github-pages](https://github.com/github/pages-gem) and [jekyll](https://github.com/jekyll/jekyll). These dependencies needed to be updated together.

Updates `github-pages` from 204 to 206
- [Release notes](https://github.com/github/pages-gem/releases)
- [Commits](https://github.com/github/pages-gem/compare/v204...v206)

Updates `jekyll` from 3.8.5 to 3.8.7
- [Release notes](https://github.com/jekyll/jekyll/releases)
- [Changelog](https://github.com/jekyll/jekyll/blob/master/History.markdown)
- [Commits](https://github.com/jekyll/jekyll/compare/v3.8.5...v3.8.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 09:39:54 +10:00
Clément Michaud
a0e4f8e336
[MISC] Remove executable permission of nginx backend files. (#1040)
* [MISC] Remove executable permission of nginx backend files.

* Set permissions to 644 on k8s tar'd files

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-25 10:54:21 +10:00
dependabot-preview[bot]
00fa11020e
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3 (#1048)
* [MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3

Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.2...v1.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* fix sum

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-25 08:54:38 +10:00
dependabot-preview[bot]
70e0bba1d1
[MISC] (deps): Bump github.com/otiai10/copy from 1.1.1 to 1.2.0 (#1047)
Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/otiai10/copy/releases)
- [Commits](https://github.com/otiai10/copy/compare/v1.1.1...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-24 21:31:04 +02:00
Amir Zarrinkafsh
ca1f3c0c4a
[RELEASE] v4.19.1 (#1046) 2020-05-24 10:55:51 +10:00
Amir Zarrinkafsh
e793e9c4e3
[BUGFIX] Add path to generated links for emails (#1045) 2020-05-24 09:51:34 +10:00
dependabot-preview[bot]
763df4ba5a
[MISC] (deps): Bump @material-ui/core from 4.9.14 to 4.10.0 in /web (#1043)
Bumps [@material-ui/core](https://github.com/mui-org/material-ui/tree/HEAD/packages/material-ui) from 4.9.14 to 4.10.0.
- [Release notes](https://github.com/mui-org/material-ui/releases)
- [Changelog](https://github.com/mui-org/material-ui/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mui-org/material-ui/commits/v4.10.0/packages/material-ui)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-24 05:00:21 +10:00
dependabot-preview[bot]
e19eafcfc5
[MISC] (deps): Bump @types/node from 14.0.4 to 14.0.5 in /web (#1042)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.0.4 to 14.0.5.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-22 08:19:50 +10:00
dependabot-preview[bot]
b5f27b7451
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.1 to 1.1.2 (#1041)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.1...v1.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-22 08:04:45 +10:00
Amir Zarrinkafsh
08d412ece8
[DOCS] Add FAQs to Traefik2 (#1038)
Closes #997.
2020-05-21 16:48:54 +02:00
Amir Zarrinkafsh
3249448d5c
[RELEASE] v4.19.0 (#1037) 2020-05-21 16:13:58 +10:00
Amir Zarrinkafsh
0f100d4f7b
[DEPRECATE] Warning for PUBLIC_DIR environment variable (#938) 2020-05-21 14:51:28 +10:00
Clément Michaud
b264e63235
[DEV] Fix permission issue with dev workflow. (#1033)
* [DEV] Fix permission issue with dev workflow.

nginx backend was facing permission denied errors because the permissions of the html
files were too restricted. Moreover those files were added to the docker image while they
could just be mounted as other services.

* Fix Kubernetes integration test

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-21 14:35:22 +10:00
Amir Zarrinkafsh
7488206195
[BUGFIX] Relax CSP for trusted-types (#1036)
This will need to be revisited to re-introduce trusted-types when we have a clear handle on all the libraries and their implementation to support this.
2020-05-21 13:16:37 +10:00
James Elliott
fcd0b5e46a
[FEATURE] Allow Authelia to listen on a specified path (#1027)
* [FEATURE] Allow Authelia to listen on a specified path

* Fix linting and add a couple typescript types

* Template index.html to support base_url

* Update docs and configuration template

* Access base path from body attribute.

* Update CSP

* Fix unit test
Also remove check for body as this will never get triggered, react itself is loaded inside the body so this has to always be successful.

* Template index.html with ${PUBLIC_URL}

* Define PUBLIC_URL in .env(s)

* Add docs clarification

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-05-21 12:20:55 +10:00
James Elliott
469daedd36
[FEATURE] Delay 1FA Authentication (#993)
* adaptively delay 1FA by the actual execution time of authentication
* should grow and shrink over time as successful attempts are made
* uses the average of the last 10 successful attempts to calculate
* starts at an average of 1000ms
* minimum is 250ms
* a random delay is added to the largest of avg or minimum
* the random delay is between 0ms and 85ms
* bump LDAP suite to 80s timeout
* bump regulation scenario to 45s
* add mutex locking
* amend logging
* add docs
* add tests

Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-21 00:03:15 +02:00
dependabot-preview[bot]
147d0879e3
[MISC] (deps): Bump @types/node from 14.0.3 to 14.0.4 in /web (#1035)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.0.3 to 14.0.4.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-20 18:05:07 +10:00
dependabot-preview[bot]
bd288347c4
[MISC] (deps): Bump typescript from 3.9.2 to 3.9.3 in /web (#1034)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.9.2 to 3.9.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v3.9.2...v3.9.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-20 09:42:59 +10:00
dependabot-preview[bot]
969a50cbec
[MISC] (deps): Bump @types/node from 14.0.1 to 14.0.3 in /web (#1032)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.0.1 to 14.0.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-19 21:59:07 +02:00
dependabot-preview[bot]
d09d636d94
[MISC] (deps): Bump @types/jest from 25.2.2 to 25.2.3 in /web (#1031)
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 25.2.2 to 25.2.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-19 08:39:15 +10:00
dependabot-preview[bot]
41bbb73e9d
[MISC] (deps): [Security] Bump activesupport in /docs (#1030)
Bumps [activesupport](https://github.com/rails/rails) from 6.0.2.1 to 6.0.3.1. **This update includes a security fix.**
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v6.0.3.1/activesupport/CHANGELOG.md)
- [Commits](https://github.com/rails/rails/compare/v6.0.2.1...v6.0.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-19 08:24:24 +10:00
dependabot-preview[bot]
13e2050d91
[MISC] (deps): Bump golang from 1.14.2-alpine to 1.14.3-alpine (#1029)
Bumps golang from 1.14.2-alpine to 1.14.3-alpine.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-19 08:22:02 +10:00
Amir Zarrinkafsh
79a2139896
[MISC] Fix linting error introduced in #1001 (#1028) 2020-05-19 07:50:50 +10:00
Clément Michaud
fe5ebfb75a
[FEATURE] Bump to fasthttp/session/v2 to support redis unix socket. (#1001)
* [FEATURE] Bump to fasthttp/session/v2 to support redis unix socket.

* Fix lint issues.

* Remove v1 import and fix double import.

* [DOCS] Document use of redis unix socket.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-18 12:45:47 +10:00
dependabot-preview[bot]
29673195b6
[MISC] (deps): Bump golang in /internal/suites/example/compose/authelia (#1024)
Bumps golang from 1.14.2-alpine to 1.14.3-alpine.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-17 22:17:10 +02:00
James Elliott
675b1b8e26
[RELEASE] v4.18.1 (#1023) 2020-05-16 13:37:01 +10:00
James Elliott
a4cf2e675f
[DEPRECATE] Remove Google Analytics (#1021)
* it doesn't work with our current CSP
* it's probably not used by anyone
* it isn't in harmony with our security purposes
* literally removes all use of it
* suggestions from code review
* remove useless test.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-05-16 09:41:42 +10:00
dependabot-preview[bot]
991ce29e4b
[MISC] (deps): Bump @types/qrcode.react from 1.0.0 to 1.0.1 in /web (#1022)
Bumps [@types/qrcode.react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/qrcode.react) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/qrcode.react)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-15 21:49:34 +02:00
dependabot-preview[bot]
d0b32eb1cc
[MISC] (deps): [Security] Bump handlebars from 4.5.3 to 4.7.6 in /web (#1020)
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.5.3 to 4.7.6. **This update includes a security fix.**
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.5.3...v4.7.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-15 09:57:28 +10:00
James Elliott
73bd2e4479
[FIX] Hash Password Cmd Not Encoding Provided Salt (#999)
* using authelia hash-password if you provide a salt it doesn't encode it as a base64 string
* this causes invalid salts to be stored if a user manually provided one instead of reliance on the automatic generation
* additionally bumped the minimum required salt length to 8 as per reference spec
* additionally removed the maximum salt length as per reference spec (actually 2^32-1 per int32)
* see docs:
  * https://tools.ietf.org/html/draft-irtf-cfrg-argon2-10
  * https://github.com/P-H-C/phc-winner-argon2
  * https://github.com/P-H-C/phc-string-format
* encode all salts
* fix edge case of false positive in CheckPassword
* bump crypt version and fix tests
2020-05-14 15:55:03 +10:00
Amir Zarrinkafsh
561a3f551c
[DOCS] Fix typos in proxy examples (#1015)
Also include global http -> https redirection in Traefik 2.x example.
2020-05-14 13:26:52 +10:00
dependabot-preview[bot]
8339b095c9
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.0 to 1.1.1 (#1016)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.0...v1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-14 08:08:34 +10:00
dependabot-preview[bot]
1b42c6b1a6
[MISC] (deps): Bump @types/jest from 25.2.1 to 25.2.2 in /web (#1019)
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 25.2.1 to 25.2.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-14 07:52:39 +10:00
dependabot-preview[bot]
e259e6182e
[MISC] (deps): Bump gopkg.in/yaml.v2 from 2.2.8 to 2.3.0 (#1017)
Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.8 to 2.3.0.
- [Release notes](https://github.com/go-yaml/yaml/releases)
- [Commits](https://github.com/go-yaml/yaml/compare/v2.2.8...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-14 07:19:17 +10:00