security: fix CVE 2024 52307

BeryJu commented 20 hours ago

Details

REPLACE ME

Checklist

[ ] Local tests pass (ak test authentik/)
[ ] The code has been formatted (make lint-fix)

If an API change has been made

[ ] The API schema has been updated (make gen-build)

If changes to the frontend have been made

[ ] The code has been formatted (make web)

If applicable

[ ] The documentation has been updated
[ ] The documentation has been formatted (make website)

netlify[bot] commented 20 hours ago

Deploy Preview for authentik-storybook ready!

Name	Link
Latest commit	3cd06eebf4cba2e51dc7d6d251b1642583787ac5
Latest deploy log	https://app.netlify.com/sites/authentik-storybook/deploys/673f34738e389700088a1428
Deploy Preview	https://deploy-preview-12115--authentik-storybook.netlify.app
Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

netlify[bot] commented 20 hours ago

Deploy Preview for authentik-docs ready!

Name	Link
Latest commit	3cd06eebf4cba2e51dc7d6d251b1642583787ac5
Latest deploy log	https://app.netlify.com/sites/authentik-docs/deploys/673f347351a6f700082bce54
Deploy Preview	https://deploy-preview-12115--authentik-docs.netlify.app
Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

codecov[bot] commented 20 hours ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 92.62%. Comparing base (e9c29e1) to head (3cd06ee). Report is 1 commits behind head on main.

:white_check_mark: All tests successful. No failed tests found.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #12115 +/- ## ========================================== - Coverage 92.67% 92.62% -0.06% ========================================== Files 761 761 Lines 37963 37973 +10 ========================================== - Hits 35184 35171 -13 - Misses 2779 2802 +23 ``` | [Flag](https://app.codecov.io/gh/goauthentik/authentik/pull/12115/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=goauthentik) | Coverage Δ | | |---|---|---| | [e2e](https://app.codecov.io/gh/goauthentik/authentik/pull/12115/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=goauthentik) | `49.07% <19.04%> (-0.07%)` | :arrow_down: | | [integration](https://app.codecov.io/gh/goauthentik/authentik/pull/12115/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=goauthentik) | `24.83% <19.04%> (+<0.01%)` | :arrow_up: | | [unit](https://app.codecov.io/gh/goauthentik/authentik/pull/12115/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=goauthentik) | `90.20% <100.00%> (+<0.01%)` | :arrow_up: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=goauthentik#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

🚨 Try these New Features:

JS Bundle Analysis - Avoid shipping oversized bundles

BeryJu commented 20 hours ago

/cherry-pick version-2024.10

BeryJu commented 20 hours ago

/cherry-pick version-2024.8

gcp-cherry-pick-bot[bot] commented 19 hours ago

Cherry-pick failed with Merge error 5ea4580884f99369f0ccfe484c04cb03a66e65b8 into temp-cherry-pick-d8271c-version-2024.10

gcp-cherry-pick-bot[bot] commented 19 hours ago

Cherry-pick failed with Merge error 5ea4580884f99369f0ccfe484c04cb03a66e65b8 into temp-cherry-pick-d8271c-version-2024.8

github-actions[bot] commented 19 hours ago

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your `.env` file: ```shell AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server AUTHENTIK_TAG=gh-3cd06eebf4cba2e51dc7d6d251b1642583787ac5 AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s ``` For arm64, use these values: ```shell AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server AUTHENTIK_TAG=gh-3cd06eebf4cba2e51dc7d6d251b1642583787ac5-arm64 AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s ``` Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your `values.yml` file: ```yaml authentik: outposts: container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s global: image: repository: ghcr.io/goauthentik/dev-server tag: gh-3cd06eebf4cba2e51dc7d6d251b1642583787ac5 ``` For arm64, use these values: ```yaml authentik: outposts: container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s global: image: repository: ghcr.io/goauthentik/dev-server tag: gh-3cd06eebf4cba2e51dc7d6d251b1642583787ac5-arm64 ``` Afterwards, run the upgrade commands from the latest release notes.

goauthentik / authentik