pocket-id-pocket-id/CHANGELOG.md at main

starred/pocket-id-pocket-id

Fork 0

mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-06 05:12:57 +03:00

Files

Elias Schneider 8cddcb88e8 release: 1.16.0

2025-11-30 18:30:29 +01:00

114 KiB

Raw Permalink Blame History

v1.16.0

Bug Fixes

use quoted-printable encoding for mails to prevent line limitation (5cf73e9 by @stonith404)
automatically create parent directory of Sqlite db (cfc9e46 by @stonith404)
global audit log user filter not working (d98c0a3 by @stonith404)
theme mode not correctly applied if selected manually (a1cd325 by @stonith404)
hide theme switcher on auth pages because of dynamic background (5d6a7fd by @stonith404)

Documentation

add ENCRYPTION_KEY to .env.example for breaking change preparation (4eeb06f by @stonith404)

Features

light/dark/system mode switcher (#1081 by @kmendell)
add support for S3 storage backend (#1080 by @stonith404)
add support for WEBP profile pictures (#1090 by @stonith404)
add database storage backend (#1091 by @ItalyPaleAle)
adding/removing passkeys creates an entry in audit logs (#1099 by @ItalyPaleAle)
add option to disable S3 integrity check (a3c9687 by @stonith404)
add Cache-Control: private, no-store to all API routes per default (#1126 by @stonith404)

Other

update pnpm to 10.20 (#1082 by @kmendell)
run checks on PR to breaking/** branches (ab9c0f9 by @stonith404)
use constants for AppEnv values (#1098 by @ItalyPaleAle)
bump golang.org/x/crypto from 0.43.0 to 0.45.0 in /backend in the go_modules group across 1 directory (#1107 by @dependabot[bot])
add Finish files (ca888b3 by @stonith404)
upgrade dependencies (4bde271 by @stonith404)
fix Dutch validation message (f523f39 by @stonith404)
fix package vulnerabilities (3d46bad by @stonith404)
update vscode launch.json (#1117 by @mnestor)
rename file backend value fs to filesystem (8d30346 by @stonith404)
fix wrong storage value (b2c718d by @stonith404)
run formatter (14c7471 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.15.0...v1.16.0

v1.15.0

Bug Fixes

sorting by PKCE and re-auth of OIDC clients (e03270e by @stonith404)
replace %lang% placeholder in html lang (#1071 by @daimond113)
disabled property gets ignored when creating an user (76e0192 by @stonith404)
remove redundant indexes in Postgres (6a038fc by @stonith404)

Features

open edit page on table row click (f184120 by @stonith404)
add ability to set default profile picture (#1061 by @stonith404)

Other

add support for OpenBSD binaries (d683d18 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.14.2...v1.15.0

v1.14.2

Bug Fixes

dark oidc client icons not saved on client creation (#1057 by @mufeedali)

Other

add Turkish language files (a190529 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.14.1...v1.14.2

v1.14.1

Bug Fixes

Prevent blinding FOUC in dark mode (#1054 by @mufeedali)
use credProps to save passkey on firefox android (#1055 by @lhoursquentin)
ignore trailing slashes in APP_URL (65616f6 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.14.0...v1.14.1

v1.14.0

Bug Fixes

ignore trailing slash in URL (9f0aa55 by @stonith404)
use constant time comparisons when validating PKCE challenges (#1047 by @ItalyPaleAle)
only animate login background on initial page load (b356cef by @stonith404)
make pkce requirement visible in the oidc form if client is public (47927d1 by @stonith404)
prevent page flickering on redirection based on auth state (10d6403 by @stonith404)

Features

add various improvements to the table component (#961 by @stonith404)
add support for dark mode oidc client icons (#1039 by @kmendell)

Other

add Japanese files (068fcc6 by @kmendell)
bump sveltekit-superforms from 2.27.1 to 2.27.4 in the npm_and_yarn group across 1 directory (#1031 by @dependabot[bot])
update AAGUIDs (#1041 by @github-actions[bot])
bump vite from 7.0.7 to 7.0.8 in the npm_and_yarn group across 1 directory (#1042 by @dependabot[bot])
upgrade dependencies (6362ff9 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.13.1...v1.14.0

v1.13.1

Bug Fixes

uploading a client logo with an URL fails (#1008 by @CzBiX)
mark any callback url as valid if they contain a wildcard (#1006 by @stonith404)

Other

cleanup root of repo, update workflow actions (#1003 by @kmendell)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.13.0...v1.13.1

v1.13.0

Bug Fixes

uploading a client logo with an URL fails if folder doesn't exist (ad8a90c by @stonith404)

Features

add link to API docs on API key page (2c74865 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.12.0...v1.13.0

v1.12.0

Bug Fixes

do not use cache=shared for in-memory SQLite (#971 by @ItalyPaleAle)
show only country in audit log location if no city instead of Unknown (#977 by @vilisseranen)
display login location correctly if country or city is not present (79989fb by @stonith404)
remove previous socket file to prevent bind error (#979 by @Caian)
tokens issued with refresh token flow don't contain groups (#989 by @ItalyPaleAle)
make logo and oidc client images sizes consistent (01db8c0 by @stonith404)
include port in OIDC client details (2c1c67b by @stonith404)
prevent endless effect loop in login wrapper (fc9939d by @stonith404)
improve back button handling on auth pages (d47b203 by @stonith404)
allow any image source but disallow base64 (22f4254 by @stonith404)
date locale can't be loaded if locale is en (b81de45 by @stonith404)

Features

support for url based icons (#840 by @kmendell)
hide alternative sign in methods page if email login disabled (d010be4 by @stonith404)
add required indicator for required inputs (#993 by @stonith404)
add the ability to make email optional (#994 by @stonith404)

Other

fix whitespace after commit message (e8b172f by @stonith404)
update AAGUIDs (#972 by @github-actions[bot])
remove unnecessary logo fallback (b746ac0 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.11.2...v1.12.0

v1.11.2

Bug Fixes

embedded paths not found on windows (c55143d by @stonith404)
do not treat certain failures in app images bootstrap as fatal (#966 by @ItalyPaleAle)
decouple images from app config service (#965 by @stonith404)

Other

use git cliff for release notes (fde4e9b by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.11.1...v1.11.2

v1.11.1

Bug Fixes

add missing translations(8c9cac2 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.11.0...v1.11.1

v1.11.0

Bug Fixes

update localized name and description of ldap group name attribute (#892 by @kmendell)
disable sign up options in UI if UI_CONFIG_DISABLED (1d7cbc2 by @stonith404)
ensure users imported from LDAP have fields validated (#923 by @ItalyPaleAle)
list items on previous page get unselected if other items selected on next page (6c696b4 by @stonith404)
add validation for callback URLs (#929 by @stonith404)
key-rotate doesn't work with database storage (#940 by @ItalyPaleAle)
make environment variables case insensitive where necessary (#954 by @stonith404)
my apps card shouldn't take full width if only one item exists (e7e53a8 by @stonith404)

Features

add custom base url (#858 by @DerSteph)
client_credentials flow support (#901 by @savely-krasovsky)
add info box to app settings if UI config is disabled (a1d8538 by @stonith404)
add CSP header (#908 by @stonith404)
return new id_token when using refresh token (#925 by @ItalyPaleAle)
add PWA support (#938 by @stonith404)
add support for LOG_LEVEL env variable (#942 by @stonith404)
add user display name field (#898 by @kmendell)
allow uppercase usernames (#958 by @stonith404)

Other

use react email for email templates (#734 by @kmendell)
update AAGUIDs (#903 by @github-actions[bot])
add Swedish files (954fb4f by @kmendell)
update AAGUIDs (#926 by @github-actions[bot])
bump vite from 7.0.6 to 7.0.7 in the npm_and_yarn group across 1 directory (#932 by @dependabot[bot])
bump axios from 1.11.0 to 1.12.0 in the npm_and_yarn group across 1 directory (#943 by @dependabot[bot])
minify background image (#933 by @ItalyPaleAle)
include version in changelog (cf08929 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.10.0...v1.11.0

v1.10.0

Bug Fixes

apps showed multiple times if user is in multiple groups (641bbc9 by @stonith404)

Features

redesigned sidebar with administrative dropdown (#881 by @kmendell)

Other

update AAGUIDs (#885 by @github-actions[bot])
bump sveltekit to 2.36.3 and devalue to 5.3.2 (#889 by @kmendell)
add missing translations (#884 by @savely-krasovsky)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.9.1...v1.10.0

v1.9.1

Bug Fixes

sqlite migration drops allowed user groups (d6d1a4c by @stonith404)

Other

add no tx wrap to unit tests (51222f5 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.9.0...v1.9.1

v1.9.0

Bug Fixes

don't force uuid for client id in postgres (2ffc6ba by @stonith404)
sort order incorrect for apps when using postgres (d0392d2 by @stonith404)
ensure SQLite has a writable temporary directory (#876 by @ItalyPaleAle)

Features

support automatic db migration rollbacks (#874 by @stonith404)

Other

add postgres down migration to 20250822000000 (63db4d5 by @stonith404)
fix postgres e2e tests (#877 by @stonith404)
fix playwright browsers not installed (8999173 by @stonith404)
use TEXT instead of VARCHAR for client ID (654593b by @stonith404)
use matrix for e2e tests (c1e515a by @stonith404)
bump golang.org/x/oauth2 from 0.26.0 to 0.27.0 in /backend in the go_modules group across 1 directory (#879 by @dependabot[bot])

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.8.1...v1.9.0

v1.8.1

Bug Fixes

wrong column type for reauthentication tokens in Postgres (#869 by @ItalyPaleAle)
migration clears allowed users groups (5971bfb by @stonith404)

Other

update issue template (#870 by @ItalyPaleAle)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.8.0...v1.8.1

v1.8.0

Bug Fixes

non admin users can't revoke oidc client but see edit link (0e44f24 by @stonith404)
ignore client secret if client is public (#836 by @James18232)
bump rollup from 4.45.3 to 4.46.3 (#845 by @gepbird)
delete webauthn session after login to prevent replay attacks (fe003b9 by @stonith404)
move audit log call before TX is committed (#854 by @ItalyPaleAle)
for one-time access tokens and signup tokens, pass TTLs instead of absolute expiration date (#855 by @ItalyPaleAle)
authorization can't be revoked (0aab3f3 by @stonith404)
ferated identities can't be cleared (24e2742 by @stonith404)
oidc client advanced options color (fc0c99a by @stonith404)
enable foreign key check for sqlite (#863 by @stonith404)

Features

display all accessible oidc clients in the dashboard (#832 by @stonith404)
login code font change (#851 by @James18232)
add option to OIDC client to require re-authentication (#747 by @MorrisMorrison)
add default user groups and claims for new users (#812 by @zeedif)
allow custom client IDs (#864 by @stonith404)

Other

update AAGUIDs (#826 by @github-actions[bot])
update deps and Go 1.25 (#833 by @ItalyPaleAle)
update AAGUIDs (#844 by @github-actions[bot])
add Korean files (d77d8eb by @kmendell)
use proper async calls for cleanupBackend function (#846 by @kmendell)
strip debug symbol from backend binary (#856 by @maximerobine)
change alternative sign in methods text (c51265d by @stonith404)
run formatter (2c122d4 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.7.0...v1.8.0

v1.7.0

Bug Fixes

set input type 'email' for email-based login (#776 by @ItalyPaleAle)
delete WebAuthn registration session after use (#783 by @ItalyPaleAle)
admins can not delete or disable their own account (f0c144c by @kmendell)
authorization animation not working (9ac5d51 by @stonith404)
custom claims input suggestions instantly close after opening (4d59e72 by @stonith404)

Features

Support OTel and JSON for logs (via log/slog) (#760 by @ItalyPaleAle)
add support for code_challenge_methods_supported (#794 by @kmendell)
support reading secret env vars from _FILE (#799 by @ItalyPaleAle)
add robots.txt to block indexing (#806 by @Etienne-bdt)
user application dashboard (#727 by @kmendell)

Other

add Ukrainian files (51b73c9 by @kmendell)
bump form-data from 4.0.1 to 4.0.4 in /frontend in the npm_and_yarn group across 1 directory (#771 by @dependabot[bot])
bump axios from 1.10.0 to 1.11.0 in /frontend in the npm_and_yarn group across 1 directory (#777 by @dependabot[bot])
add Vietnamese files (60f0b28 by @kmendell)
rename glass-row-item to passkey-row (c359b5b by @kmendell)
update dependencies and fix zod/4 import path (ffed465 by @kmendell)
update dependencies and fix zod/4 import path (f3c6521 by @kmendell)
fix federated credentials type error (56ee7d9 by @kmendell)
update Vietnamese display name (12a7a6a by @kmendell)
complete conversion of log calls to slog (#787 by @ItalyPaleAle)
additional logs for database connections (#813 by @ItalyPaleAle)
use reflection to mark file based env variables (#815 by @stonith404)
switch from npm to pnpm (#786 by @kmendell)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.6.4...v1.7.0

v1.6.4

Bug Fixes

migration fails on postgres (#762 by @ItalyPaleAle)

Other

remove labels from issue templates (4c76de4 by @kmendell)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.6.3...v1.6.4

v1.6.3

Bug Fixes

allow passkey names up to 50 characters (b03e91b by @kmendell)
use object-contain for images on oidc-client list (d3bc179 by @kmendell)
ensure user inputs are normalized (#724 by @ItalyPaleAle)
use user-agent for identifying known device signins (ef1d599 by @kmendell)
show rename and delete buttons for passkeys without hovering over the row (2952b15 by @kmendell)

Other

use issue types for new issues (db94f81 by @kmendell)
use correct svelte 5 syntax for signup token modal (f145903 by @kmendell)
upgrade dependencies (#752 by @kmendell)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.6.2...v1.6.3

v1.6.2

Bug Fixes

login failures on Postgres when IP is null (#737 by @ItalyPaleAle)
ensure confirmation dialog shows on top of other components (f103a54 by @kmendell)

Other

update AAGUIDs (#729 by @github-actions[bot])
Fix inconsistent punctuation marks for the language name of zh-TW (#731 by @xlionjuan)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.6.1...v1.6.2

v1.6.1

Other

use latest-distroless tag for latest distroless images (f565c70 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.6.0...v1.6.1

v1.6.0

Bug Fixes

add missing error check in initial user setup (fceb6fa by @stonith404)
app config forms not updating with latest values (#696 by @kmendell)
auth fails when client IP is empty on Postgres (#695 by @ItalyPaleAle)
token introspection authentication not handled correctly (#704 by @stonith404)
allow profile picture update even if "allow own account edit" enabled (9872608 by @stonith404)
support non UTF-8 LDAP IDs (#714 by @stonith404)
linter issues (#719 by @ItalyPaleAle)
actually fix linter issues (#720 by @ItalyPaleAle)
show friendly name in user group selection (5c9e504 by @stonith404)
keep sidebar in settings sticky (e46f60a by @stonith404)
custom claims input suggestions flickering (49f1ab2 by @stonith404)

Features

enhance language selection message and add translation contribution link (be52660 by @stonith404)
encrypt private keys saved on disk and in database (#682 by @ItalyPaleAle)
add "key-rotate" command (#709 by @ItalyPaleAle)
distroless container additional variant + healthcheck command (#716 by @ItalyPaleAle)
add support for OAuth 2.0 Authorization Server Issuer Identification (bf04256 by @stonith404)

Other

use github.com/jinzhu/copier for MapStruct (#698 by @ItalyPaleAle)
add CODEOWNERS file (2ecc1ab by @kmendell)
update CODEOWNERS to be global (459a4fd by @kmendell)
use correct team name for codeowners (3a29027 by @kmendell)
run formatter (857b9cc by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.5.0...v1.6.0

v1.5.0

Bug Fixes

remove duplicate request logging (#678 by @ryankask)
error page flickering after sign out (1a77bd9 by @stonith404)
users can't be updated by admin if self account editing is disabled (29cb551 by @stonith404)
less noisy logging for certain GET requests (#681 by @11notes)
margin of user sign up description (052ac00 by @stonith404)
improve accent color picker disabled state (d976bf5 by @stonith404)
double double full stops for certain error messages (d070b9a by @stonith404)

Documentation

clarify confusing user update logic (1fdb058 by @stonith404)

Features

self-service user signup (#672 by @kmendell)
redact sensitive app config variables if set with env variable (ba61cdb by @stonith404)
improve initial admin creation workflow (287314f by @stonith404)

Other

add formatter to Playwright tests (73e7e0b by @stonith404)
fix e2e tests (4b82975 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.4.1...v1.5.0

v1.4.1

Bug Fixes

app not starting if UI config is disabled and Postgres is used (7d36bda by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.4.0...v1.4.1

v1.4.0

Bug Fixes

allow images with uppercase file extension (1bcb50e by @stonith404)
reduce duration of animations on login and signin page (#648 by @ItalyPaleAle)
center oidc client images if they are smaller than the box (946c534 by @stonith404)
explicitly cache images to prevent unexpected behavior (2e5d268 by @stonith404)
use inline style for dynamic background image URL instead of Tailwind class (bef77ac by @stonith404)

Features

auto-focus on the login buttons (#647 by @ItalyPaleAle)
use icon instead of text on application image update hover state (215531d by @stonith404)
ui accent colors (#643 by @kmendell)
allow setting unix socket mode (#661 by @CnTeng)
location filter for global audit log (#662 by @kmendell)
configurable local ipv6 ranges for audit log (#657 by @kmendell)

Other

Update spelling and grammar in en.json (#650 by @amazingca)
run formatter (fd3c76f by @stonith404)
run formatter (5814549 by @stonith404)
only build required binaries for next image (3717a66 by @stonith404)
cancel build-next action if new one starts (c77167d by @stonith404)
use v1 tag in example docker-compose.yml (c8eb034 by @stonith404)
remove unused crypto util (d5928f6 by @stonith404)
add configuration for backend hot reloading (481df3b by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.3.1...v1.4.0

v1.3.1

Bug Fixes

change timestamp of client_credentials.sql migration (2935236 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.3.0...v1.3.1

v1.3.0

Bug Fixes

don't load app config and user on every route change (bdcef60 by @stonith404)
UI config overridden by env variables don't apply on first start (5e9096e by @stonith404)
OIDC client image can't be deleted (61b62d4 by @stonith404)
use full width for audit log filters (575b2f7 by @stonith404)
misleading text for disable animations option (657a51f by @stonith404)

Documentation

fix pagination API docs (ea4e486 by @stonith404)
remove difficult to maintain OpenAPI properties (3cc82d8 by @stonith404)

Features

add API endpoint for user authorized clients (d217083 by @stonith404)
add unix socket support (#615 by @CnTeng)
JWT bearer assertions for client authentication (#566 by @ItalyPaleAle)
oidc client data preview (#624 by @kmendell)
new color theme for the UI (97f7326 by @stonith404)
allow introspection and device code endpoints to use Federated Client Credentials (#640 by @ItalyPaleAle)

Other

run fomratter (dc5d7bb by @stonith404)
add Danish language files (b650d6d by @stonith404)
add Traditional Chinese files (31a803b by @stonith404)
add workflow for building 'next' docker image (#633 by @kmendell)
upgrade to Zod v4 (#623 by @stonith404)
add missing permission (f403eed by @stonith404)
add missing attestions permission (b25e95f by @stonith404)
update AAGUIDs (#639 by @github-actions[bot])
upgrade to Shadcn v1.0.0 (242d87a by @stonith404)
add docs link and rename to Federated Client Credentials (#636 by @ItalyPaleAle)
add branch check to release script (a09d529 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.2.0...v1.3.0

v1.2.0

Bug Fixes

show LAN for auditlog location for internal networks (b874681 by @kmendell)
small fixes in analytics_job (#582 by @ItalyPaleAle)
run jobs at interval instead of specific time (#585 by @ItalyPaleAle)
don't use TOFU for logout callback URLs (#588 by @ItalyPaleAle)
clear default app config variables from database (decf8ec by @stonith404)
allow users to update their locale even when own account update disabled (6c00aaa by @stonith404)
fallback to primary language if no translation available for specific country (2440379 by @stonith404)
whitelist authorization header for CORS (b9489b5 by @stonith404)
improve spacing on auth screens (04fcf11 by @stonith404)
page scrolls up on form submisssion (31ad904 by @stonith404)

Documentation

use https in .env.example (c24a554 by @stonith404)

Features

auto detect callback url (#583 by @kmendell)

Other

adapt unit test for new app config default value behavior (00259f8 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.1.0...v1.2.0

v1.1.0

Bug Fixes

use ldapAttributeUserUsername for finding group members (#565 by @kmendell)
run user group count inside a transaction (f03b80f by @stonith404)

Features

require user verification for passkey sign in (68e4b67 by @stonith404)
show allowed group count on oidc client list (#567 by @kmendell)
add daily heartbeat request for counting Pocket ID instances (#578 by @stonith404)

Other

update AAGUIDs (#576 by @github-actions[bot])
tag container images with v{major} (#577 by @maximbaz)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v1.0.0...v1.1.0

v1.0.0

Bug Fixes

custom logo not correctly loaded if UI configuration is disabled (bf710ae by @stonith404)
animation speed set to max of 300ms (c726c16 by @kmendell)
authorize page doesn't load (c3a03db by @stonith404)
ldap tests (4dc0b2f by @kmendell)
remove curly bracket from user group URL (5fa15f6 by @stonith404)
remove nested button in user group list (f57c8d3 by @stonith404)
add back month and year selection for date picker (6c35570 by @stonith404)
show correct app name on sign out page (131f470 by @stonith404)
use pointer cursor for menu items (f820fc8 by @stonith404)
use same color as title for description in alert (e19b33f by @stonith404)
trim whitespaces from string inputs (#537 by @stonith404)

Documentation

adapt contribution guide (cbe7aa6 by @stonith404)

Features

improve buttons styling (c37386f by @stonith404)

Other

update AAGUIDs (#523 by @github-actions[bot])
remove old DB env variables, and jwk migrations logic (#529 by @kmendell)
switch SQLite driver to pure-Go implementation (#530 by @ItalyPaleAle)
flaky unit test in db_bootstrap_test (#532 by @ItalyPaleAle)
update options API for simplewebauthn (#543 by @RealOrangeOne)
update AAGUIDs (#547 by @github-actions[bot])
add Polish translations (#554 by @mikolaj92)
serve the static frontend trough the backend (f8a7467 by @stonith404)
update release pipelines (35b227c by @ItalyPaleAle)
replace create-one-time-access-token script with in-app functionality (cb2a9f9 by @ItalyPaleAle)
address linter's complaint in 1.0 branch (3896b7b by @ItalyPaleAle)
some clean-up in OIDC service and controller (b71c84c by @ItalyPaleAle)
remove pocket-id binary (b2e8993 by @kmendell)
add pocket-id to .gitignore (8326bfd by @kmendell)
add .well-known to development reverse proxy (05b443d by @stonith404)
migrate shadcn-components to Svelte 5 and TW4 (28c8599 by @kmendell)
adapt e2e tests (ac6df53 by @stonith404)
use bits-10 as selector (21cb331 by @kmendell)
wait for network (53f212f by @kmendell)
move e2e tests to root of repository (966a566 by @stonith404)
start test containers with Docker Compose (ebcf861 by @stonith404)
fix .auth path of e2e tests (ca5e754 by @stonith404)
move auth.setup.ts into specs folder (9fff6ec by @stonith404)
fix change locale test (5b3ff7b by @stonith404)
fix lldap setup if data already seeded (3042de2 by @stonith404)
add missing types to Playwright tests (a65c0b3 by @stonith404)
fix e2e tests after shadcn upgrade (869c4c5 by @stonith404)
exclude binary from project root (0d4d538 by @stonith404)
remove unused data.json (2a457ac by @stonith404)
add major flag to release script (2793eb4 by @stonith404)
upgrade build-push-action (ed0e566 by @stonith404)
remove default value from TARGETARCH in Dockerfile (7691622 by @stonith404)
fix subject digest in container image attestation (31ae8ca by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.53.0...v1.0.0

v0.53.0

Bug Fixes

handle CORS correctly for endpoints that SPAs need (#513 by @stonith404)

Features

add support for TZ environment variable (5e2e947 by @stonith404)

Other

organize imports (ba256c7 by @stonith404)
add e2e LDAP tests (#466 by @kmendell)
remove wait for LDAP sync (de648dd by @stonith404)
run formatter (e0db469 by @stonith404)
add explicit permissions to actions (90bdd29 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.52.0...v0.53.0

v0.52.0

Bug Fixes

correctly set script permissions inside Docker container (c55fef0 by @stonith404)

Features

OpenTelemetry tracing and metrics (#495 by @daenney)
add healthz endpoint (#494 by @ItalyPaleAle)

Other

add svelte-check workflow for the frontend (8ec2388 by @kmendell)
build frontend to include paraglide before running svelte-check (5d78445 by @kmendell)
create a PR instead of commiting for update aaguids workflow (364f5b3 by @stonith404)
update AAGUIDs (#507 by @github-actions[bot])

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.51.1...v0.52.0

v0.51.1

Bug Fixes

last name still showing as required on account form (#492 by @kmendell)
non admin users weren't able to call the end session endpoint (6bd6cef by @stonith404)
allow LDAP users to update their locale (0b9cbf4 by @stonith404)

Other

bump vite from 6.2.6 to 6.3.4 in /frontend in the npm_and_yarn group across 1 directory (#496 by @dependabot[bot])
complete graceful shutdown implementation and add service runner (#493 by @ItalyPaleAle)
fix type errors (f4c6cff by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.51.0...v0.51.1

v0.51.0

Bug Fixes

updating scopes of an authorized client fails with Postgres (0a24ab8 by @stonith404)
hide global audit log switch for non admin users (1efd1d1 by @stonith404)
return correct error message if user isn't authorized (86d2b5f by @stonith404)
do not require PKCE for public clients (ce24372 by @stonith404)

Features

new login code card position for mobile devices (#452 by @James18232)

Other

reorganize imports (4614769 by @stonith404)
graceful shutdown for server (#482 by @ItalyPaleAle)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.50.0...v0.51.0

v0.50.0

Bug Fixes

rootless Caddy data and configuration (#470 by @eiqnepm)
do not override XDG_DATA_HOME/XDG_CONFIG_HOME if they are already set (#472 by @ItalyPaleAle)
prevent deadlock when trying to delete LDAP users (#471 by @ItalyPaleAle)
pass context to methods that were missing it (#487 by @ItalyPaleAle)

Features

make family name optional (#476 by @kmendell)
device authorization endpoint (#270 by @kmendell)

Other

Add Simplified Chinese translation. (#473 by @Star-caorui)
do not force redirects to happen on the server (#481 by @ItalyPaleAle)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.49.0...v0.50.0

v0.49.0

Bug Fixes

locale change in dropdown doesn't work on first try (60bad9e by @stonith404)
remove limit of 20 callback URLs (c37a3e0 by @stonith404)
disable animations not respected on authorize and logout page (e571996 by @stonith404)
hide alternative sign in button if user is already authenticated (4e05b82 by @stonith404)

Features

add description to callback URL inputs (eb689eb by @stonith404)
send email to user when api key expires within 7 days (#451 by @kmendell)
add ability to send login code via email (#457 by @stonith404)
add ability to disable API key expiration email (9122e75 by @stonith404)

Other

add kmendell to FUNDING.yml (e21ee8a by @stonith404)
setup caching and improve ci job performance (#465 by @kmendell)
fix type errors (2597907 by @stonith404)
fix typo in key (55273d6 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.48.0...v0.49.0

v0.48.0

Bug Fixes

profile picture empty for users without first or last name (#449 by @kmendell)
add "type" as reserved claim (0111a58 by @stonith404)
callback URL doesn't get rejected if it starts with a different string (f0dce41 by @stonith404)
user querying fails on global audit log page with Postgres (84f1d5c by @stonith404)

Features

add gif support for logo and background image (56a8b5d by @stonith404)
disable/enable users (#437 by @kmendell)

Other

bump golang.org/x/net from 0.36.0 to 0.38.0 in /backend in the go_modules group across 1 directory (#450 by @dependabot[bot])
add Italian (75fbfee by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.47.0...v0.48.0

v0.47.0

Bug Fixes

define token type as claim for better client compatibility (adf7458 by @stonith404)

Features

add qrcode representation of one time link (#436 by @paulgreg)
disable animations setting toggle (#442 by @kmendell)

Other

bump @sveltejs/kit from 2.16.1 to 2.20.6 in /frontend in the npm_and_yarn group across 1 directory (#443 by @dependabot[bot])
adapt JWTs in e2e tests (9b2d622 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.46.0...v0.47.0

v0.46.0

Bug Fixes

create reusable default profile pictures (#406 by @kmendell)
ensure file descriptors are closed + other bugs (#413 by @ItalyPaleAle)
ensure indexes on audit_logs table (#415 by @ItalyPaleAle)
use transactions when operations involve multiple database queries (#392 by @ItalyPaleAle)
use UUID for temporary file names (ccc18d7 by @stonith404)
add missing rollback for LDAP sync (658a9ca by @stonith404)
ignore profile picture cache after profile picture gets updated (4ba6893 by @stonith404)
improve LDAP error handling (#425 by @ItalyPaleAle)

Documentation

update swagger description to use markdown (#418 by @kmendell)

Features

modernize ui (#381 by @kmendell)
global audit log (#320 by @kmendell)
implement token introspection (#405 by @aksdb)
Added button when you don't have a passkey added. (#426 by @arne)

Other

remove cors exception from middleware as this is handled by the handler (cf3084c by @stonith404)
improve czech translation strings (#408 by @jose-d)
bump vite from 6.2.3 to 6.2.4 in /frontend in the npm_and_yarn group across 1 directory (#410 by @dependabot[bot])
fix mistakes in source strings (4627f36 by @stonith404)
bump vite from 6.2.4 to 6.2.5 in /frontend in the npm_and_yarn group across 1 directory (#417 by @dependabot[bot])
rollback db changes with defer everywhere (ce6e27d by @stonith404)
simplify app_config service and fix race conditions (#423 by @ItalyPaleAle)
bump vite from 6.2.5 to 6.2.6 in /frontend in the npm_and_yarn group across 1 directory (#433 by @dependabot[bot])

Performance Improvements

run async operations in parallel in server load functions (1762629 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.45.0...v0.46.0

v0.45.0

Bug Fixes

use value receiver for AuditLogData (cbd1bbd by @stonith404)
ldap users aren't deleted if removed from ldap server (7e65827 by @stonith404)
use WAL for SQLite by default and set busy_timeout (#388 by @ItalyPaleAle)

Documentation

update .env.example to reflect the new documentation location (#385 by @PsychotherapistSam)

Features

add support for ECDSA and EdDSA keys (#359 by @ItalyPaleAle)

Other

add basic static analysis for backend (#389 by @Rich7690)
run linter only on backend changes (6fa26c9 by @stonith404)
fix code smells (c9e0073 by @stonith404)
fix code smells (5c198c2 by @stonith404)
migrate backend linter to v2. fixed unit test workflow (#400 by @Rich7690)
install inlang plugins from npm (#401 by @gepbird)
add swagger title and version info (#399 by @kmendell)
add Brazilian Portuguese (fc68cf7 by @stonith404)
do not include test controller in production builds (#402 by @ItalyPaleAle)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.44.0...v0.45.0

v0.44.0

Bug Fixes

skip ldap objects without a valid unique id (#376 by @kmendell)
hash the refresh token in the DB (security) (#379 by @ItalyPaleAle)
stop container if Caddy, the frontend or the backend fails (e6f5019 by @stonith404)

Documentation

fix api routers for swag documentation (#378 by @kmendell)

Features

add OIDC refresh_token support (#325 by @kmendell)

Other

fix invalid action configuration (edf1097 by @stonith404)
skip e2e tests if the PR comes from i18n_crowdin (af5b2f7 by @stonith404)
add Russian localization (#371 by @savely-krasovsky)
bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 in /backend in the go_modules group across 1 directory (#374 by @dependabot[bot])
add French, Czech and German to language picker (35766af by @stonith404)
use atomic renames for uploaded files (#372 by @ItalyPaleAle)
bump vite from 6.2.1 to 6.2.3 in /frontend in the npm_and_yarn group across 1 directory (#384 by @dependabot[bot])

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.43.1...v0.44.0

v0.43.1

Bug Fixes

wrong base locale causes crash (3120ebf by @stonith404)

Other

ignore e2e tests on Crowdin branch (2fb4193 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.43.0...v0.43.1

v0.43.0

Features

name new passkeys based on agguids (#332 by @kmendell)
add support for translations (#349 by @jonasclaes)

Other

update Crowdin configuration (3ee26a2 by @stonith404)
use language code with country for messages (31ac560 by @stonith404)
remove unused messages (bb23194 by @stonith404)
add language request issue template (c578bab by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.42.1...v0.43.0

v0.42.1

Bug Fixes

kid not added to JWTs (f7e36a4 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.42.0...v0.42.1

v0.42.0

Features

store keys as JWK on disk (#339 by @ItalyPaleAle)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.41.0...v0.42.0

v0.41.0

Bug Fixes

own avatar not loading (#351 by @savely-krasovsky)

Features

allow reset of profile picture (#355 by @kmendell)

Other

correct misspellings (#352 by @szepeviktor)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.40.1...v0.41.0

v0.40.1

Bug Fixes

email logo icon displaying too big (#336 by @kmendell)
Fixes and performance improvements in utils package (#331 by @ItalyPaleAle)
remove custom claim key restrictions (9f28503 by @stonith404)
API keys not working if sqlite is used (8ead0be by @stonith404)
caching for own profile picture (e45d9e9 by @stonith404)
emails are considered as medium spam by rspamd (#337 by @alexlehm)

Other

add separate worfklow for unit tests (26e0594 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.40.0...v0.40.1

v0.40.0

Bug Fixes

missing write permissions on scripts (ec4b41a by @stonith404)

Features

allow setting path where keys are stored (#327 by @ItalyPaleAle)

Other

add Dev Container (#313 by @nebula-it)
bump golang.org/x/net from 0.34.0 to 0.36.0 in /backend in the go_modules group across 1 directory (#326 by @dependabot[bot])
bump @babel/runtime from 7.26.7 to 7.26.10 in /frontend in the npm_and_yarn group across 1 directory (#328 by @dependabot[bot])
automatically detect release type in release script (a4bfd08 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.39.0...v0.40.0

v0.39.0

Bug Fixes

alternative login method link on mobile (9ef2ddf by @stonith404)

Features

api key authentication (#291 by @kmendell)

Other

adapt api key list to new sort behavior (d1b9f3a by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.38.0...v0.39.0

v0.38.0

Bug Fixes

typo in account settings (#307 by @kotx)
redirection not correctly if signing in with email code (e5ec264 by @stonith404)

Features

add env variable to disable update check (31198fe by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.37.0...v0.38.0

v0.37.0

Bug Fixes

add timeout to update check (04efc36 by @stonith404)
make sorting consistent around tables (8e344f1 by @stonith404)
add back setup page (6a8dd84 by @stonith404)

Documentation

add Discord contact link to issue template (2ee0bad by @stonith404)

Features

increase default item count per page (a9713cf by @stonith404)
add ability to sign in with login code (#271 by @Pyxels)

Other

fix type errors (d0da532 by @stonith404)
fix user group assignment test (7885ae0 by @stonith404)
bump the npm_and_yarn group across 1 directory with 3 updates (#306 by @dependabot[bot])

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.36.0...v0.37.0

v0.36.0

Bug Fixes

default sorting on tables (#299 by @kmendell)

Features

enable sd_notify support (#277 by @savely-krasovsky)
display groups on the account page (#296 by @kmendell)

Other

add pr docker build (#293 by @kmendell)
use github.repository variable intead of hardcoding the repository name (66090f3 by @stonith404)
remove PR docker build action (37b24be by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.35.6...v0.36.0

v0.35.6

Bug Fixes

support LOGIN authentication method for SMTP (#292 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.35.5...v0.35.6

v0.35.5

Bug Fixes

profile picture orientation if image is rotated with EXIF (1026ee4 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.35.4...v0.35.5

v0.35.4

Bug Fixes

add groups scope and claim to well known endpoint (4bafee4 by @stonith404)
support POST for OIDC userinfo endpoint (1652cc6 by @stonith404)
profile picture of other user can't be updated (#273 by @Pyxels)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.35.3...v0.35.4

v0.35.3

Bug Fixes

add option to manually select SMTP TLS method (#268 by @kmendell)
sync error if LDAP user collides with an existing user (fde951b by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.35.2...v0.35.3

v0.35.2

Bug Fixes

updating profile picture of other user updates own profile picture (887c5e4 by @stonith404)
delete profile picture if user gets deleted (9a167d4 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.35.1...v0.35.2

v0.35.1

Bug Fixes

binary profile picture can't be imported from LDAP (840a672 by @stonith404)
add validation that PUBLIC_APP_URL can't contain a path (a6ae7ae by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.35.0...v0.35.1

v0.35.0

Bug Fixes

app config strings starting with a number are parsed incorrectly (816c198 by @stonith404)
emails do not get rendered correctly in Gmail (dca9e7a by @stonith404)

Features

add ability to upload a profile picture (#244 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.34.0...v0.35.0

v0.34.0

Features

add LDAP group membership attribute (#236 by @kmendell)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.33.0...v0.34.0

v0.33.0

Bug Fixes

show "Sync Now" and "Test Email" button even if UI config is disabled (4d0fff8 by @stonith404)
alignment of OIDC client details (c3980d3 by @stonith404)
layout of OIDC client details page on mobile (3de1301 by @stonith404)

Features

add end session endpoint (#232 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.32.0...v0.33.0

v0.32.0

Features

add ability to set custom Geolite DB URL (#226 by @wargio)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.31.0...v0.32.0

v0.31.0

Bug Fixes

user linking in ldap group sync (#222 by @kmendell)

Features

display source in user and group table (#225 by @kmendell)
add ability to override the UI configuration with environment variables (4e85842 by @stonith404)
add warning for only having one passkey configured (#220 by @kmendell)

Other

remove Docker Hub registry (7fbc356 by @stonith404)
downgrade ubuntu version of Docker build action runner (43790dc by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.30.0...v0.31.0

v0.30.0

Documentation

fix freshrss callback url (#212 by @RobinMicek)
add landing page (#203 by @kmendell)
improve landing page (3dda2e1 by @stonith404)
add docs root path redirection (98add37 by @stonith404)
improve mobile layout of landing page (7c04bda by @stonith404)

Features

add custom ldap search filters (#216 by @kmendell)
update host configuration to allow external access (#218 by @jonasclaes)

Other

fix old docker image references (0bae7e4 by @stonith404)
add missing permissions to "Build and Push Docker Image" (d66cf70 by @stonith404)
remove docs from repository (0751540 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.29.0...v0.30.0

v0.29.0

Documentation

enhance documentation (#205 by @kmendell)

Features

add option to disable Caddy in the Docker container (e864d5d by @stonith404)
add JSON support in custom claims (15cde6a by @stonith404)

Other

replace stonith404 with pocket-id after org migration (c6ab2b2 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.28.1...v0.29.0

v0.28.1

Bug Fixes

don't return error page if version info fetching failed (d06257e by @stonith404)

Documentation

fix reauthentication in caddy-security example (19ef483 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.28.0...v0.28.1

v0.28.0

Bug Fixes

use cursor pointer on clickable elements (7798580 by @stonith404)
trusted_proxies for IPv6 enabled hosts (#189 by @apearson)
non LDAP user group can't be updated after update (ecd74b7 by @stonith404)
missing user service dependency (61e71ad by @stonith404)

Documentation

add version label to navbar (#186 by @kmendell)
Add Immich and Headscale client examples (#191 by @jeffreygarc)
Added Gitea and Memos example (#194 by @PrtmPhlp)
add custom pocket-id.org domain (e607fe4 by @stonith404)
add new demo.pocket-id.org domain to the README (2d3cba6 by @stonith404)
add helper scripts install for proxmox (#197 by @kmendell)
add example for adding Pocket ID to FreshRSS (#200 by @UncleArya)

Features

allow LDAP users and groups to be deleted if LDAP gets disabled (9ab1787 by @stonith404)
map allowed groups to OIDC clients (#202 by @stonith404)

Other

add auto deployment for docs website (7497f4a by @stonith404)
ignore irrelevant paths for e2e tests (a1b20f0 by @stonith404)
run formatter (28346da by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.27.2...v0.28.0

v0.27.2

Bug Fixes

smtp hello for tls connections (#180 by @kmendell)

Documentation

fix typos and improve clarity in proxmox.md (#183 by @BrutalCoding)
add missing env file flag to frontend start command (a65ce56 by @stonith404)

Other

upgrade to Nodejs 22 (8cd834a by @stonith404)
upgrade to Tailwind 4 (5c452ce by @stonith404)
upgrade frontend and backend dependencies (04c7f18 by @stonith404)
downgrade formsnap (dab37c5 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.27.1...v0.27.2

v0.27.1

Bug Fixes

send hostname derived from PUBLIC_APP_URL with SMTP EHLO command (397544c by @stonith404)
use OS hostname for SMTP EHLO message (47c39f6 by @stonith404)
add __HOST prefix to cookies (#175 by @stonith404)

Documentation

add more client-examples (#166 by @kmendell)
remove duplicate contribute.md (d071641 by @stonith404)
make CONTRIBUTING instructions work & fix example envs (#152 by @cdanis)

Other

add GitHub release creation to create-release.sh script (7b40355 by @stonith404)
bug template update (#133 by @kmendell)
remove duplicate text from issue template (2884021 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.27.0...v0.27.1

v0.27.0

Bug Fixes

ensure the downloaded GeoLite2 DB is not corrupted & prevent RW race condition (#138 by @wargio)
add save changes dialog before sending test email (#165 by @kmendell)

Documentation

create sample-configurations.md (#142 by @kamilkosek)
add delay_start to caddy security (c211d3f by @stonith404)
add docusaurus docs (#118 by @kmendell)
fix open-webui docs page (#162 by @kmendell)

Features

display private IP ranges correctly in audit log (#139 by @cdanis)

Other

optimize images (#161 by @imgbot[bot])

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.26.0...v0.27.0

v0.26.0

Bug Fixes

non LDAP users get created with a empty LDAP ID string (3f02d08 by @stonith404)

Features

support wildcard callback URLs (8a1db0c by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.25.1...v0.26.0

v0.25.1

Bug Fixes

disable account details inputs if user is imported from LDAP (a8b9d60 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.25.0...v0.25.1

v0.25.0

Bug Fixes

search input not displayed if response hasn't any items (05a98eb by @stonith404)
always set secure on cookie (#130 by @cdanis)
session duration ignored in cookie expiration (bc8f454 by @stonith404)
don't panic if LDAP sync fails on startup (e284e35 by @stonith404)
improve spacing of checkboxes on application configuration page (090eca2 by @stonith404)

Documentation

add guide to setup Pocket ID with Caddy (6e3728d by @stonith404)

Features

add LDAP sync (#106 by @kmendell)
allow sign in with email (#100 by @stonith404)
automatically authorize client if signed in (d5dd118 by @stonith404)

Other

run formatter (692ff70 by @stonith404)
adapt OIDC tests (d4055af by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.24.1...v0.25.0

v0.24.1

Bug Fixes

audit log table overflow if row data is long (4d337a2 by @stonith404)
optional arguments not working with create-one-time-access-token.sh (8885571 by @stonith404)
remove restrictive validation for group names (be6e25a by @stonith404)

Documentation

add account recovery to README (2a984ee by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.24.0...v0.24.1

v0.24.0

Bug Fixes

send test email to the user that has requested it (a649c4b by @stonith404)
pkce state not correctly reflected in oidc client info (61d18a9 by @stonith404)

Features

add sorting for tables (fd69830 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.23.0...v0.24.0

v0.23.0

Features

add PKCE for non public clients (adcf3dd by @stonith404)
use same table component for OIDC client list as all other lists (2d31fc2 by @stonith404)

Other

include static assets in binary (785200d by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.22.0...v0.23.0

v0.22.0

Bug Fixes

passkey can't be added if PUBLIC_APP_URL includes a port (0729ce9 by @stonith404)
hash in callback url is incorrectly appended (f6f2736 by @stonith404)
allow first and last name of user to be between 1 and 50 characters (1ff20ca by @stonith404)
make user validation consistent between pages (333a1a1 by @stonith404)

Documentation

improve text in README (ff75322 by @stonith404)
add "groups" scope to the oauth2-proxy sample configuration (#85 by @janpfischer)

Features

add warning if passkeys missing (2d0bd8d by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.21.0...v0.22.0

v0.21.0

Bug Fixes

OIDC client logo gets removed if other properties get updated (789d939 by @stonith404)

Features

improve error state design for login page (0716c38 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.20.1...v0.21.0

v0.20.1

Bug Fixes

create-one-time-access-token.sh script not compatible with postgres (34e3519 by @stonith404)
wrong date time datatype used for read operations with Postgres (bad901e by @stonith404)

Other

add e2e test for one time access tokens (5480ab0 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.20.0...v0.20.1

v0.20.0

Documentation

add callback url to proxy-services.md (3006bc9 by @stonith404)
add ghcr.io Docker image to docker-compose.yml (e9d83dd by @stonith404)

Features

add support for Postgres database provider (#79 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.19.0...v0.20.0

v0.19.0

Documentation

add demo link (9a8ec15 by @stonith404)

Features

add Tailscale IP detection with CGNAT range check (#77 by @s0up4200)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.18.0...v0.19.0

v0.18.0

Bug Fixes

email save toast shows two times (f2bfc73 by @stonith404)

Documentation

improve MAXMIND_LICENSE_KEY documentation in readme (31a6b57 by @stonith404)
add PUID and PGID to .env.example (7d6b1d1 by @stonith404)

Features

add option to disable TLS for email sending (f9fa2c6 by @stonith404)
allow empty user and password in SMTP configuration (a9f4dad by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.17.0...v0.18.0

v0.17.0

Bug Fixes

don't try to create a new user if the Docker user is not root (#71 by @cdanis)

Documentation

fix OAuth2 proxy link in readme (0b4101c by @stonith404)

Features

add option to specify the Max Mind license key for the Geolite2 db (fcf08a4 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.16.0...v0.17.0

v0.16.0

Features

add health check (058084e by @stonith404)
improve error message for invalid callback url (#69 by @alexlehm)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.15.0...v0.16.0

v0.15.0

Bug Fixes

mobile layout overflow on application configuration page (e784093 by @stonith404)

Documentation

add info that PKCE isn't implemented yet (760c8e8 by @stonith404)

Features

add PKCE support (3613ac2 by @stonith404)
add option to skip TLS certificate check and ability to send test email (653d948 by @stonith404)

Other

add Docker image to ghcr.io and add Docker metadata action (5f44fef by @stonith404)
move checkboxes with label in seperate component (a1302ef by @stonith404)
make Docker image run without root user (#67 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.14.0...v0.15.0

v0.14.0

Bug Fixes

time displayed incorrectly in audit log (3d3fb4d by @stonith404)
overflow of pagination control on mobile (de45398 by @stonith404)

Features

add audit log event for one time access token sign in (aca2240 by @stonith404)

Other

fix build warnings (725388f by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.13.1...v0.14.0

v0.13.1

Bug Fixes

typo in Self-Account Editing description (5b9f4d7 by @stonith404)
errors in middleware do not abort the request (376d747 by @stonith404)

Features

add list empty indicator (becfc00 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.13.0...v0.13.1

v0.13.0

Bug Fixes

bad gateway error if nginx reverse proxy is in front (590cb02 by @stonith404)

Documentation

add Jellyfin Integration Guide (#51 by @donkevlar)
add nginx configuration to README (78c88f5 by @stonith404)

Features

add ability to define expiration of one time link (2ccabf8 by @stonith404)

Other

change default port in dockerfile (3484daf by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.12.0...v0.13.0

v0.12.0

Features

custom claims (#53 by @stonith404)
add validation to custom claim input (7bfc3f4 by @stonith404)
add option to disable self-account editing (8304065 by @stonith404)

Other

fix flaky playwright tests (735dc70 by @stonith404)
fix html reporting of playwright (0b0a678 by @stonith404)
correctly reset app config in tests (3350398 by @stonith404)
fix custom claims test data (b9daa5d by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.11.0...v0.12.0

v0.11.0

Bug Fixes

Features

add email_verified claim (5565f60 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.10.0...v0.11.0

v0.10.0

Bug Fixes

increase callback url count (f3f0e1d by @stonith404)
improve text for initial admin account setup (0a07344 by @stonith404)
no DTO was returned from exchange one time access token endpoint (824c5cb by @stonith404)
cache version information for 3 hours (29d632c by @stonith404)

Features

add version information to footer and update link if new update is available (70ad0b4 by @stonith404)
add script for creating one time access token (a1985ce by @stonith404)

Other

save dates as unix timestamps in database (b39bc4f by @stonith404)
move development scripts into seperate folder (3a300a2 by @stonith404)
improve check of required tools in one time access token script (0aff618 by @stonith404)
dump frontend dependencies (2092007 by @stonith404)
fix wrong file name of package.json in release script (6560fd9 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.9.0...v0.10.0

v0.9.0

Bug Fixes

allow copy to clipboard for client secret (29748cc by @stonith404)

Features

use improve table for users and audit logs (11ed661 by @stonith404)
add environment variable to change the caddy port in Docker (ff06bf0 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.8.1...v0.9.0

v0.8.1

Bug Fixes

add key id to JWK (282ff82 by @stonith404)

Other

create dummy GeoLite2 City database for e2e tests (896da81 by @stonith404)
dump dependencies (9d5f83d by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.8.0...v0.8.1

v0.8.0

Features

add location based on ip to the audit log (025378d by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.7.1...v0.8.0

v0.7.1

Bug Fixes

initials don't get displayed if Gravatar avatar doesn't exist (e095628 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.7.0...v0.7.1

v0.7.0

Features

add ability to set light and dark mode logo (be45eed by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.6.0...v0.7.0

v0.6.0

Bug Fixes

only return user groups if it is explicitly requested (a4a90a1 by @stonith404)

Features

add user groups (24c948e by @stonith404)
add gravatar profile picture integration (365734e by @stonith404)
add copy to clipboard option for OIDC client information (f82020c by @stonith404)

Other

format caddyfiles (7a54d3a by @stonith404)
add user group tests (d02d893 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.5.3...v0.6.0

v0.5.3

Bug Fixes

port environment variables get ignored in caddyfile (3c67765 by @stonith404)
add space to "Firstname" and "Lastname" label (#31 by @edbourque0)

Other

set the go version to 1.23.1 (6bb613e by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.5.2...v0.5.3

v0.5.2

Bug Fixes

updated application name doesn't apply to webauthn credential (924bb14 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.5.1...v0.5.2

v0.5.1

Bug Fixes

debounce oidc client and user search (9c2848d by @stonith404)

Features

improve email templating (#27 by @oidq)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.5.0...v0.5.1

v0.5.0

Features

add audit log with email notification (#26 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.4.1...v0.5.0

v0.4.1

Bug Fixes

limit width of content on large screens (c6f83a5 by @stonith404)
show error message if error occurs while authorizing new client (8038a11 by @stonith404)

Features

add name claim to userinfo endpoint and id token (4e7574a by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.4.0...v0.4.1

v0.4.0

Bug Fixes

oidc client logo not displayed on authorize page (28ed064 by @stonith404)
typo in hasLogo property of oidc dto (2b9413c by @stonith404)
non pointer passed to create user (e7861df by @stonith404)

Features

add setup details to oidc client details (fd21ce5 by @stonith404)
add support for more username formats (903b0b3 by @stonith404)

Other

rename user service (8e27320 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.3.1...v0.4.0

v0.3.1

Bug Fixes

empty lists don't get returned correctly from the api (97f7fc4 by @stonith404)

Other

upgrade dependencies (fc47c2a by @stonith404)
fix missing host in cleanup request (6769cc8 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.3.0...v0.3.1

v0.3.0

Bug Fixes

db migration for multiple callback urls (552d7cc by @stonith404)

Documentation

add proxy guide (9f49e55 by @stonith404)
compress screenshot in README (16f273f by @stonith404)

Features

add support for multiple callback urls (8166e2e by @stonith404)

Other

use dtos in controllers (ae7aeb0 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.2.1...v0.3.0

v0.2.1

Bug Fixes

session duration can't be updated (4780548 by @stonith404)

Other

fix update general configuration test (aaed71e by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.2.0...v0.2.1

v0.2.0

Documentation

add Unraid to README (b49063d by @stonith404)
add note that https is required (74f4c22 by @stonith404)

Features

add INTERNAL_BACKEND_URL env variable (0595d73 by @stonith404)
add user info endpoint to support more oidc clients (fdc1921 by @stonith404)
change default logo (9eec7a3 by @stonith404)

Other

use dependency injection in backend (601f6c4 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.1.3...v0.2.0

v0.1.3

Bug Fixes

logo not white in dark mode (5749d05 by @stonith404)
add missing passkey flags to make icloud passkeys work (cc407e1 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.1.2...v0.1.3

v0.1.2

Bug Fixes

background image not loading (7b44189 by @stonith404)
a non admin user was able to make himself an admin (df0cd38 by @stonith404)
disable search engine indexing (8395492 by @stonith404)
background image on mobile (4a808c8 by @stonith404)

Features

add option to change session duration (475b932 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.1.1...v0.1.2

v0.1.1

Bug Fixes

one time link not displayed correctly (486771f by @stonith404)

Features

add rounded corners to logo (bec908f by @stonith404)

Other

change docker image tag in docker-compose.yml (bc86020 by @stonith404)
fix typo in docker image (4534400 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v0.1.0...v0.1.1

114 KiB Raw Permalink Blame History

v1.16.0

Bug Fixes

Documentation

Features

Other

v1.15.0

Bug Fixes

Features

Other

v1.14.2

Bug Fixes

Other

v1.14.1

Bug Fixes

v1.14.0

Bug Fixes

Features

Other

v1.13.1

Bug Fixes

Other

v1.13.0

Bug Fixes

Features

v1.12.0

Bug Fixes

Features

Other

v1.11.2

Bug Fixes

Other

v1.11.1

Bug Fixes

v1.11.0

Bug Fixes

Features

Other

v1.10.0

Bug Fixes

Features

Other

v1.9.1

Bug Fixes

Other

v1.9.0

Bug Fixes

Features

Other

v1.8.1

Bug Fixes

Other

v1.8.0

Bug Fixes

Features

Other

v1.7.0

Bug Fixes

Features

Other

v1.6.4

Bug Fixes

Other

v1.6.3

Bug Fixes

Other

v1.6.2

Bug Fixes

Other

v1.6.1

Other

v1.6.0

Bug Fixes

Features

Other

v1.5.0

Bug Fixes

Documentation

Features

Other

114 KiB

Raw Permalink Blame History