mirror of
https://github.com/pocket-id/pocket-id.git
synced 2025-12-09 17:23:22 +03:00
63 KiB
63 KiB
(2025-08-10)
Features
- add robots.txt to block indexing (#806) (06e1656)
- add support for
code_challenge_methods_supported(#794) (d479817) - Support OTel and JSON for logs (via log/slog) (#760) (78266e3)
- support reading secret env vars from _FILE (#799) (0a3b1c6)
- user application dashboard (#727) (484c2f6)
Bug Fixes
- admins can not delete or disable their own account (f0c144c)
- authorization animation not working (9ac5d51)
- custom claims input suggestions instantly close after opening (4d59e72)
- delete WebAuthn registration session after use (#783) (c8478d7)
- set input type 'email' for email-based login (#776) (d541c9a)
(2025-07-21)
Bug Fixes
(2025-07-21)
Bug Fixes
- allow passkey names up to 50 characters (b03e91b)
- ensure user inputs are normalized (#724) (7b4ccd1)
- show rename and delete buttons for passkeys without hovering over the row (2952b15)
- use object-contain for images on oidc-client list (d3bc179)
- use user-agent for identifying known device signins (ef1d599)
(2025-07-09)
Bug Fixes
- ensure confirmation dialog shows on top of other components (f103a54)
- login failures on Postgres when IP is null (#737) (e1de593)
(2025-07-06)
Features
- add "key-rotate" command (#709) (8c8fc23)
- add support for OAuth 2.0 Authorization Server Issuer Identification (bf04256)
- distroless container additional variant + healthcheck command (#716) (1a41b05)
- encrypt private keys saved on disk and in database (#682) (5550729)
- enhance language selection message and add translation contribution link (be52660)
Bug Fixes
- actually fix linter issues (#720) (7fe83f8)
- add missing error check in initial user setup (fceb6fa)
- allow profile picture update even if "allow own account edit" enabled (9872608)
- app config forms not updating with latest values (#696) (92c57ad)
- auth fails when client IP is empty on Postgres (#695) (031181a)
- custom claims input suggestions flickering (49f1ab2)
- keep sidebar in settings sticky (e46f60a)
- linter issues (#719) (43f0114)
- show friendly name in user group selection (5c9e504)
- support non UTF-8 LDAP IDs (#714) (8131579)
- token introspection authentication not handled correctly (#704) (aefb308)
(2025-06-27)
Features
- improve initial admin creation workflow (287314f)
- redact sensitive app config variables if set with env variable (ba61cdb)
- self-service user signup (#672) (dcd1ae9)
Bug Fixes
- double double full stops for certain error messages (d070b9a)
- error page flickering after sign out (1a77bd9)
- improve accent color picker disabled state (d976bf5)
- less noisy logging for certain GET requests (#681) (043f82a)
- margin of user sign up description (052ac00)
- remove duplicate request logging (#678) (988c425)
- users can't be updated by admin if self account editing is disabled (29cb551)
(2025-06-22)
Bug Fixes
- app not starting if UI config is disabled and Postgres is used (7d36bda)
(2025-06-19)
Features
- allow setting unix socket mode (#661) (7677a3d)
- auto-focus on the login buttons (#647) (d679530)
- configurable local ipv6 ranges for audit log (#657) (d548523)
- location filter for global audit log (#662) (ac5a121)
- ui accent colors (#643) (883877a)
- use icon instead of text on application image update hover state (215531d)
Bug Fixes
- allow images with uppercase file extension (1bcb50e)
- center oidc client images if they are smaller than the box (946c534)
- explicitly cache images to prevent unexpected behavior (2e5d268)
- reduce duration of animations on login and signin page (#648) (d770448)
- use inline style for dynamic background image URL instead of Tailwind class (bef77ac)
(2025-06-09)
Bug Fixes
- change timestamp of
client_credentials.sqlmigration (2935236)
(2025-06-09)
Features
- add API endpoint for user authorized clients (d217083)
- add unix socket support (#615) (035b2c0)
- allow introspection and device code endpoints to use Federated Client Credentials (#640) (b62b61f)
- JWT bearer assertions for client authentication (#566) (05bfe00)
- new color theme for the UI (97f7326)
- oidc client data preview (#624) (c111b79)
Bug Fixes
- don't load app config and user on every route change (bdcef60)
- misleading text for disable animations option (657a51f)
- OIDC client image can't be deleted (61b62d4)
- UI config overridden by env variables don't apply on first start (5e9096e)
- use full width for audit log filters (575b2f7)
(2025-06-03)
Features
Bug Fixes
- allow users to update their locale even when own account update disabled (6c00aaa)
- clear default app config variables from database (decf8ec)
- don't use TOFU for logout callback URLs (#588) (256f74d)
- fallback to primary language if no translation available for specific country (2440379)
- improve spacing on auth screens (04fcf11)
- page scrolls up on form submisssion (31ad904)
- run jobs at interval instead of specific time (#585) (6d6dc66)
- show LAN for auditlog location for internal networks (b874681)
- small fixes in analytics_job (#582) (3d402fc)
- whitelist authorization header for CORS (b9489b5)
(2025-05-28)
Features
- add daily heartbeat request for counting Pocket ID instances (#578) (e0ec607)
- require user verification for passkey sign in (68e4b67)
- show allowed group count on oidc client list (#567) (38d7ee4)
Bug Fixes
- run user group count inside a transaction (f03b80f)
- use ldapAttributeUserUsername for finding group members (#565) (f66e8e8)
(2025-05-24)
⚠ BREAKING CHANGES
- serve the static frontend trough the backend (#520)
- remove old DB env variables, and jwk migrations logic (#529)
Features
- improve buttons styling (c37386f)
Bug Fixes
- add back month and year selection for date picker (6c35570)
- animation speed set to max of 300ms (c726c16)
- authorize page doesn't load (c3a03db)
- custom logo not correctly loaded if UI configuration is disabled (bf710ae)
- ldap tests (4dc0b2f)
- remove curly bracket from user group URL (5fa15f6)
- remove nested button in user group list (f57c8d3)
- show correct app name on sign out page (131f470)
- trim whitespaces from string inputs (059073d)
- use pointer cursor for menu items (f820fc8)
- use same color as title for description in alert (e19b33f)
Code Refactoring
- remove old DB env variables, and jwk migrations logic (#529) (f115425)
- serve the static frontend trough the backend (#520) (f8a7467)
(2025-05-08)
Features
- add support for
TZenvironment variable (5e2e947)
Bug Fixes
(2025-05-06)
Features
Bug Fixes
- correctly set script permissions inside Docker container (c55fef0)
(2025-05-03)
Bug Fixes
- allow LDAP users to update their locale (0b9cbf4)
- last name still showing as required on account form (#492) (cf3fe0b)
- non admin users weren't able to call the end session endpoint (6bd6cef)
(2025-04-28)
Features
Bug Fixes
- do not require PKCE for public clients (ce24372)
- hide global audit log switch for non admin users (1efd1d1)
- return correct error message if user isn't authorized (86d2b5f)
- updating scopes of an authorized client fails with Postgres (0a24ab8)
(2025-04-27)
Features
Bug Fixes
- do not override XDG_DATA_HOME/XDG_CONFIG_HOME if they are already set (#472) (22725d3)
- pass context to methods that were missing it (#487) (4c33793)
- prevent deadlock when trying to delete LDAP users (#471) (270c303)
- rootless Caddy data and configuration (#470) (76b753f)
(2025-04-20)
Features
- add ability to disable API key expiration email (9122e75)
- add ability to send login code via email (#457) (fe1c4b1)
- add description to callback URL inputs (eb689eb)
- send email to user when api key expires within 7 days (#451) (26f01f2)
Bug Fixes
- disable animations not respected on authorize and logout page (e571996)
- hide alternative sign in button if user is already authenticated (4e05b82)
- locale change in dropdown doesn't work on first try (60bad9e)
- remove limit of 20 callback URLs (c37a3e0)
(2025-04-18)
Features
Bug Fixes
- add "type" as reserved claim (0111a58)
- callback URL doesn't get rejected if it starts with a different string (f0dce41)
- profile picture empty for users without first or last name (#449) (5a6dfd9)
- user querying fails on global audit log page with Postgres (84f1d5c)
(2025-04-16)
Features
- add qrcode representation of one time link (#424) (#436) (abf17f6)
- disable animations setting toggle (#442) (b45cf68)
Bug Fixes
- define token type as claim for better client compatibility (adf7458)
(2025-04-13)
Features
- global audit log (#320) (b65e693)
- implement token introspection (#405) (7e5d16b)
- modernize ui (#381) (9881a1d)
- onboarding: Added button when you don't have a passkey added. (#426) (72061ba)
Bug Fixes
- add missing rollback for LDAP sync (658a9ca)
- create reusable default profile pictures (#406) (734c681)
- ensure file descriptors are closed + other bugs (#413) (2f76461)
- ensure indexes on audit_logs table (#415) (9e88926)
- ignore profile picture cache after profile picture gets updated (4ba6893)
- improve LDAP error handling (#425) (796bc7e)
- use transactions when operations involve multiple database queries (#392) (ec626ee)
- use UUID for temporary file names (ccc18d7)
Performance Improvements
- run async operations in parallel in server load functions (1762629)
(2025-03-29)
Features
Bug Fixes
- ldap users aren't deleted if removed from ldap server (7e65827)
- use value receiver for
AuditLogData(cbd1bbd) - use WAL for SQLite by default and set busy_timeout (#388) (519d58d)
(2025-03-25)
Features
Bug Fixes
- hash the refresh token in the DB (security) (#379) (8c96381)
- skip ldap objects without a valid unique id (#376) (cdfe816)
- stop container if Caddy, the frontend or the backend fails (e6f5019)
(2025-03-20)
Bug Fixes
- wrong base locale causes crash (3120ebf)
(2025-03-20)
Features
- add support for translations (#349) (269b5a3)
- passkeys: name new passkeys based on agguids (#332) (041c565)
(2025-03-18)
Bug Fixes
- kid not added to JWTs (f7e36a4)
(2025-03-18)
Features
(2025-03-18)
Features
Bug Fixes
(2025-03-16)
Bug Fixes
- API keys not working if sqlite is used (8ead0be)
- caching for own profile picture (e45d9e9)
- email logo icon displaying too big (#336) (b483e2e)
- emails are considered as medium spam by rspamd (#337) (39b7f66)
- Fixes and performance improvements in utils package (#331) (348192b)
- remove custom claim key restrictions (9f28503)
(2025-03-13)
Features
Bug Fixes
- docker: missing write permissions on scripts (ec4b41a)
(2025-03-11)
Features
Bug Fixes
- alternative login method link on mobile (9ef2ddf)
(2025-03-10)
Features
- add env variable to disable update check (31198fe)
Bug Fixes
- redirection not correctly if signing in with email code (e5ec264)
- typo in account settings (#307) (c822192)
(2025-03-10)
Features
- account: add ability to sign in with login code (#271) (eb1426e)
- increase default item count per page (a9713cf)
Bug Fixes
- add back setup page (6a8dd84)
- add timeout to update check (04efc36)
- make sorting consistent around tables (8e344f1)
(2025-03-06)
Features
Bug Fixes
(2025-03-03)
Bug Fixes
(2025-03-03)
Bug Fixes
- profile picture orientation if image is rotated with EXIF (1026ee4)
(2025-03-01)
Bug Fixes
- add
groupsscope and claim to well known endpoint (4bafee4) - profile picture of other user can't be updated (#273) (ef25f6b)
- support POST for OIDC userinfo endpoint (1652cc6)
(2025-02-25)
Bug Fixes
- add option to manually select SMTP TLS method (#268) (01a9de0)
- ldap: sync error if LDAP user collides with an existing user (fde951b)
(2025-02-24)
Bug Fixes
- delete profile picture if user gets deleted (9a167d4)
- updating profile picture of other user updates own profile picture (887c5e4)
(2025-02-22)
Bug Fixes
- add validation that
PUBLIC_APP_URLcan't contain a path (a6ae7ae) - binary profile picture can't be imported from LDAP (840a672)
(2025-02-19)
Features
Bug Fixes
- app config strings starting with a number are parsed incorrectly (816c198)
- emails do not get rendered correctly in Gmail (dca9e7a)
(2025-02-16)
Features
(2025-02-14)
Features
Bug Fixes
- alignment of OIDC client details (c3980d3)
- layout of OIDC client details page on mobile (3de1301)
- show "Sync Now" and "Test Email" button even if UI config is disabled (4d0fff8)
(2025-02-13)
Features
- add ability to set custom Geolite DB URL (2071d00)
(2025-02-12)
Features
- add ability to override the UI configuration with environment variables (4e85842)
- add warning for only having one passkey configured (#220) (39e403d)
- display source in user and group table (#225) (9ed2adb)
Bug Fixes
(2025-02-08)
Features
- add custom ldap search filters (#216) (626f87d)
- update host configuration to allow external access (#218) (bea1158)
(2025-02-05)
Features
- add JSON support in custom claims (15cde6a)
- add option to disable Caddy in the Docker container (e864d5d)
(2025-02-04)
Bug Fixes
- don't return error page if version info fetching failed (d06257e)
(2025-02-03)
Features
- allow LDAP users and groups to be deleted if LDAP gets disabled (9ab1787)
- map allowed groups to OIDC clients (#202) (13b02a0)
Bug Fixes
- caddy: trusted_proxies for IPv6 enabled hosts (#189) (37a835b)
- missing user service dependency (61e71ad)
- non LDAP user group can't be updated after update (ecd74b7)
- use cursor pointer on clickable elements (7798580)
(2025-01-27)
Bug Fixes
(2025-01-24)
Bug Fixes
- add
__HOSTprefix to cookies (#175) (164ce6a) - send hostname derived from
PUBLIC_APP_URLwith SMTP EHLO command (397544c) - use OS hostname for SMTP EHLO message (47c39f6)
(2025-01-22)
Features
Bug Fixes
- add save changes dialog before sending test email (#165) (d02f475)
- ensure the downloaded GeoLite2 DB is not corrupted & prevent RW race condition (#138) (f7710f2)
(2025-01-20)
Features
- support wildcard callback URLs (8a1db0c)
Bug Fixes
- non LDAP users get created with a empty LDAP ID string (3f02d08)
(2025-01-19)
Bug Fixes
- disable account details inputs if user is imported from LDAP (a8b9d60)
(2025-01-19)
Features
- add LDAP sync (#106) (5101b14)
- allow sign in with email (#100) (06b90ed)
- automatically authorize client if signed in (d5dd118)
Bug Fixes
- always set secure on cookie (#130) (fda08ac)
- don't panic if LDAP sync fails on startup (e284e35)
- improve spacing of checkboxes on application configuration page (090eca2)
- search input not displayed if response hasn't any items (05a98eb)
- session duration ignored in cookie expiration (bc8f454)
(2025-01-13)
Bug Fixes
- audit log table overflow if row data is long (4d337a2)
- optional arguments not working with
create-one-time-access-token.sh(8885571) - remove restrictive validation for group names (be6e25a)
(2025-01-11)
Features
- add sorting for tables (fd69830)
Bug Fixes
- pkce state not correctly reflected in oidc client info (61d18a9)
- send test email to the user that has requested it (a649c4b)
(2025-01-03)
Features
- add PKCE for non public clients (adcf3dd)
- use same table component for OIDC client list as all other lists (2d31fc2)
(2025-01-01)
Features
- add warning if passkeys missing (2d0bd8d)
Bug Fixes
- allow first and last name of user to be between 1 and 50 characters (1ff20ca)
- hash in callback url is incorrectly appended (f6f2736)
- make user validation consistent between pages (333a1a1)
- passkey can't be added if
PUBLIC_APP_URLincludes a port (0729ce9)
(2024-12-17)
Features
- improve error state design for login page (0716c38)
Bug Fixes
- OIDC client logo gets removed if other properties get updated (789d939)
(2024-12-13)
Bug Fixes
create-one-time-access-token.shscript not compatible with postgres (34e3519)- wrong date time datatype used for read operations with Postgres (bad901e)
(2024-12-12)
Features
(2024-11-29)
Features
(2024-11-28)
Features
- add option to disable TLS for email sending (f9fa2c6)
- allow empty user and password in SMTP configuration (a9f4dad)
Bug Fixes
- email save toast shows two times (f2bfc73)
(2024-11-26)
⚠ BREAKING CHANGES
- add option to specify the Max Mind license key for the Geolite2 db
Features
- add option to specify the Max Mind license key for the Geolite2 db (fcf08a4)
Bug Fixes
(2024-11-24)
Features
(2024-11-21)
Features
- add option to skip TLS certificate check and ability to send test email (653d948)
- add PKCE support (3613ac2)
Bug Fixes
- mobile layout overflow on application configuration page (e784093)
(2024-11-11)
Features
- add audit log event for one time access token sign in (aca2240)
Bug Fixes
- overflow of pagination control on mobile (de45398)
- time displayed incorrectly in audit log (3d3fb4d)
(2024-11-01)
Features
- add list empty indicator (becfc00)
Bug Fixes
- errors in middleware do not abort the request (376d747)
- typo in Self-Account Editing description (5b9f4d7)
(2024-10-31)
Features
- add ability to define expiration of one time link (2ccabf8)
(2024-10-28)
Features
- add option to disable self-account editing (8304065)
- add validation to custom claim input (7bfc3f4)
- custom claims (#53) (c056089)
(2024-10-25)
Features
- add
email_verifiedclaim (5565f60)
Bug Fixes
- powered by link text color in light mode (18c5103)
(2024-10-23)
Features
- add script for creating one time access token (a1985ce)
- add version information to footer and update link if new update is available (70ad0b4)
Bug Fixes
- cache version information for 3 hours (29d632c)
- improve text for initial admin account setup (0a07344)
- increase callback url count (f3f0e1d)
- no DTO was returned from exchange one time access token endpoint (824c5cb)
(2024-10-18)
Features
- add environment variable to change the caddy port in Docker (ff06bf0)
- use improve table for users and audit logs (11ed661)
Bug Fixes
- allow copy to clipboard for client secret (29748cc)
(2024-10-11)
Bug Fixes
- add key id to JWK (282ff82)
(2024-10-04)
Features
- add location based on ip to the audit log (025378d)
(2024-10-03)
Bug Fixes
- initials don't get displayed if Gravatar avatar doesn't exist (e095628)
(2024-10-03)
⚠ BREAKING CHANGES
- add ability to set light and dark mode logo
Features
- add ability to set light and dark mode logo (be45eed)
(2024-10-02)
Features
- add copy to clipboard option for OIDC client information (f82020c)
- add gravatar profile picture integration (365734e)
- add user groups (24c948e)
Bug Fixes
- only return user groups if it is explicitly requested (a4a90a1)
(2024-09-26)
Bug Fixes
- add space to "Firstname" and "Lastname" label (#31) (d6a9bb4)
- port environment variables get ignored in caddyfile (3c67765)
(2024-09-19)
Bug Fixes
- updated application name doesn't apply to webauthn credential (924bb14)
(2024-09-16)
Features
Bug Fixes
- debounce oidc client and user search (9c2848d)
(2024-09-09)
Features
(2024-09-06)
Features
- add name claim to userinfo endpoint and id token (4e7574a)
Bug Fixes
- limit width of content on large screens (c6f83a5)
- show error message if error occurs while authorizing new client (8038a11)
(2024-09-03)
Features
Bug Fixes
- non pointer passed to create user (e7861df)
- oidc client logo not displayed on authorize page (28ed064)
- typo in hasLogo property of oidc dto (2b9413c)
(2024-08-24)
Bug Fixes
- empty lists don't get returned correctly from the api (97f7fc4)
(2024-08-23)
Features
- add support for multiple callback urls (8166e2e)
Bug Fixes
- db migration for multiple callback urls (552d7cc)
(2024-08-19)
Bug Fixes
- session duration can't be updated (4780548)
(2024-08-19)
Features
- add
INTERNAL_BACKEND_URLenv variable (0595d73) - add user info endpoint to support more oidc clients (fdc1921)
- change default logo (9eec7a3)
(2024-08-13)
Bug Fixes
- add missing passkey flags to make icloud passkeys work (cc407e1)
- logo not white in dark mode (5749d05)
(2024-08-13)
Features
- add option to change session duration (475b932)
Bug Fixes
- a non admin user was able to make himself an admin (df0cd38)
- background image not loading (7b44189)
- background image on mobile (4a808c8)
- disable search engine indexing (8395492)
(2024-08-12)
Features
- add rounded corners to logo (bec908f)
Bug Fixes
- one time link not displayed correctly (486771f)