web/maint/dependency: maint 1#22506
Open
kensternberg-authentik wants to merge 26 commits into
Open
Conversation
window.authentik.flow = {
"layout": "{{ flow.layout }}",
+ "background": "{{ flow.background }}",
+ "title": "{{ flow.title }}",
};
Amends the `flow.html` template and `GlobalAuthentik` parser to include new parameters, `background` and `title`, in the flow-specific part of the configuration written to the HTML `<head>` object, and to provide those parameters to client code.
## Why
The `layout` is start-up critical: it tells the Flow interface how the admin wants the Flow page to look, and allows the HTML and CSS to be pre-aligned to that condition. `layout` is determined on a per-Flow bases, not a per-Stage basis; Flows are derived from a tuple of `(Brand, Application?)`, where the opening policy *may* direct a user to a different flow if the user reached authentik via a redirect from a specific application, but will otherwise fall back to the default Flow for the Brand.
The `background` is a field that is required if the `Flow`’s layout is of type `frame_background`; in this case, the part of the viewport not dedicated to the FlowExecutor is reserved for an `<iframe>` that will be filled in with whatever the administrator specifies. Although this gives it the same priority as `layout` (whether it’s provided or undefined) for describing the [chrome](https://developer.mozilla.org/en-US/docs/Glossary/Chrome) around a challenge, it is currently not provided to the application in the start-up config; it is provided in the `challenge` and renders the IFrame as part of the initial challenge.
This patch fixes that; if `layout` is provided, `background` ought to be as well, even if it’s empty. The execution of a Challenge ought not have any influence over the look and feel of the Flow-defined appearance *around* that Challenge.
I have added `title` as well; with that, all of the current theme-and-appearance related configuration details are placed into `<head>` and can be removed from the FlowExecutor.
Server-side, `background` is currently specified: `background = FileField(blank=True, default="")` which is … interesting since we also appear to store URLs in it. I don’t see anything in the FlowSerializer that would change that from a client’s point of view.
This patch furthers the effort to separate flow execution from flow presentation.
- \[🐰\] The code has been formatted (`make web`)
* main: (36 commits) website: fix typos (#20996) internal/outpost/ak: fix ws URL on outpost restart (#21041) sources/ldap: fix incorrect error response for invalid sync_users_password (#21016) website/docs: add missing dependencies for linux dev environment (#21020) core, web: update translations (#21021) web: bump flatted from 3.4.1 to 3.4.2 in /web (#21037) web: bump @sentry/browser from 10.44.0 to 10.45.0 in /web in the sentry group across 1 directory (#21022) website: bump flatted from 3.4.1 to 3.4.2 in /website (#21038) core: bump astral-sh/uv from 0.10.11 to 0.10.12 in /lifecycle/container (#21027) ci: bump actions-rust-lang/setup-rust-toolchain from 1.15.3 to 1.15.4 in /.github/actions/setup (#21030) ci: bump taiki-e/install-action from 2.68.26 to 2.69.2 in /.github/actions/setup (#21029) core: bump goauthentik/fips-debian from `7baeeaa` to `7726387` in /lifecycle/container (#21028) core: bump aws-cdk-lib from 2.243.0 to 2.244.0 (#21026) core: bump types-ldap3 from 2.9.13.20251121 to 2.9.13.20260319 (#21024) core: bump ruff from 0.15.6 to 0.15.7 (#21023) core: bump goauthentik/fips-python from `859ad57` to `bf45eb7` in /lifecycle/container (#21025) website/integrations: fix AWS SCIM with Identity Center (#21017) root: allow listening on multiple IPs (#20930) website: switch docs analytics to gtag (#20993) web: link file picker to docs (#20995) ...
* main: (22 commits) ci: rotate GH App private key (#21085) internal/web: remove authentication for metrics (#21077) lib/config: explicit some defaults (#21079) internal: remove unix sockets on shutdown (#21081) ci: fix escaping in cherry-pick action (#21082) lib/config: support printing multiple values (#21080) root: fix rust setup (#21078) core: bump types-docker from 7.1.0.20260109 to 7.1.0.20260322 (#21062) policies: remove BufferedPolicyAccessView leftovers (#21057) core: bump axllent/mailpit from v1.29.3 to v1.29.4 in /tests/e2e (#21061) core: bump types-channels from 4.3.0.20250822 to 4.3.0.20260321 (#21063) core: bump github.com/jackc/pgx/v5 from 5.8.0 to 5.9.1 (#21059) translate: Updates for project authentik and language fr_FR (#21056) ci: bump taiki-e/install-action from 2.69.2 to 2.69.6 in /.github/actions/setup (#21068) web: bump the storybook group across 1 directory with 5 updates (#21031) web: bump knip from 5.88.0 to 5.88.1 in /web (#21033) web: bump type-fest from 5.4.4 to 5.5.0 in /web (#21032) events: prevent exception when events contains incompatible unicode (#21048) web/admin: handle non-string values in formatUUID to prevent Event Log crash (#20804) events: avoid implicitly setting context from login_failed event (#21045) ...
* main: core: remove filter_not_expired for QS (#18274) tenants: fix default schema in initial migration (#21114) core: bump django-stubs[compatible-mypy] from 5.2.9 to 6.0.1 (#21099) core, web: update translations (#21097) lifecycle/aws: bump aws-cdk from 2.1112.0 to 2.1113.0 in /lifecycle/aws (#21098) core: bump types-requests from 2.32.4.20260107 to 2.32.4.20260324 (#21100) core: bump constructs from 10.5.1 to 10.6.0 (#21101) core: bump astral-sh/uv from 0.10.12 to 0.11.0 in /lifecycle/container (#21103) ci: bump taiki-e/install-action from 2.69.6 to 2.69.7 in /.github/actions/setup (#21104) web: bump flatted from 3.4.1 to 3.4.2 (#21076) core: bump goauthentik.io/api/v3 to 3.2026.5.0-rc1-1774286095 (#21089) core: bump cbor2 from 5.8.0 to 5.9.0 (#21094) ci: fix cherry-pick action generating empty title (#21091) web: bump the swc group across 1 directory with 11 updates (#21070) web: bump yaml from 2.8.2 to 2.8.3 in /web (#21071) core: add flag for future default behaviour of requiring a binding to access an application (#16247)
* main: (26 commits) endpoints/connectors: fix enabled flag not respected (#21144) web: bump vite from 7.3.1 to 8.0.2 in /web (#21109) website/docs: add a single page about our user interface, document Consent stage (#20533) website: bump the build group across 1 directory with 9 updates (#21127) web: bump knip from 5.88.1 to 6.0.5 in /web (#21129) core: bump drf-spectacular from 0.28.0 to 0.29.0 (#19420) packages/client-go: init (#21139) providers/proxy: Add a default maxResponseBodySize to Traefik Middleware (#21111) core: bump library/nginx from `dec7a90` to `7150b3a` in /website (#21137) core: bump gunicorn from 25.1.0 to 25.2.0 (#21134) core: bump github.com/getsentry/sentry-go from 0.43.0 to 0.44.1 (#21122) core: bump astral-sh/uv from 0.11.0 to 0.11.1 in /lifecycle/container (#21135) ci: bump taiki-e/install-action from 2.69.8 to 2.69.9 in /.github/actions/setup (#21136) web/a11y: Modals, Command Palette (Merge branch) (#17812) website/docs: document file picker values (#20994) packages/client-rust: init (#21117) core: bump sentry-sdk from 2.55.0 to 2.56.0 (#21124) events: add helper to log deprecation configuration_warning message (#21115) core: bump djangorestframework from 3.17.0 to 3.17.1 (#21126) core: bump twilio from 9.10.3 to 9.10.4 (#21123) ...
* main: (21 commits) root: cleanup API generation (#21172) packages/client-ts: init (#21120) core, web: update translations (#21159) website: bump @goauthentik/docusaurus-config from 2.5.1 to 2.6.0 in /website in the docusaurus group (#21161) core: bump cryptography from 46.0.5 to 46.0.6 (#21162) core: bump library/node from 25.8.1-trixie to 25.8.2-trixie in /website (#21163) ci: bump taiki-e/install-action from 2.69.9 to 2.69.10 in /.github/actions/setup (#21164) web: bump the goauthentik group across 1 directory with 3 updates (#21165) web: bump typescript from 5.9.3 to 6.0.2 in /web (#21107) web/flows: fix continuous flow leftovers (#21158) web: bump picomatch from 4.0.3 to 4.0.4 (#21157) web: bump yaml from 2.8.2 to 2.8.3 (#21156) website: bump picomatch in /website (#21155) web: bump smol-toml from 1.6.0 to 1.6.1 (#21154) web: bump picomatch from 2.3.1 to 2.3.2 in /web (#21153) web: bump smol-toml from 1.6.0 to 1.6.1 in /web (#21152) root: optimise api client generation speed (#21141) website/integrations: nextcloud add back-channel logout documentation (#21147) core: bump requests from 2.32.5 to 2.33.0 (#21146) web: bump chromedriver from 146.0.5 to 146.0.6 in /web (#21128) ...
* main: website/integrations: add OAUTH_AUTO_REDIRECT for karakeep (#21180) website/integrations: beszel: add email scope (#21176) web: lint/small type errors (#21179) packages/django-dramatiq-postgres: add index for (queue_name, state, eta) (#21175) root: add git attributes for generated/vendored (#21177) web: bump vite from 8.0.2 to 8.0.3 in /web (#21171) core, web: Vendored client follow-ups (#21174) website: Enable gtag in production (#21151)
* main: (52 commits) stages/authenticator_webauthn: save attestation certificate when creating credential (#20095) web/admin: fix missing icon on app view page (#21251) web/elements: allow table per-column options (#21250) ci: bump actions/setup-go from 6.3.0 to 6.4.0 (#21245) web: bump knip from 6.0.6 to 6.1.0 in /web (#21241) web: bump globby from 16.1.1 to 16.2.0 in /web (#21242) core: bump types-requests from 2.32.4.20260324 to 2.33.0.20260327 (#21236) core: bump types-docker from 7.1.0.20260322 to 7.1.0.20260328 (#21237) core: bump aws-cdk-lib from 2.244.0 to 2.245.0 (#21238) ci: bump int128/docker-manifest-create-action from 2.16.0 to 2.17.0 (#21244) ci: bump astral-sh/setup-uv from 7.6.0 to 8.0.0 in /.github/actions/setup (#21246) ci: bump taiki-e/install-action from 2.69.12 to 2.70.2 in /.github/actions/setup (#21247) ci: bump actions/setup-go from 6.3.0 to 6.4.0 in /.github/actions/setup (#21248) core, web: update translations (#21233) translate: Updates for project authentik and language fr_FR (#21214) web/admin: polish recent events, various button alignments and labels (#21232) outposts: Create separate metrics service in Kubernetes (#21229) events: fix exception in volume endpoint, adjust simple table size (#21230) core: Application stats, device events & cleanup (#21225) core: bump axllent/mailpit from v1.29.4 to v1.29.5 in /tests/e2e (#21226) ...
* main: translate: Updates for project authentik and language fr_FR (#21285) packages/django-postgres-cache: rework to use ORM (#17771) providers/saml: Fix redirect for saml slo (#21258) core: fix provider not nullable (#21275) website/docs: ad source: add note about ldap signing (#21274) website/api: update API clients doc (#21202) ci: bump taiki-e/install-action from 2.70.2 to 2.70.3 in /.github/actions/setup (#21267) lifecycle/aws: bump aws-cdk from 2.1114.1 to 2.1115.0 in /lifecycle/aws (#21265) core, web: update translations (#21264) packages/ak-lib: init (#21257) website/docs: document group_uuid as a property for group object (#20865) web/flow: extract lifecycle events peripheral to stage management into their own controllers (#20898) core: bump pygments from 2.19.2 to 2.20.0 (#21260) website/docs: add grafana dashboard (#21254)
* main: packages/django-postgres-cache: fix expiry and delete (#21307) website/docs: entra scim: add note about validator (#21273) core: bump djangorestframework-stubs[compatible-mypy] from 3.16.8 to 3.16.9 (#21294) web: bump @xmldom/xmldom from 0.8.11 to 0.8.12 in /web (#21301) blueprints: rework one-time import (#18074) lifecycle/aws: bump aws-cdk from 2.1115.0 to 2.1115.1 in /lifecycle/aws (#21293) core, web: update translations (#21288) core: bump sentry-sdk from 2.56.0 to 2.57.0 (#21295) core: bump aws-cdk-lib from 2.245.0 to 2.246.0 (#21296) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#21290) ci: bump getsentry/action-release from 3.5.0 to 3.6.0 (#21298) ci: bump taiki-e/install-action from 2.70.3 to 2.70.4 in /.github/actions/setup (#21299) website/docs: add example recovery flow with MFA (#19497) website/docs: format cache settings (#21289) source/saml: Add forceauthn to saml authnrequest (#20883)
* main: (26 commits) root: fix compose generation for patch releases release candidates (#21353) web: bump @swc/cli from 0.8.0 to 0.8.1 in /web in the swc group across 1 directory (#21300) providers/proxy: fix oidc client not using socket in embedded outpost (#21280) packages/client-rust: fix portable sed usage (#21337) packages/ak-common/tokio/proxy_procotol: init (#21311) packages/ak-common/config: init (#21256) core: bump beryju.io/ldap from 0.1.0 to 0.2.1 (#21235) web: bump @sentry/browser from 10.46.0 to 10.47.0 in /web in the sentry group across 1 directory (#21297) packages/ak-common/arbiter: init (#21253) website/docs: fix full dev setup ordering (#21332) core: bump types-docker from 7.1.0.20260328 to 7.1.0.20260402 (#21342) packages/ak-common: rename from ak-lib (#21314) root: fix rustfmt config (#21312) core: bump types-ldap3 from 2.9.13.20260319 to 2.9.13.20260402 (#21343) web: bump the bundler group across 1 directory with 4 updates (#21345) core: bump aiohttp from 3.13.3 to 3.13.4 (#21333) core, web: update translations (#21335) lifecycle/aws: bump aws-cdk from 2.1115.1 to 2.1116.0 in /lifecycle/aws (#21338) core: bump types-requests from 2.33.0.20260327 to 2.33.0.20260402 (#21339) core: bump django-stubs[compatible-mypy] from 6.0.1 to 6.0.2 (#21340) ...
* main: website/docs: Clean up PostgreSQL documentation (#21131)
* main: (58 commits) packages/ak-axum/error: init (#21315) packages/ak-axum: init (#21313) website: bump the build group across 1 directory with 9 updates (#21396) core: bump jwcrypto from 1.5.6 to 1.5.7 (#21423) web: bump fuse.js from 7.1.0 to 7.3.0 in /web (#21429) web: bump the bundler group across 1 directory with 3 updates (#21425) web: bump cspell from 9.7.0 to 10.0.0 (#21427) web: bump knip from 6.1.0 to 6.3.0 in /web (#21428) sources/ldap: Switch to new connection tracking, deprecated attribute-based connection (#21392) packages/ak-common/mode: init (#21259) packages/ak-common/tracing: init (#21263) web/admin: Improve WS-Fed algo selection logic (#20881) packages/ak-common/tls: init (#21262) packages/ak-common/config: add set helper for tests (#21356) tasks: allow retry for rejected tasks only (#21433) core, web: update translations (#21394) website/docs: clarify file upload troubleshooting (#21361) ci: bump aws-actions/configure-aws-credentials from 6.0.0 to 6.1.0 (#21424) core: bump uvicorn[standard] from 0.43.0 to 0.44.0 (#21422) ci: bump taiki-e/install-action from 2.73.0 to 2.74.0 in /.github/actions/setup (#21426) ...
* main: (38 commits) website/integrations: update FortiGate SSLVPN doc (#21475) ci: cache apt install (#21480) packages/ak-common: use imports where possible (#21478) packages/ak-axum/server: cleanup unix socket (#21477) packages/ak-common, ak-axum: improve logging (#21476) packages/ak-axum/extract/scheme: init (#21322) core: fix policy binding objects not being nullable (#21421) packages/ak-axum/extract/client_ip: init (#21321) translate: Updates for project authentik and language fr_FR (#21474) website: bump the docusaurus group in /website with 10 updates (#21452) packages/docusaurus-config: update config for docusaurus 3.10 (#21471) packages/ak-axum/extract/trusted_proxy: init (#21320) web: Fix duplicate Turnstile widgets after extended idle (#21380) packages/ak-axum/accept/proxy_protocol: init (#21319) web: bump chromedriver from 147.0.0 to 147.0.1 in /web (#21467) ci: fix `docker-push-variables` (#21470) core, web: update translations (#21450) docs,ci: fix main daily compose downloads + release template (#21448) web: bump the storybook group across 1 directory with 5 updates (#21460) core: bump cryptography from 46.0.6 to 46.0.7 (#21456) ...
* main: (36 commits) web/e2e: accept options in NavigatorFixture.waitForPathname (#21507) web/styles: switch to upstream RedHat variable fonts and brighten orange palette (#21509) web/styles: add ak-c-loading-skeleton CSS component (#21510) core, web: update translations (#21532) core: bump lxml from 6.0.2 to 6.0.3 (#21523) core: bump library/node from `45babd1` to `9707cd4` in /lifecycle/container (#21522) tasks: better error message for Retry exceptions (#18235) web/admin: fix user list avatar (#21531) core: bump django from v5.2.12 to 5.2.13 (#21520) core: add cooldown to dependabot (#21286) web/admin: include avatar in user list page (#21518) events: add index on Event.user.pk (#19576) ci: always run apt update (#21516) enterprise/search: move QL to open source] (#21484) core: add logging when session decode fails (#21514) website/docs: Refactor email configuration (#21130) core: bump types-ldap3 from 2.9.13.20260402 to 2.9.13.20260408 (#21493) packages/ak-common/db: init (#21357) packages/ak-axum/extract/host: init (#21323) web: bump knip from 6.3.0 to 6.3.1 in /web (#21505) ...
* main: (269 commits) root: fix rust build with uv-installed Python (#21858) core: add support for hiding applications from the user dashboard (#21530) core: bump ruff from 0.15.11 to 0.15.12 (#21871) packages/ak-axum/router: add X-Powered-By to all responses (#21940) core: bump microsoft-kiota-serialization-form from 1.9.8 to v1.10.1 (#21909) core: bump pytest-randomly from 4.0.1 to 4.1.0 (#21873) core: users/groups reduce number of database queries (#20431) core: bump types-channels from 4.3.0.20260408 to 4.3.0.20260421 (#21872) ci: bump taiki-e/install-action from 2.75.21 to 2.75.22 in /.github/actions/setup (#21877) core, web: update translations (#21870) sources/oauth: ensure user ID is returned as str (#21880) translate: Updates for project authentik and language no_NO (#21862) core: bump maxminddb from 3.0.0 to v3.1.1 (#21907) core: bump prometheus-client from 0.24.0 to v0.25.0 (#21919) core: bump azure-identity from 1.25.1 to v1.25.3 (#21886) core: bump aiohttp from 3.13.4 to v3.13.5 (#21882) core: bump anyio from 4.12.1 to v4.13.0 (#21883) core: bump asgiref from 3.11.0 to v3.11.1 (#21884) core: bump azure-core from 1.38.0 to v1.39.0 (#21885) core: bump blessed from 1.25.0 to v1.38.0 (#21887) ...
* main: web: bump knip from 6.6.0 to 6.6.3 in /web (#21981) packages/ak-common/tracing: make log level lowercase (#21991) root: only allow listen failure in dev (#21987) flows: preserve signed background URLs in CSS (#21868) core, web: update translations (#21966) core: fix search for app entitlements failing (#21944) ci: bump taiki-e/install-action from 2.75.22 to 2.75.23 in /.github/actions/setup (#21982) website/integrations: Refactor and cleanup GitHub Enterprise (#21685) web: Clear remember me before navigation. (#21647) web: bump knip from 6.4.1 to 6.6.0 in /web (#21957) core: bump github.com/getsentry/sentry-go from 0.45.1 to 0.46.0 (#21955) core: bump uvicorn[standard] from 0.44.0 to 0.45.0 (#21956) core: bump rustls from 0.23.39 to 0.23.40 (#21958) core: support hashed password in users API + automated install (#18686) core, web: update translations (#21952) providers/saml: generate issuer url when provider is set on app (#18022)
* main: web/admin: use bindings form for app entitlements (#22007) website/integrations: Add guide to integrate Technitium DNS with authentik (#21826) website/docs: clarify M2M scope requests (#21977) website/docs: clarify LDAP TLS verification (#21974) website/docs: clarify blueprint identifiers (#21976) website/docs: document promoted sources (#21979) lifecycle/aws: bump aws-cdk from 2.1118.4 to 2.1119.0 in /lifecycle/aws (#22001) web: bump the swc group across 1 directory with 11 updates (#22004) core: bump uvicorn[standard] from 0.45.0 to 0.46.0 (#22002) web: bump @sentry/browser from 10.49.0 to 10.50.0 in /web in the sentry group across 1 directory (#22003) ci: bump taiki-e/install-action from 2.75.23 to 2.75.25 in /.github/actions/setup (#22005) core: bump reqwest from 0.13.2 to 0.13.3 (#22006) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#21999) core, web: update translations (#21998) enterprise: account lockdown (#18615) enterprise/lifecycle: remove one review per object limitation (#21046)
* main: (36 commits) website/integrations: actual budget: add env var (#22036) website/docs: add webhook mapping examples (#21971) website/integrations: fix nextcloud LDAP group mapping (#21970) website/docs: preserve blueprint download filenames (#21969) web: Radio and Checkbox Input Revisions (#21792) providers/oauth: make rp init logout oidc certification changes (#21815) website/docs: document SCIM custom attributes (#21980) root: introduce allinone mode (#21990) website/docs: add SAML source mapping guidance (#21978) website/docs: fix misplaced AWS-LC clang warning (#22034) lifecycle/worker_process: fix healthchecks and metrics not reloading db connections after a failure (#21992) root: add more logging to worker requests (#21989) root/channels: use group_send_blocking where possible (#21993) core, web: update translations (#22014) translate: Updates for project authentik and language fr_FR (#22015) enterprise/providers/ssf: more conformance fixes (#21521) web/flows: update flow background (#22032) website/integrations: update NetBox OIDC config (#22018) web: bump @formatjs/intl-listformat from 8.3.2 to 8.3.4 in /web (#22026) web: bump knip from 6.6.3 to 6.7.0 in /web (#22027) ...
* main: (24 commits) root: update django to 5.2.14 (#22064) tenants: add option to mark flag as deprecated (#22063) web/stages: better wording for webauthn authenticator attachments options (#22062) web: bump vite from 8.0.8 to 8.0.10 in /web (#21842) api: set authenticated session user agent nullable properties (#22059) web/admin: redirect stage: adds mention of static url (#22060) web: bump axios from 1.15.0 to 1.16.0 in /web (#22058) providers/oauth2: override RedirectURITypeEnum capitalization for generated API (#22037) website/docs: document language settings (#21968) website/docs: document supported PostgreSQL versions (#21967) website: bump docusaurus-theme-openapi-docs from 5.0.1 to 5.0.2 in /website (#22052) web: bump the storybook group across 1 directory with 5 updates (#22024) revert: web: Consistent use of "User Dashboard" (#22038) (#22046) core: bump metrics-exporter-prometheus from 0.18.1 to 0.18.3 (#22057) core, web: update translations (#22047) core: bump cryptography from 47.0.0 to 48.0.0 (#22053) core: bump psycopg[c,pool] from 3.3.3 to 3.3.4 (#22054) ci: bump taiki-e/install-action from 2.75.28 to 2.75.29 in /.github/actions/setup (#22056) web: remove native fieldset borders from action groups (#21334) website/docs: document blueprint import options (#21973) ...
* main: root: ensure uv sync does not update uv.lock (#22084) core: bump dramatiq from 1.17.1 to 2.1.0 (#22076) web: Fix Vendored Lex package. Add Unit Tests (#22083) core, web: update translations (#22074) website: bump the build group in /website with 6 updates (#22075) web: bump ip-address from 10.1.0 to 10.2.0 in /web (#22082) web: bump the swc group across 1 directory with 11 updates (#22078) ci: bump taiki-e/install-action from 2.75.29 to 2.75.30 in /.github/actions/setup (#22077) web: bump country-flag-icons from 1.6.16 to 1.6.17 in /web (#22079) web: bump yaml from 2.8.3 to 2.8.4 in /web (#22080) core: bump sentry from 0.47.0 to 0.48.0 (#22081) packages/client-ts: Fix TypeScript config, ESBuild warnings (#21863) web: fix identification stage OUIA attributes (#22049) stages/invitation: Invitation wizard (#20399) Web/release202604/nits 2 (#22040) web: Gracefully handle missing element construction. (#21787)
* main: (46 commits) events: fix `destination_group_obj` not being nullable (#22161) tenants/settings: present unset flags as `False` (#22162) root: fix version bump sed command (#22149) website: Add PhotoPrism integration guide (#22146) website: Add PostHog integration guide (#22147) website/docs: update user credentials tab docs (#22143) website/docs: release notes for 2026.5.0 (#21997) website/docs: document cross-provider token introspection (#22142) website/docs: add Wazuh SAML signing certificate step (#22071) website/docs: fix frontend dev environment paths and compose override usage (#20976) website/integrations: Add Splunk Enterprise Integration Guide (#20765) website/integrations: add Anthropic integration guides (#22134) website/integrations: Add christiaangoossens/hass-oidc-auth to the Home Assistant integration docs (#21730) website/integrations: Use correct API scope for Netbird (#21780) website/integrations: ? (#22138) website/docs: add CMake to full dev environment (#22137) locale: fix de_DE locale placeholder (#22130) website/docs: stages cleanup (#21558) website: bump the build group in /website with 3 updates (#22104) web: bump basic-ftp from 5.3.0 to 5.3.1 in /web (#22131) ...
* main: (47 commits) core: bump python-kadmin-rs from 0.7.1 to 0.7.2 (#22234) website: bump react-dom from 19.2.5 to 19.2.6 in /website (#22198) web: bump the react group across 1 directory with 2 updates (#22208) web: bump knip from 6.9.0 to 6.11.0 in /web (#22212) web: bump @formatjs/intl-listformat from 8.3.4 to 8.3.5 in /web (#22211) website: bump react from 19.2.5 to 19.2.6 in /website (#22199) core: update psycopg[pool] requirement from <4,>=3 to >=3.3.4,<4 (#22201) core: bump the uv group across 1 directory with 2 updates (#22237) ci: fix make gen in release workflows (#22235) ci: run make gen when tagging a new release (#22229) ci: Improve branch-off action description (#22188) web/admin: fix user wizard close button (#22222) core: bump pydantic from 2.13.3 to 2.13.4 (#22207) core: bump tokio from 1.52.1 to 1.52.2 (#22160) core: bump library/node from `735dd68` to `4f2b45e` in /lifecycle/container (#22210) core, web: update translations (#22140) core: bump twilio from 9.10.5 to 9.10.9 (#22202) core: bump python-kadmin-rs from 0.7.0 to 0.7.1 (#22205) core: bump cachetools from 7.0.6 to 7.1.1 (#22204) core: bump types-requests from 2.33.0.20260408 to 2.33.0.20260503 (#22206) ...
…support Moves the `./element/oauth` components to `./admin/users`. They're API-aware (so they're components, not elements) and they're not general-purpose (used only by Admin, so they should be closer to where they're used). Not sure why `uv.lock` changed. \# What \# Why \# How \# Designs \# Test Steps \# Other Notes
* main: (121 commits) core: bump types-docker from 7.1.0.20260508 to 7.1.0.20260512 (#22470) outposts: fix stale version in OutpostState (#22487) ci: bump int128/docker-manifest-create-action from 2.20.0 to 2.21.0 (#22480) ci: bump taiki-e/install-action from 2.78.1 to 2.79.0 in /.github/actions/setup (#22496) core: bump library/node from `7a99c60` to `e588aaf` in /website (#22495) core: bump gunicorn from 25.3.0 to 26.0.0 (#22471) core: bump importlib-metadata from 8.7.1 to 9.0.0 (#22469) core: bump cachetools from 7.1.1 to 7.1.2 (#22493) core: bump types-requests from 2.33.0.20260508 to 2.33.0.20260513 (#22491) core: bump selenium from 4.43.0 to 4.44.0 (#22490) core: bump lxml from 6.1.0 to 6.1.1 (#22473) core: bump idna from 3.13 to 3.15 in the uv group across 1 directory (#22484) core: bump library/node from `4f2b45e` to `291be77` in /lifecycle/container (#22494) core: bump types-jwcrypto from 1.5.7.20260508 to 1.5.7.20260513 (#22492) core, web: update translations (#22453) enterprise/stages/mtls: attempt fix freezegun (#22474) root: fix gitignore binary paths (#22445) ci: pin github/codeql-action references to commit SHA (#22458) website/docs: first batch of updates for new Binding wizard (#22393) providers/saml: Properly import audience from metadata. (#22181) ...
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #22506 +/- ##
==========================================
- Coverage 93.28% 93.24% -0.04%
==========================================
Files 1032 1032
Lines 60062 60062
Branches 400 400
==========================================
- Hits 56029 56006 -23
- Misses 4033 4056 +23
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
✅ Deploy Preview for authentik-storybook ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
BeryJu
approved these changes
May 20, 2026
GirlBossRush
approved these changes
May 20, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Moves the
./element/oauthcomponents to./admin/users. They're API-aware (so they're components, not elements) and they're not general-purpose (used only by Admin, so they should be closer to where they're used).make web)