Skip to content

v0.23.0
Compare
Choose a tag to compare
@evert evert released this 12 Jan 06:26
· 129 commits to main since this release
v0.23.0
4552837
This commit was signed with the committer’s verified signature.
evert Evert Pot
GPG key ID: F189847A04AD9D0F
Learn about vigilant mode.

The main reason this was released was due to a very scary Knex SQL injection bug that affects MySQL users.

Other changes and new features:

  • 'scope' wasn't supported yet correctly in the authorization_code and implicit flows.
  • Fixed some bugs in the 'active sessions' report, and add columns for grant_type, and scope.
  • Common types, such User, App, Group types have been moved to src/types.ts for easier access.
  • We're now keeping track of which scopes were granted to which apps per user.
  • Support for RFC 9068: A standard format for JWT OAuth2 Access Tokens.
  • Centralize CSRF token handling (for old browsers).
  • Added a new 'add privilege' action, which is helpful for API clients.
  • Fix bug: Incorrect url in Location header when creating a new user.
  • #448: Fix 'create group' form.
Assets 2
Loading