MyGit

v0.9.0-alpha.1

ory/kratos

版本发布时间: 2022-03-22 06:20:48

ory/kratos最新发布版本:v1.2.0(2024-06-05 19:02:56)

Ory Kratos v0.9 is here! We're extremely happy to announce that the new release is out and once again it's been made even better thanks to the incredible contributions from our awesome community. <3

Enjoy!

Here's an overview of things you can expect from the v0.9 release:

  1. We introduced 1:1 compatibility between self-hosting Ory Kratos and using Ory Cloud. The configuration works the same across all modes of operation and deployment!
  2. Passwordless login with WebAuthn is now available! Authentication with YubiKeys, TouchID, FaceID, Microsoft Hello, and other WebAuthn-supported methods is now available. The refactored infrastructure lays a foundation for more passwordless flows to come.
  3. All the docs are now available in a single repo. Go to the ory/docs repository to find docs for all Ory projects.
  4. You can now load custom email templates that'll make your essential messaging like project invitations or password recovery emails look slick.
  5. We've laid the foundation for adding SMS-dependant flows.
  6. Security is always a top priority. We've made changes and updates such as CSP nonces, SSRF defenses, session invalidation hooks, and more.
  7. Kratos now gracefully handles cookie errors.
  8. Password policies are now configurable.
  9. Added configuration to control the flow of webhooks. Now you can cancel flows & run them in the background.
  10. You can import identities along with their credentials (password, social sign-in connections, WebAuthn, ...).
  11. Infra: we migrated all of our CIs from CircleCI to GitHub Actions.
  12. We moved the admin API from / to admin. This is a breaking change. Please read the explanation and proceed with caution!
  13. Bugfix: fixed a bug in the handling of secrets. This is a breaking change. Please read the explanation and proceed with caution!
  14. Bugfix: several bugs in different self-service flows are no more.

As you can see, this release introduces breaking changes. We tried to keep the HTTP API as backward-compatible as possible by introducing HTTP redirects and other measures, but this update requires you to take extra care. Make sure you've read the release notes and understand the risk before updating.

You must apply SQL migrations for this release. Make sure to create backup before you start!

Breaking Changes

Configuration key selfservice.whitelisted_return_urls has been renamed to allowed_return_urls.

All endpoints at the Admin API are now exposed at /admin/. For example, endpoint https://kratos:4434/identities is now exposed at https://kratos:4434/admin/identities. This change makes it easier to configure reverse proxies and API Gateways. Additionally, it introduces 1:1 compatibility between Ory Cloud's APIs and self-hosted Ory Kratos. Please note that nothing has changed in terms of the port. To make the migration less painful, we have set up redirects from the old endpoints to the new /admin endpoints, so your APIs, SDKs, and clients should continue working as they were working before. This change is marked as a breaking change as it touches many endpoints and might be confusing when encountering the redirect for the first time.

If you are using two or more secrets for the secrets.session, this patch might break existing Ory Session Cookies. This has the effect that users will need to re-authenticate when visiting your app.

The password_identifier form field of the password login strategy has been renamed to identifier to make compatibility with passwordless flows possible. Field name password_identifier will still be accepted. Please note that the UI node for displaying the "username" / "email" field has this name="identifier" going forward. Additionally, the traits of the password strategy are no longer within group password but instead in group profile going forward!

The following OpenID Connect configuration keys have been renamed to better explain their purpose:

- private_key_id
+ apple_private_key_id

- private_key
+ apple_private_key

- team_id
+ apple_team_id

- tenant
+ microsoft_tenant

A major issue has been lingering in the configuration for a while. What happens to your identities when you update a schema? The answer was, it depends on the change. If the change is incompatible, some things might break!

To resolve this problem we changed the way you define schemas. Instead of having a global default_schema_url which developers used to update their schema, you now need to define the default_schema_id which must reference schema ID in your config. To update your existing configuration, check out the patch example below:

identity:
-  default_schema_url: file://stub/identity.schema.json
+  default_schema_id: default
+  schemas:
+  - id: default
+    url: file://stub/identity.schema.json

Ideally, you would version your schema and update the default_schema_id with every change to the new version:

identity:
  default_schema_id: user_v1
  schemas:
    - id: user_v0
      url: file://path/to/user_v0.json
    - id: user_v1
      url: file://path/to/user_v1.json

This patch removes the ability to use domain aliases, an obscure feature rarely used that had several issues and inconsistencies.

Bug Fixes

Code Generation

Code Refactoring

Documentation

Features

Tests

Unclassified

0.8.2-alpha.1 (2021-12-17)

This release addresses further important security updates in the base Docker Images. We also resolved all issues related to ARM support on both Linux and macOS and fixed a bug that prevent the binary from compiling on FreeBSD.

This release also makes use of our new build architecture which means that the Docker Images names have changed. We removed the "scratch" images as we received frequent complaints about them. Additionally, all Docker Images have now, per default, SQLite support built-in. If you are relying on the SQLite images, update your Docker Pull commands as follows:

- docker pull oryd/kratos:{version}-sqlite
+ docker pull oryd/kratos:{version}

Additionally, all passwords now have to be at least 8 characters long, following recommendations from Microsoft and others.

In v0.8.1-alpha.1 we failed to include all the exciting things that landed, so we'll cover them now!

  1. Advanced E-Mail templating support with sprig - makes it possible to translate emails as well!
  2. Support wildcards for allowing redirection targets.
  3. Account Recovery initiated by the Admin API now works even if identities have no email address.

Enjoy this release!

Bug Fixes

Code Generation

Documentation

0.8.1-alpha.1 (2021-12-13)

This maintenance release important security updates for the base Docker Images (e.g. Alpine). Additionally, several hiccups with the new ARM support have been resolved and the binaries are now downloadable for all major platforms. Please note that passwords now have to be at least 8 characters long, following recommendations from Microsoft and others.

Enjoy this release!

Breaking Changes

To celebrate this change, we cleaned up the ways you install Ory software, and will roll this out to all other projects soon:

There is now one central brew / bash curl repository:

-brew install ory/kratos/kratos
+brew install ory/tap/kratos

-bash <(curl https://raw.githubusercontent.com/ory/kratos/master/install.sh)
+bash <(curl https://raw.githubusercontent.com/ory/meta/master/install.sh) kratos

Bug Fixes

Code Generation

Documentation

Features

Tests

Artifacts can be verified with cosign using this public key.

相关地址:原始地址 下载(tar) 下载(zip)

1、 checksums.txt 2.59KB

2、 checksums.txt.sig 96B

3、 kratos_0.9.0-alpha.1-linux_32bit.tar.gz 12.15MB

4、 kratos_0.9.0-alpha.1-linux_64bit.tar.gz 12.86MB

5、 kratos_0.9.0-alpha.1-linux_arm64.tar.gz 11.93MB

6、 kratos_0.9.0-alpha.1-linux_armv6.tar.gz 12.14MB

7、 kratos_0.9.0-alpha.1-linux_armv7.tar.gz 12.13MB

8、 kratos_0.9.0-alpha.1-linux_sqlite_64bit.tar.gz 13.51MB

9、 kratos_0.9.0-alpha.1-linux_sqlite_arm64.tar.gz 12.57MB

10、 kratos_0.9.0-alpha.1-linux_sqlite_armv6.tar.gz 12.73MB

11、 kratos_0.9.0-alpha.1-linux_sqlite_armv7.tar.gz 12.72MB

12、 kratos_0.9.0-alpha.1-linux_sqlite_libmusl_64bit.tar.gz 13.5MB

13、 kratos_0.9.0-alpha.1-linux_sqlite_libmusl_arm64.tar.gz 12.59MB

14、 kratos_0.9.0-alpha.1-linux_sqlite_libmusl_armv6.tar.gz 12.76MB

15、 kratos_0.9.0-alpha.1-linux_sqlite_libmusl_armv7.tar.gz 12.75MB

16、 kratos_0.9.0-alpha.1-macOS_64bit.tar.gz 13.22MB

17、 kratos_0.9.0-alpha.1-macOS_arm64.tar.gz 13.29MB

18、 kratos_0.9.0-alpha.1-macOS_sqlite_64bit.tar.gz 14.42MB

19、 kratos_0.9.0-alpha.1-macOS_sqlite_all.tar.gz 28.03MB

20、 kratos_0.9.0-alpha.1-macOS_sqlite_arm64.tar.gz 13.73MB

21、 kratos_0.9.0-alpha.1-windows_32bit.zip 12.54MB

22、 kratos_0.9.0-alpha.1-windows_64bit.zip 12.92MB

23、 kratos_0.9.0-alpha.1-windows_arm64.zip 11.98MB

24、 kratos_0.9.0-alpha.1-windows_armv6.zip 12.36MB

25、 kratos_0.9.0-alpha.1-windows_armv7.zip 12.34MB

26、 kratos_0.9.0-alpha.1-windows_sqlite_64bit.zip 13.51MB

27、 kratos_0.9.0-alpha.1_sqlite_darwin_amd64.bom.json 196.85KB

28、 kratos_0.9.0-alpha.1_sqlite_darwin_arm64.bom.json 196.85KB

29、 kratos_0.9.0-alpha.1_sqlite_linux_386.bom.json 196.85KB

30、 kratos_0.9.0-alpha.1_sqlite_linux_amd64.bom.json 196.85KB

31、 kratos_0.9.0-alpha.1_sqlite_linux_arm64.bom.json 196.85KB

32、 kratos_0.9.0-alpha.1_sqlite_linux_arm_6.bom.json 196.85KB

33、 kratos_0.9.0-alpha.1_sqlite_linux_arm_7.bom.json 196.85KB

34、 kratos_0.9.0-alpha.1_sqlite_windows_386.bom.json 196.85KB

35、 kratos_0.9.0-alpha.1_sqlite_windows_amd64.bom.json 196.85KB

36、 kratos_0.9.0-alpha.1_sqlite_windows_arm64.bom.json 196.85KB

37、 kratos_0.9.0-alpha.1_sqlite_windows_arm_6.bom.json 196.85KB

38、 kratos_0.9.0-alpha.1_sqlite_windows_arm_7.bom.json 196.85KB

查看:2022-03-22发行的版本