pocket-id releases

Bug Fixes

• add _FILE support for S3_SECRET_ACCESS_KEY_FILE env var (#1452 by @ItalyPaleAle)
• invalidate cache when changing image (#1462 by @GameTec-live)
• fall back to Basic auth when PKCE puts client_id in body (#1466 by @mgabor3141)

Documentation

• add missing /api prefix to app config swagger routes (#1454 by @aclerici38)

Features

• add support for response_mode=form_post (#1360 by @Johnwulp)
• add support for "select_account" prompt (#1453 by @ItalyPaleAle)

Other

• add script to update deps (f9f93f0 by @stonith404)
• upgrade dependencies (20df033 by @stonith404)
• post dependency upgrade fixes (e33a9b8 by @stonith404)
• migrate github actions runners to depot runners (#1329 by @kmendell)
• fix caching of ldap-cli e2e tests docker build (#1457 by @kmendell)
• fix incorrect container name variable (5c7e5f6 by @kmendell)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v2.6.2...v2.7.0

Bug Fixes

• return correct byte count in HEAD request writer (#1443 by @ahampal)
• improve keyboard navigation and screen-reader labels (#1445 by @bjoernch)

Other

• upgrade to vite 8.0 and pnpm 10.33.0 (#1446 by @kmendell)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v2.6.1...v2.6.2

Bug Fixes

• restore login screen background from not showing up (975d3c7 by @kmendell)

Other

• ignore webauthn type for swagger generation (ce4b89d by @kmendell)
• update golangci-lint (#1440 by @ItalyPaleAle)
• Add catalan language (#1436 by @mcasellas)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v2.6.0...v2.6.1

Bug Fixes

• disable callback URLs with protocols "javascript" and "data" (#1397 by @ItalyPaleAle)
• strip Root prefix from S3 List() returned paths (#1413 by @vtmocanu)
• use valid Tailwind v4 transition class for auth animation squares (#1415 by @CoolShades)
• resolve posixGroup memberUid as bare usernames (#1422 by @gucong3000)
• prevent flickering if no background image is set on login page (027e6f0 by @stonith404)
• improve form input layout if description next to it is multi col (9ec4683 by @stonith404)
• access token renewal bypasses important checks (978ac87 by @stonith404)

Features

• add ability to revoke passkeys of users as admin (#1386 by @jose-d)
• add auth method claim (amr) to tokens (#1433 by @stonith404)
• add TLS support for HTTP/2 server (#1429 by @IngmarStein)
• add OpenID Connect prompt Parameter Handling (#1299 by @rjaakke)
• return not found. on /setup if already completed (444f7ff by @stonith404)

Other

• update AAGUIDs (#1403 by @github-actions[bot])
• upgrade dependencies (f8f7222 by @stonith404)
• combobox not closed in e2e test (fbdb93f by @stonith404)
• Security upgrade alpine from latest to 3.23.4 (#1431 by @stonith404)
• security upgrade alpine from latest to 3.23.4 (#1432 by @stonith404)
• add Catalan language files (4f09de2 by @stonith404)
• reduce complexity of ValidateEnvConfig and initRouter (a0cb574 by @stonith404)
• pass context to shutdownServer (ff26c42 by @stonith404)

Full Changelog: https://github.com/pocket-id/pocket-id/compare/v2.5.0...v2.6.0