Release 1.5 merger #1577
Merged
Release 1.5 merger #1577
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* init model * handle register mobile auth request * add biometric mfa flow * fix location mfa compatibility check for biometrc method * review changes * Potential fix for code scanning alert no. 34: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * sqlx --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* remove unused component * remove duplicate time filter
* add tests for biometric auth * clippy fix
* add qr to enrollment modal * add inline image macro for email templates
* install cosign CLI * add signing step to docker build * trigger test run * how about now * remove dead code * test signing blobs * remove temporary override * debug files being created * adjust workflow permissions * try running tests on AWS runner * try out a different runner * is this service necessary? * maybe it is * don't try to sign binaries * uncomment code * remove stuff related to AWS runners * add signature verification step * run test * add verification info to readme * remove test branch
* fix meybe ? * framer to motion * upgrade react * migrate to react v19 * fix modal with title * remove sourcemaps from builds
* update dependencies * disable external MFA option if enterprise features are disabled * disable external MFA if external openid provider is not configured * formatting * remove unnecessary result * validate selected mfa mode * test validation * add serde rename
* add redirect URL sanitization * simplify validation * bump outdated dependency * update yanked dependency
* test aws runner * try again * another test * back to original runner * another run * now try a bigger box * also run frontend linter * test concurrency * maybe a smaller box then
* Merge commit from fork * add redirect URL sanitization * simplify validation * bump outdated dependency * update yanked dependency * update dependencies
* Update Tonic to 0.14 * Clippy auto fixes * Remove wrong example
* jumpcloud sync 1 * some frontend fixes * more fixes * Update jumpcloud.rs * request slowdown * logs * fix? * fmt * sqlx * cleanup * Update jumpcloud.rs
* first try * update grpc * grpc add mfa token verification endpoint * clippy * correct error message for start remote mfa * Update crates/defguard_core/src/grpc/client_mfa.rs Co-authored-by: Adam <[email protected]> * Update crates/defguard_core/src/grpc/client_mfa.rs Co-authored-by: Adam <[email protected]> * upgrade web packages * fix sqlx * biome 2.2 * Update defguard-ui * review changes * update submodules --------- Co-authored-by: Adam <[email protected]>
Provides utilities for logging, embedding and extracting version and system information in gRPC communications between Defguard components. Supports both client-side and server-side middleware for automatic version header management as well as tracing infrastructure.
* move existing integration tests into a dedicated module * update dependencies * explicitly stop test API server task * setup basic gRPC test server & mock gateway client * split test server and mock gateway setup * test gateway authorization and hostname * test gateway status updates * test client connection status * test vpn client connect * test vpn disconnect * remove debug lines * test gateway updates routing * test gateway acl config * lint fix * update dependencies * review fixes
* check failed logins before proceeding with TOTP verification * use username in failed login map whenever possible * log failed code verification attempts * add tests for brute force login
* add failing test * simplify API routes setup * restrict device management endpoints
* add failing test * simplify API routes setup * restrict device management endpoints * add failing test * restrict device config access
* properly respect openid scopes * fix
* clear authorized apps after changing scope * fix * remove redundant header * prepare
Implements incompatible version notifications in core UI. Related issue: #1298.
* Merge commit from fork * add redirect URL sanitization * simplify validation * bump outdated dependency * update yanked dependency * bump version to 1.4.1 (#1419) * docs: update enterprise features link (#1337) * Update SECURITY.md * update dependencies * update supported versions --------- Co-authored-by: Saleh Borhani <[email protected]> Co-authored-by: Robert Olejnik <[email protected]>
pre release 1.5 cleanup pt2
Merge release/1.5-alpha into main
Fixes version comparison by ignoring pre-release semver field.
* clear incompatible proxies once the proxy connects * clear gateway, avoid write-locks * clear gateway based on hostname only * fix proxy version 0.0.0 when unknown version * move proxy "zero version" logic to bidi handler * update axios dependency (audit) * clear outdated components after some time * exclude created time from Eq, PartialEq and Hash
Gateways are now identified by location ID instead of hostname. For Docker containers, hostnames default to container names, which led to inconsistencies and identification issues. Drawback: When multiple gateways connect using the same location ID, they overwrite each other’s incompatibility data. This issue will remain until proper support for multiple gateways per location is implemented.
* test building docker images on AWS * add temporary tag override * remove temporary overrides
j-chmielewski
approved these changes
Sep 15, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merge release branch changes from main