Skip to content

Changelog

This page is generated during the GitLab Pages deployment from GitLab Releases and repository commits.

Upcoming changes

Changes since v0.2.1.

New features

  • 1830af38 — Implement changelog generation and update documentation references
  • 454264c1 — Add sitemap configuration for documentation site

Bug fixes

  • 75771853 — Change deploy-pages stage from deploy to publish
  • e4361d57 — Refine authorization header removal to only delete Basic auth headers while allowing Bearer tokens

Documentation updates

  • 87a5cf67 — Add comprehensive documentation for application integrations, reverse proxies, backup and restore procedures, certificate rotation, logging, and troubleshooting

v0.2.1 — 2026-07-13

New Features

  • 923cd748 — Limit SAML metadata response size to 10MB to prevent excessive memory usage
  • 3b84bcae — Remove Authorization header from requests unless explicitly allowed in configuration

Bug fixes

  • 3c0ee176 — Adjust service security settings by removing redundant directives and adding protections for clock, kernel modules, and logs
  • b60d0ae2 — Update gomodguard to gomodguard_v2 and remove deprecated gocritic checks
  • d7b68437 — Validate passthrough paths to prevent accidental passthrough of root or empty paths

v0.2 — 2026-07-11

New Features

  • 3f392444 — Enhance SAML subject extraction and validation, add tests for subject retrieval
  • 15e594f6 — Implement client IP extraction with trusted proxy support and update configuration for trusted proxies
  • df9665fc — Implement initial SAML metadata loading and refresh logic with error handling; add unit tests for metadata functions
  • de102181 — Implement logging sanitization to prevent log injection vulnerabilities
  • 03a2ce15 — Implement session cookie expiration on SAML logout; add tests for session cookie handling
  • 84f62740 — Refactor redirect source handling to improve validation and add unit tests
  • fea0ee6a — Remove client provided headers which could conflict with PassBeyond provided headers

Bug fixes

  • fd1be57b — Simplify claims time handling in session validation and token parsing
  • 0329f5c0 — Update file opening method in SaveToFile to use OpenFile for better control over file permissions
  • 57ba1947 — Update handler functions to ignore unused request parameters

Other work

  • 221ec389 — chosr: Upgrade golangci-lint to new configuration format

v0.1.1 — 2025-11-30

Bug fixes

  • 172f90e2 — Correct condition check for instance configuration file detection

v0.1 — 2025-11-30

New Features

  • faff3b91 — Enhance dark mode support with improved styles and transitions
  • 4eda3e3b — Load IdP metadata from file if configured

Bug fixes

  • 439a8dc9 — Adjust cookie expiration to be slightly longer than session timeout

Other work

  • f7597cc4 — other: Reorder docker dependencies alphabetically

v0.0.2 — 2025-11-28

New Features

  • 19efc372 — Add a hidden control hatch page for PassBeyond service
  • e52bb09f — Add configurable session timeout for SAML sessions
  • e2af1d59 — Add passthrough tokens support for authentication bypass · Issue: #2
  • de1d94a9 — Document passthroughTokens option for authentication bypass in README and config example

Other work

  • 3ef2e885 — Implement custom SAML error handler and update error page to display version information
  • 48d963af — Refactor session management to use a configurable session cookie name

v0.0.1 — 2025-11-27

Dependency updates

  • 8ebcd237 — Add go test and golangci-lint as dependency for sonarqube

Other work

  • dde4f0d0 — Abort if parsing internal IP fails
  • 0cbf7488 — Adapt changed configuration file name
  • e64c6437 — Adapt to changed service name
  • b81bd03b — Add Gorilla Mux for auth server
  • c3fdd69c — Add README and add some error checks
  • 412cea5e — Add SAML claim fallbacks
  • eaad64e3 — Add SAML request signing configuration option allow signing by configuration
  • 025534e4 — Add SAML request signing configuration options to YAML and README
  • fa8e52f4 — Add SRV record lookup support for LDAP
  • f1e31f63 — Add Sonarqube analysis Add LDAP connection functionality Add seperation of session and user data (WIP)
  • fec55a1e — Add UPN and SAMAccountName
  • 9594ab84 — Add comments for config options
  • b8e9942f — Add config check and session GC
  • c246f28d — Add costom footer to error pages
  • 9a973739 — Add database schema with automatic creation
  • a611bee7 — Add group membership mapping
  • ab1c4b66 — Add instance ID check to prevent request loops in globalHandler
  • 20010573 — Add sAMAccountName support
  • 62c6327b — Add sAMAccountName to proxy header
  • 511bf3d1 — Add secret detection
  • 101e097c — Add tests for cert creation
  • b9efffd3 — Add tests for samlLoadKeyPair
  • 67cd3385 — Add unit and coverage reports
  • ad811b55 — Add user passbeyond on deb install
  • bf6f76f7 — Add utils test
  • 6b47c852 — Add version information to error page and implement buildinfo package
  • b197a490 — Allow ACME challenge to pass trough
  • ce5b8f1b — Change analysis branch to master
  • 657c96e9 — Check if ldapConnection is not nil
  • 5cf50f09 — Complete reprogramming of PassBeyond
  • a59cf54b — Configure Secret Detection in .gitlab-ci.yml, creating this file if it does not already exist
  • e012ae5a — Create .deb package after build
  • d5f47055 — Dependency update
  • fb22ec88 — Dependency update
  • 267d137f — Dependency update Vulnerability due to Signature bypass via multiple Assertion elements https://github.com/crewjam/saml/security/advisories/GHSA-j2jp-wvqg-wc2g
  • dca2a69c — Disable CGO for runs
  • ac221471 — Downgrade Go version to support goreleaser version
  • 4f055fc4 — Dynamically reload applications Support systemd reload Add additional HTTP error dialogs Pass real IP to backend service Support Basic auth as auth information provider
  • f29547c7 — Execute go get to request vendor files
  • cbe575a7 — Force IsCA to false
  • 01067b7c — Handle LDAP connection loss
  • 980120af — Ignore hint of theme-color
  • 3b61c9e8 — Include tests and skip vendor
  • aa23ee9b — Initial commit
  • 4ae7aa66 — Initial development commit of v2
  • 9698c353 — Log error details with request ID in buildProxyURL function
  • a8933dff — Made LDAP an requirement Ajax backend support providing basic info + image Reduced SAML data to a minimum Add description for start page
  • 568afbb6 — Manipulate metadata to add NameID
  • 28b6d685 — Only deploy amd64 binary to repository
  • bcd97a93 — Periodically check if LDAP is still connected
  • 424d283c — Read internal networks from config
  • 5b46fc5b — Refactor CI/CD pipeline and add Docker support for PassBeyond application
  • 138c4261 — Refactor session validation to handle different context types in passbeyondHandler
  • 39b276f6 — Refactor systemd service management in postinst, postrm, and prerm scripts for improved instance handling
  • 815beb5a — Remove empty attributes from the attributes map in MapAttributes function
  • 7ee078cd — Remove gorilla mux as it isn't maintained anymore
  • 3985d986 — Rename pack-focal to pack-ubuntu and update dependencies in .gitlab-ci.yml
  • d86185a1 — Save certificates in base64 encoding
  • 0b3ae619 — Set logging more verbose
  • a412c0e1 — Swap arguments to match go recommendations
  • cd1363f5 — Test expired certificate
  • 56e0e32f — Track session usage and add session expiration
  • 7e928e2b — Update .gitignore to include additional build and report files
  • c179192d — Update JWT claims handling to include Not Before (nbf) time for improved token validation, short backdating validity against race condition
  • 8251ba36 — Update cookie handling in passbeyondHandler to allow cross-site redirects and set domain
  • 00bbe175 — Update dependencies and add build to repo
  • 41cf99c1 — Update publish script to reference 'build' directory instead of 'dist'
  • 5c252671 — Use correct conffile in deb config
  • 682b58bb — Use long paths to run go programs

View all GitLab Releases

Released under the MIT License.