indigo-iam/iam: INDIGO Identity and Access Management Service v1.8.3

<h2>Recommendations</h2> <p>It is <strong>strongly</strong> recommended to <strong>make a backup of your database</strong> before upgrading to v1.8.3 because several migrations are planned. Also, remember that for updates from versions prior to v1.7.2 you <strong>must</strong> first upgrade to v1.7.2. The migration to v1.8.3 will take an amount of time which will be proportional to the amount of currently active access tokens. This means that if you are deploying IAM with some kind of liveness and readiness probes, it's probably better to <strong>switch them off</strong> before upgrading. This migration may take a long <strong>time.</strong></p> <h2>Changed</h2> <ul> <li>Save access token value as an hash in order to use lighter db indexes and avoid conflicts by @rmiccoli in https://github.com/indigo-iam/iam/pull/613</li> <li>Avoid upper case characters into VO names by @SteDev2 in https://github.com/indigo-iam/iam/pull/616</li> <li>Enable Redis scope matchers and well-known endpoint caching by @federicaagostini in https://github.com/indigo-iam/iam/pull/633</li> <li>Consider scope matcher based on string equality for custom scopes by @rmiccoli in https://github.com/indigo-iam/iam/pull/642</li> </ul> <h2>Added</h2> <ul> <li>Add SCIM endpoint entry to well-known endpoint by @federicaagostini in https://github.com/indigo-iam/iam/pull/631</li> <li>Update account AUP signature time via API by @rmiccoli in https://github.com/indigo-iam/iam/pull/608</li> <li>Add new JWT profile that rename 'groups' claim with 'roles' by @enricovianello in https://github.com/indigo-iam/iam/pull/637</li> <li>Add support for displaying specific language name in federation Metadata by @Sae126V in https://github.com/indigo-iam/iam/pull/640</li> <li>Add missing "Reuse refresh token" box within client management page by @rmiccoli in https://github.com/indigo-iam/iam/pull/650</li> <li>Add missing foreign keys to the database by @enricovianello, @rmiccoli in https://github.com/indigo-iam/iam/pull/632, https://github.com/indigo-iam/iam/pull/659</li> <li>Add OpenID Connect standard claims in ATs for WLCG JWT profile by @rmiccoli in https://github.com/indigo-iam/iam/pull/651</li> </ul> <h2>Fixed</h2> <ul> <li>Allow to add certificates with the same subject DN by @rmiccoli in https://github.com/indigo-iam/iam/pull/624</li> <li>Delete unsupported response types by @rmiccoli in https://github.com/indigo-iam/iam/pull/610</li> <li>Fix management of tokens lifetime following RFC9068 by @federicaagostini in https://github.com/indigo-iam/iam/pull/620</li> <li>Fix CERN Restore workflow by @hannahshort in https://github.com/indigo-iam/iam/pull/645</li> <li>Fix authz code flow with PKCE for IAM test client application by @rmiccoli in https://github.com/indigo-iam/iam/pull/653</li> <li>Fix authorization on IAM APIs such to avoid cases where access is granted to already approved scopes instead of effective token scopes by @enricovianello in https://github.com/indigo-iam/iam/pull/664</li> </ul> <h2>New Contributors</h2> <ul> <li>@SteDev2 made his first contribution in https://github.com/indigo-iam/iam/pull/616</li> <li>@federicaagostini made her first contributions in https://github.com/indigo-iam/iam/pull/620, https://github.com/indigo-iam/iam/pull/631 and https://github.com/indigo-iam/iam/pull/633</li> <li>@Sae126V made his first contribution in https://github.com/indigo-iam/iam/pull/640</li> <li>@hannahshort made her first contributions in https://github.com/indigo-iam/iam/pull/645</li> </ul&gt

indigo-iam/iam: INDIGO Identity and Access Management Service v1.8.3

<h2>Recommendations</h2> <p>It is <strong>strongly</strong> recommended to <strong>make a backup of your database</strong> before upgrading to v1.8.3 because several migrations are planned. Also, remember that for updates from versions prior to v1.7.2 you <strong>must</strong> first upgrade to v1.7.2. The migration to v1.8.3 will take an amount of time which will be proportional to the amount of currently active access tokens. This means that if you are deploying IAM with some kind of liveness and readiness probes, it's probably better to <strong>switch them off</strong> before upgrading. This migration may take a long <strong>time.</strong></p> <h2>Changed</h2> <ul> <li>Save access token value as an hash in order to use lighter db indexes and avoid conflicts by @rmiccoli in https://github.com/indigo-iam/iam/pull/613</li> <li>Avoid upper case characters into VO names by @SteDev2 in https://github.com/indigo-iam/iam/pull/616</li> <li>Enable Redis scope matchers and well-known endpoint caching by @federicaagostini in https://github.com/indigo-iam/iam/pull/633</li> <li>Consider scope matcher based on string equality for custom scopes by @rmiccoli in https://github.com/indigo-iam/iam/pull/642</li> </ul> <h2>Added</h2> <ul> <li>Add SCIM endpoint entry to well-known endpoint by @federicaagostini in https://github.com/indigo-iam/iam/pull/631</li> <li>Update account AUP signature time via API by @rmiccoli in https://github.com/indigo-iam/iam/pull/608</li> <li>Add new JWT profile that rename 'groups' claim with 'roles' by @enricovianello in https://github.com/indigo-iam/iam/pull/637</li> <li>Add support for displaying specific language name in federation Metadata by @Sae126V in https://github.com/indigo-iam/iam/pull/640</li> <li>Add missing "Reuse refresh token" box within client management page by @rmiccoli in https://github.com/indigo-iam/iam/pull/650</li> <li>Add missing foreign keys to the database by @enricovianello, @rmiccoli in https://github.com/indigo-iam/iam/pull/632, https://github.com/indigo-iam/iam/pull/659</li> <li>Add OpenID Connect standard claims in ATs for WLCG JWT profile by @rmiccoli in https://github.com/indigo-iam/iam/pull/651</li> </ul> <h2>Fixed</h2> <ul> <li>Allow to add certificates with the same subject DN by @rmiccoli in https://github.com/indigo-iam/iam/pull/624</li> <li>Delete unsupported response types by @rmiccoli in https://github.com/indigo-iam/iam/pull/610</li> <li>Fix management of tokens lifetime following RFC9068 by @federicaagostini in https://github.com/indigo-iam/iam/pull/620</li> <li>Fix CERN Restore workflow by @hannahshort in https://github.com/indigo-iam/iam/pull/645</li> <li>Fix authz code flow with PKCE for IAM test client application by @rmiccoli in https://github.com/indigo-iam/iam/pull/653</li> <li>Fix authorization on IAM APIs such to avoid cases where access is granted to already approved scopes instead of effective token scopes by @enricovianello in https://github.com/indigo-iam/iam/pull/664</li> </ul> <h2>New Contributors</h2> <ul> <li>@SteDev2 made his first contribution in https://github.com/indigo-iam/iam/pull/616</li> <li>@federicaagostini made her first contributions in https://github.com/indigo-iam/iam/pull/620, https://github.com/indigo-iam/iam/pull/631 and https://github.com/indigo-iam/iam/pull/633</li> <li>@Sae126V made his first contribution in https://github.com/indigo-iam/iam/pull/640</li> <li>@hannahshort made her first contributions in https://github.com/indigo-iam/iam/pull/645</li> </ul&gt

apel/ssm: 3.3.1-1

What's Changed Added Add a warning for deprecation of LDAP by @RedProkofiev in https://github.com/apel/ssm/pull/262 Add sys.exit() to both sender and receiver by @RoseECooper in https://github.com/apel/ssm/pull/263 Changed Update README following 3.3.0 updated by @DanielPerkins7 in https://github.com/apel/ssm/pull/246 Removed Redundant line and comment removed by @DanielPerkins7 in https://github.com/apel/ssm/pull/248 Update logging in test_crypto by @rowan04 in https://github.com/apel/ssm/pull/245 Fixed Cap version of certifi used below 2020.4.5.2 by @gregcorbett in https://github.com/apel/ssm/pull/264 Fix copy/paste error in receiver docs by @gregcorbett in https://github.com/apel/ssm/pull/266 Minor timeout changes by @RedProkofiev in https://github.com/apel/ssm/pull/260 File check. Issue235 by @DanielPerkins7 in https://github.com/apel/ssm/pull/250 else case and return added to issue 242 by @DanielPerkins7 in https://github.com/apel/ssm/pull/247 Changes to CI and GitHub Actions Bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in https://github.com/apel/ssm/pull/253 Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/apel/ssm/pull/255 Bump docker/build-push-action from 4.1.1 to 5.0.0 by @dependabot in https://github.com/apel/ssm/pull/256 Bump docker/metadata-action from 4 to 5 by @dependabot in https://github.com/apel/ssm/pull/258 Bump docker/login-action from 2 to 3 by @dependabot in https://github.com/apel/ssm/pull/259 CI tidy by @tofu-rocketry in https://github.com/apel/ssm/pull/268 New Contributors @DanielPerkins7 made their first contribution in https://github.com/apel/ssm/pull/246 @RedProkofiev made their first contribution in https://github.com/apel/ssm/pull/260 Full Changelog: https://github.com/apel/ssm/compare/3.3.0-1...3.3.1-