v1.11.8

This release resolves issues in the log module, improves the SDK type definitions, and introduces new configuration options to HSM.

Bug Fixes

• Add limit and offset to pagination (#3062) (51f6c5d), closes #3033

• Add missing flags to config schema (00100a1), closes #653

• Configure audit logger (#3022) (3115dde)

• Do not use cached version (422d422)

• Generated consent model (#3076) (270dbe0)

• Proper response types for 404 errors (#3072) (e711273), closes #3064

• Remove extraneous call to driver.init() (#3093) (1590542)

• Remove unnecessary transaction (#3029) (d4b2696)

• sdk: Correct polymorph type for consent session (#3074) (646459a), closes #3058

• sdk: Incorrect title (#3014) (d654911):

  Closes ory/sdk#153

• Sync ports between Dockerfiles and comments (#3027) (ebd1694)

• Typo README (#3078) (7d378f1)

• Use default for env var (2b024b4)

Code Generation

• Pin v1.11.8 release commit (337ab3e)

Documentation

• Update pricing (c46f780)
• Update README (#3032) (980c2d8)

Features

• Add hsm key set prefix to support multiple hydra instances on the same hsm partition (#3066) (90523fd):

  This pull request adds configuration option hsm.key_set_prefix to support multiple Ory Hydra instances to store keys on the same HSM partition. For example if hsm.key_set_prefix=app1. then key set hydra.openid.id-token would be generated/requested/deleted on HSM with CKA_LABEL=app1.hydra.openid.id-token

  This will not affect Hydra API in any way. GET /keys/hydra.openid.id-token will return key set from HSM with label app1.hydra.openid.id-token.

• Add support for trust grants that can issue tokens for any subject (#3012) (a3c4304), closes #2930:

  Previously, a trust relationship had to be setup for every subject
  before the issuer could sign a JWT token for it. This change will allow
  setting up token services that can issue tokens with any value in the
  subject field.

• Async backchannel logout (#2849) (22e1ebb)

• Backchannel request logging (#3067) (6dda48d)

• Make sensitive log value redaction text configurable (#3040) (536352c)

Tests

• Ensure generator checks are executed (#3061) (d38f6e6)

Changelog

• e06dd6a autogen(docs): generate and bump docs
• b548c5a autogen(docs): regenerate and update changelog
• 7739439 autogen(docs): regenerate and update changelog
• 152bddd autogen(docs): regenerate and update changelog
• b00d2b9 autogen(docs): regenerate and update changelog
• f2bef45 autogen(docs): regenerate and update changelog
• 1f0e79c autogen(docs): regenerate and update changelog
• fff6491 autogen(docs): regenerate and update changelog
• 8adbfb0 autogen(docs): regenerate and update changelog
• 48449f6 autogen(docs): regenerate and update changelog
• 924be24 autogen(docs): regenerate and update changelog
• f9338e4 autogen(docs): regenerate and update changelog
• a2afc75 autogen(docs): regenerate and update changelog
• 7d89963 autogen(docs): regenerate and update changelog
• e3236dd autogen(docs): regenerate and update changelog
• 05286df autogen(docs): regenerate and update changelog
• 835cb78 autogen(docs): regenerate and update changelog
• 1e4e328 autogen(docs): regenerate and update changelog
• 1056795 autogen(docs): regenerate and update changelog
• 7602b4c autogen(openapi): regenerate swagger spec and internal client
• b17b474 autogen(openapi): regenerate swagger spec and internal client
• 2217648 autogen(openapi): regenerate swagger spec and internal client
• 23bc3e9 autogen(openapi): regenerate swagger spec and internal client
• 83c918a autogen: add v1.11.7 to version.schema.json
• 337ab3e autogen: pin v1.11.8 release commit
• f06505f chore(deps): bump async from 2.6.2 to 2.6.4 in /test/e2e/oauth2-client (#3073)
• 57693f6 chore(deps): bump async from 3.2.0 to 3.2.3 (#3069)
• ff10e17 chore(deps): bump minimist from 1.2.5 to 1.2.6 (#3045)
• 5768671 chore(deps): bump minimist in /test/e2e/oauth2-client (#3047)
• 9eabc7d chore(deps): update alpine version (#3036)
• 222a01b chore: bump ory/fosite to v0.42.2 (#3077)
• 184d322 chore: improve Dockerfiles (#3052)
• f320673 chore: update repository templates
• 849af9f chore: update repository templates
• 980c2d8 docs: update README (#3032)
• c46f780 docs: update pricing
• 90523fd feat: add hsm key set prefix to support multiple hydra instances on the same hsm partition (#3066)
• a3c4304 feat: add support for trust grants that can issue tokens for any subject (#3012)
• 22e1ebb feat: async backchannel logout (#2849)
• 6dda48d feat: backchannel request logging (#3067)
• 536352c feat: make sensitive log value redaction text configurable (#3040)
• 646459a fix(sdk): correct polymorph type for consent session (#3074)
• d654911 fix(sdk): incorrect title (#3014)
• 51f6c5d fix: add limit and offset to pagination (#3062)
• 00100a1 fix: add missing flags to config schema
• 3115dde fix: configure audit logger (#3022)
• 422d422 fix: do not use cached version
• 270dbe0 fix: generated consent model (#3076)
• e711273 fix: proper response types for 404 errors (#3072)
• 1590542 fix: remove extraneous call to driver.init() (#3093)
• d4b2696 fix: remove unnecessary transaction (#3029)
• ebd1694 fix: sync ports between Dockerfiles and comments (#3027)
• 7d378f1 fix: typo README (#3078)
• 2b024b4 fix: use default for env var
• d38f6e6 test: ensure generator checks are executed (#3061)

Artifacts can be verified with cosign using this public key.