Update dexidp/dex Docker tag to v2.41.1

This MR contains the following updates:

Package	Update	Change
dexidp/dex	minor	v2.39.1 -> v2.41.1

---

Release Notes

dexidp/dex (dexidp/dex)

v2.41.1

Compare Source

What's Changed

Bug Fixes 🐛

• Fix ldap connection error: network unreachable @​nabokihms in https://github.com/dexidp/dex/pull/3677
• Fix gomplate fork/exec error for distroless images by @​nabokihms in https://github.com/dexidp/dex/pull/3684

Full Changelog: https://github.com/dexidp/dex/compare/v2.41.0...v2.41.1

v2.41.0

Compare Source

What's Changed

Exciting New Features 🎉

• Enrich Dex logs with real IP and request ID by @​nabokihms in https://github.com/dexidp/dex/pull/3661
• gRPC Connectors API by @​twoojoo in https://github.com/dexidp/dex/pull/3245

[!IMPORTANT]
Connectors API is disabled by default. Set the DEX_API_CONNECTORS_CRUD=true env variable to enable the feature.

Enhancements 🚀

• Prevent double clicking of the submit button on login by @​pcorliss in https://github.com/dexidp/dex/pull/3554
• Gracefully handle no args being passed to entrypoint by @​rgmz in https://github.com/dexidp/dex/pull/3589
• New Prometheus metrics build_info by @​nlamirault in https://github.com/dexidp/dex/pull/3558
• Always retrieve github emails when preferredEmailDomain is set by @​thesuperzapper in https://github.com/dexidp/dex/pull/3584
• Propagate http.Client to JWT verifier for OIDC connector by @​jack-r-warren in https://github.com/dexidp/dex/pull/3641
• Fix the broken link to v2 page by @​tuladhar in https://github.com/dexidp/dex/pull/3648
• Add regex for oidc group matching by @​jacksonargo in https://github.com/dexidp/dex/pull/3063

Bug Fixes 🐛

• Remove additional features and add a feature flag instead by @​nabokihms in https://github.com/dexidp/dex/pull/3663

Dependency Updates ⬆️

• build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 in /examples by @​dependabot in https://github.com/dexidp/dex/pull/3582
• build(deps): bump actions/attest-build-provenance from 1.1.2 to 1.3.1 by @​dependabot in https://github.com/dexidp/dex/pull/3580
• build(deps): bump github/codeql-action from 3.25.7 to 3.25.12 by @​dependabot in https://github.com/dexidp/dex/pull/3619
• build(deps): bump actions/dependency-review-action from 4.3.2 to 4.3.4 by @​dependabot in https://github.com/dexidp/dex/pull/3618
• build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 by @​dependabot in https://github.com/dexidp/dex/pull/3617
• build(deps): bump aquasecurity/trivy-action from 0.21.0 to 0.24.0 by @​dependabot in https://github.com/dexidp/dex/pull/3615
• build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /examples in the go_modules group by @​dependabot in https://github.com/dexidp/dex/pull/3612
• build(deps): bump distroless/static-debian12 from e9ac71e to 8dd8d3c by @​dependabot in https://github.com/dexidp/dex/pull/3604
• build(deps): bump docker/build-push-action from 5.3.0 to 6.3.0 by @​dependabot in https://github.com/dexidp/dex/pull/3603
• build(deps): bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0 in /examples by @​dependabot in https://github.com/dexidp/dex/pull/3609
• build(deps): bump golang.org/x/net from 0.25.0 to 0.27.0 by @​dependabot in https://github.com/dexidp/dex/pull/3606
• build(deps): bump golang.org/x/crypto from 0.23.0 to 0.25.0 by @​dependabot in https://github.com/dexidp/dex/pull/3605
• build(deps): bump alpine from 3.20.0 to 3.20.1 by @​dependabot in https://github.com/dexidp/dex/pull/3591
• build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 in /examples by @​dependabot in https://github.com/dexidp/dex/pull/3600
• build(deps): bump golang.org/x/oauth2 from 0.20.0 to 0.21.0 by @​dependabot in https://github.com/dexidp/dex/pull/3567
• build(deps): bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0 by @​dependabot in https://github.com/dexidp/dex/pull/3627
• build(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @​dependabot in https://github.com/dexidp/dex/pull/3621
• build(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0 by @​dependabot in https://github.com/dexidp/dex/pull/3625
• build(deps): bump actions/attest-build-provenance from 1.3.1 to 1.3.3 by @​dependabot in https://github.com/dexidp/dex/pull/3624
• build(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2 by @​dependabot in https://github.com/dexidp/dex/pull/3631
• build(deps): bump anchore/sbom-action from 0.16.0 to 0.17.0 by @​dependabot in https://github.com/dexidp/dex/pull/3630
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.3 by @​dependabot in https://github.com/dexidp/dex/pull/3626
• build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 by @​dependabot in https://github.com/dexidp/dex/pull/3622
• build(deps): bump docker/build-push-action from 6.3.0 to 6.4.0 by @​dependabot in https://github.com/dexidp/dex/pull/3623
• build(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by @​dependabot in https://github.com/dexidp/dex/pull/3629
• build(deps): bump github.com/AppsFlyer/go-sundheit from 0.5.0 to 0.5.1 by @​dependabot in https://github.com/dexidp/dex/pull/3635
• build(deps): bump docker/build-push-action from 6.4.0 to 6.4.1 by @​dependabot in https://github.com/dexidp/dex/pull/3633
• build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 by @​dependabot in https://github.com/dexidp/dex/pull/3634
• Update dependencies before Dex v2.41 by @​nabokihms in https://github.com/dexidp/dex/pull/3637
• build(deps): bump alpine from 3.20.1 to 3.20.2 by @​dependabot in https://github.com/dexidp/dex/pull/3647
• build(deps): bump google.golang.org/api from 0.182.0 to 0.189.0 by @​dependabot in https://github.com/dexidp/dex/pull/3646
• build(deps): bump github/codeql-action from 3.25.12 to 3.25.14 by @​dependabot in https://github.com/dexidp/dex/pull/3651
• build(deps): bump actions/upload-artifact from 3.1.3 to 4.3.4 by @​dependabot in https://github.com/dexidp/dex/pull/3607
• build(deps): bump golang from 8c9183f to 0d3653d by @​dependabot in https://github.com/dexidp/dex/pull/3657
• FIx CVE before Dex v2.41 by @​nabokihms in https://github.com/dexidp/dex/pull/3653
• Bump gomplate 4.0.1 by @​MoeBensu in https://github.com/dexidp/dex/pull/3652
• build(deps): bump github.com/AppsFlyer/go-sundheit from 0.5.1 to 0.6.0 by @​dependabot in https://github.com/dexidp/dex/pull/3655
• build(deps): bump docker/setup-buildx-action from 3.4.0 to 3.6.1 by @​dependabot in https://github.com/dexidp/dex/pull/3658
• build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.14 to 3.5.15 by @​dependabot in https://github.com/dexidp/dex/pull/3639
• build(deps): bump docker/setup-qemu-action from 3.1.0 to 3.2.0 by @​dependabot in https://github.com/dexidp/dex/pull/3645
• build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @​dependabot in https://github.com/dexidp/dex/pull/3656
• build(deps): bump docker/build-push-action from 6.4.1 to 6.5.0 by @​dependabot in https://github.com/dexidp/dex/pull/3643
• build(deps): bump docker/login-action from 3.2.0 to 3.3.0 by @​dependabot in https://github.com/dexidp/dex/pull/3644
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.3 to 4.0.4 by @​dependabot in https://github.com/dexidp/dex/pull/3666
• build(deps): bump google.golang.org/api from 0.189.0 to 0.190.0 by @​dependabot in https://github.com/dexidp/dex/pull/3667
• build(deps): bump actions/attest-build-provenance from 1.3.3 to 1.4.0 by @​dependabot in https://github.com/dexidp/dex/pull/3665
• Bump ent v0.14.0 by @​nabokihms in https://github.com/dexidp/dex/pull/3670
• build(deps): bump github/codeql-action from 3.25.14 to 3.25.15 by @​dependabot in https://github.com/dexidp/dex/pull/3664

New Contributors

• @​pcorliss made their first contribution in https://github.com/dexidp/dex/pull/3554
• @​rgmz made their first contribution in https://github.com/dexidp/dex/pull/3589
• @​nlamirault made their first contribution in https://github.com/dexidp/dex/pull/3558
• @​thesuperzapper made their first contribution in https://github.com/dexidp/dex/pull/3584
• @​twoojoo made their first contribution in https://github.com/dexidp/dex/pull/3245
• @​jack-r-warren made their first contribution in https://github.com/dexidp/dex/pull/3641
• @​tuladhar made their first contribution in https://github.com/dexidp/dex/pull/3648
• @​MoeBensu made their first contribution in https://github.com/dexidp/dex/pull/3652
• @​jacksonargo made their first contribution in https://github.com/dexidp/dex/pull/3063

Full Changelog: https://github.com/dexidp/dex/compare/v2.40.0...v2.41.0

v2.40.0

Compare Source

The official container image for this release can be pulled from

ghcr.io/dexidp/dex:v2.40.0

Know before update

[!IMPORTANT]
Dex migrated to the log/slog for logging. Both text and json log format outputs changed.

The change can affect users, that import Dex as a library in their projects.

What's Changed

Exciting New Features 🎉

• Add introspect endpoint to introspect access & refresh token by @​supercairos in https://github.com/dexidp/dex/pull/3404
• Use log/slog for structured logging by @​seankhliao in https://github.com/dexidp/dex/pull/3502

Enhancements 🚀

• Add support for configurable prompt type for Google connector by @​abhisek in https://github.com/dexidp/dex/pull/3475
• Google: Implement groups fetch by default service account from metadata (support for GKE workload identity) by @​vsychov in https://github.com/dexidp/dex/pull/2989
• OIDC connector option to override jwksURI by @​sohgaura in https://github.com/dexidp/dex/pull/3543
• Allow domain names or IDs in keystone connector by @​cardoe in https://github.com/dexidp/dex/pull/3506

Bug Fixes 🐛

• Fix function names in comment by @​mountcount in https://github.com/dexidp/dex/pull/3464
• Fix slight grammar errors. by @​adeinega in https://github.com/dexidp/dex/pull/3538

Dependency Updates ⬆️

• build(deps): bump google.golang.org/api from 0.172.0 to 0.179.0 by @​dependabot in https://github.com/dexidp/dex/pull/3516
• build(deps): bump golang from 1.22.2-alpine3.18 to 1.22.3-alpine3.18 by @​dependabot in https://github.com/dexidp/dex/pull/3514
• build(deps): bump aquasecurity/trivy-action from 0.18.0 to 0.20.0 by @​dependabot in https://github.com/dexidp/dex/pull/3512
• build(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 in /examples by @​dependabot in https://github.com/dexidp/dex/pull/3508
• build(deps): bump anchore/sbom-action from 0.15.9 to 0.15.11 by @​dependabot in https://github.com/dexidp/dex/pull/3497
• build(deps): bump golang.org/x/net from 0.20.0 to 0.23.0 in /api/v2 in the go_modules group by @​dependabot in https://github.com/dexidp/dex/pull/3483
• build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @​dependabot in https://github.com/dexidp/dex/pull/3472
• build(deps): bump distroless/static-debian12 from 42c8865 to e9ac71e by @​dependabot in https://github.com/dexidp/dex/pull/3469
• build(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @​dependabot in https://github.com/dexidp/dex/pull/3462
• build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.1 in /api/v2 by @​dependabot in https://github.com/dexidp/dex/pull/3510
• build(deps): bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 by @​dependabot in https://github.com/dexidp/dex/pull/3526
• build(deps): bump google.golang.org/api from 0.179.0 to 0.180.0 by @​dependabot in https://github.com/dexidp/dex/pull/3525
• build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.2 by @​dependabot in https://github.com/dexidp/dex/pull/3524
• build(deps): bump helm/kind-action from 1.9.0 to 1.10.0 by @​dependabot in https://github.com/dexidp/dex/pull/3523
• build(deps): bump github/codeql-action from 3.24.10 to 3.25.4 by @​dependabot in https://github.com/dexidp/dex/pull/3522
• build(deps): bump mheap/github-action-required-labels from 5.4.0 to 5.4.1 by @​dependabot in https://github.com/dexidp/dex/pull/3521
• build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @​dependabot in https://github.com/dexidp/dex/pull/3520
• build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /api/v2 by @​dependabot in https://github.com/dexidp/dex/pull/3465
• build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2 in /examples by @​dependabot in https://github.com/dexidp/dex/pull/3460
• build(deps): bump alpine from 3.19.1 to 3.20.0 by @​dependabot in https://github.com/dexidp/dex/pull/3547
• build(deps): bump anchore/sbom-action from 0.15.11 to 0.16.0 by @​dependabot in https://github.com/dexidp/dex/pull/3545
• build(deps): bump github/codeql-action from 3.25.4 to 3.25.6 by @​dependabot in https://github.com/dexidp/dex/pull/3544
• build(deps): bump actions/checkout from 4.1.2 to 4.1.6 by @​dependabot in https://github.com/dexidp/dex/pull/3542
• build(deps): bump google.golang.org/api from 0.180.0 to 0.181.0 by @​dependabot in https://github.com/dexidp/dex/pull/3541
• build(deps): bump golang from 4531927 to ff6ab2b by @​dependabot in https://github.com/dexidp/dex/pull/3536
• build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @​dependabot in https://github.com/dexidp/dex/pull/3534
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.1 to 4.0.2 by @​dependabot in https://github.com/dexidp/dex/pull/3531
• build(deps): bump github.com/beevik/etree from 1.3.0 to 1.4.0 by @​dependabot in https://github.com/dexidp/dex/pull/3530
• build(deps): bump google.golang.org/grpc from 1.63.2 to 1.64.0 in /examples by @​dependabot in https://github.com/dexidp/dex/pull/3535
• build(deps): bump docker/login-action from 3.1.0 to 3.2.0 by @​dependabot in https://github.com/dexidp/dex/pull/3551
• build(deps): bump golang from ff6ab2b to d1a601b by @​dependabot in https://github.com/dexidp/dex/pull/3550
• build(deps): bump aquasecurity/trivy-action from 0.20.0 to 0.21.0 by @​dependabot in https://github.com/dexidp/dex/pull/3552
• Bump google.golang.org/grpc to v1.64.0 by @​nabokihms in https://github.com/dexidp/dex/pull/3553
• build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.13 to 3.5.14 by @​dependabot in https://github.com/dexidp/dex/pull/3555
• build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.13 to 3.5.14 by @​dependabot in https://github.com/dexidp/dex/pull/3556
• build(deps): bump github/codeql-action from 3.25.6 to 3.25.7 by @​dependabot in https://github.com/dexidp/dex/pull/3561
• Bump gomplate 3.11.8 by @​nabokihms in https://github.com/dexidp/dex/pull/3565

New Contributors

• @​elehcim made their first contribution in https://github.com/dexidp/dex/pull/3474
• @​abhisek made their first contribution in https://github.com/dexidp/dex/pull/3475
• @​mountcount made their first contribution in https://github.com/dexidp/dex/pull/3464
• @​adeinega made their first contribution in https://github.com/dexidp/dex/pull/3538
• @​sohgaura made their first contribution in https://github.com/dexidp/dex/pull/3543
• @​cardoe made their first contribution in https://github.com/dexidp/dex/pull/3506

Full Changelog: https://github.com/dexidp/dex/compare/v2.39.1...v2.40.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.