github teamhanko/hanko backend/v2.6.0
Hanko v2.6: Inactivity Logout
on GitHub

latest releases: backend/v2.7.0, @teamhanko/hanko-elements@2.7.0, @teamhanko/frontend-sdk@2.7.0...
7 hours ago

The main feature of this release is Inactivity Logouts, which allow user sessions to be proactively terminated if no user activity is detected.

This can be configured via a new configuration option. In addition, an idle_expires_at timestamp is now returned by the /sessions/validate endpoint, allowing frontends to react to upcoming idle logouts accordingly.

Beyond that, we updated a number of dependencies and included several small bug fixes.

What's Changed

  • chore(deps): bump vue from 3.5.25 to 3.5.29 in /frontend by @dependabot[bot] in #2459
  • chore(deps-dev): bump prettier from 3.6.2 to 3.8.1 in /frontend by @dependabot[bot] in #2460
  • feat: webauthn cred signature count check by @lfleischmann in #2464
  • chore(deps-dev): bump @vitejs/plugin-react from 4.5.0 to 5.1.4 in /frontend by @dependabot[bot] in #2467
  • fix: handle email claim as (*)EmailJWT when reading JWT by @lfleischmann in #2466
  • chore(deps-dev): bump css-loader from 6.11.0 to 7.1.4 in /frontend by @dependabot[bot] in #2469
  • chore(deps): bump github.com/knadh/koanf/v2 from 2.3.2 to 2.3.3 in /backend by @dependabot[bot] in #2479
  • chore(deps-dev): bump turbo from 2.8.12 to 2.8.13 in /frontend by @dependabot[bot] in #2476
  • chore(deps): bump preact from 10.28.2 to 10.28.4 in /frontend by @dependabot[bot] in #2484
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/service/kms from 1.50.1 to 1.50.2 in /backend by @dependabot[bot] in #2482
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.32.10 to 1.32.11 in /backend by @dependabot[bot] in #2477
  • chore(deps): bump github.com/docker/cli from 27.4.1+incompatible to 29.2.0+incompatible in /backend by @dependabot[bot] in #2485
  • chore(deps-dev): bump sass-loader from 13.3.3 to 16.0.7 in /frontend by @dependabot[bot] in #2473
  • fix: listener cleanups by @lfleischmann in #2486
  • chore(deps): bump docker/setup-qemu-action from 3 to 4 by @dependabot[bot] in #2495
  • chore(deps): bump docker/setup-buildx-action from 3 to 4 by @dependabot[bot] in #2494
  • chore(deps): bump docker/login-action from 3 to 4 by @dependabot[bot] in #2493
  • chore(deps): bump docker/build-push-action from 6 to 7 by @dependabot[bot] in #2492
  • chore(deps): bump docker/metadata-action from 5 to 6 by @dependabot[bot] in #2491
  • fix: add timeout to webhook trigger requests by @lfleischmann in #2488
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.32.11 to 1.32.12 in /backend by @dependabot[bot] in #2500
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/service/kms from 1.50.2 to 1.50.3 in /backend by @dependabot[bot] in #2509
  • chore: update go version by @lfleischmann in #2496
  • chore(deps): bump golang.org/x/oauth2 from 0.35.0 to 0.36.0 in /backend by @dependabot[bot] in #2489
  • chore(deps): bump golang.org/x/text from 0.34.0 to 0.35.0 in /backend by @dependabot[bot] in #2497
  • chore(deps): bump golang.org/x/crypto from 0.48.0 to 0.49.0 in /backend by @dependabot[bot] in #2498
  • chore(deps-dev): bump turbo from 2.8.13 to 2.8.17 in /frontend by @dependabot[bot] in #2515
  • chore(deps-dev): bump @tsconfig/node24 from 24.0.3 to 24.0.4 in /frontend by @dependabot[bot] in #2514
  • chore(deps): bump jwks-rsa from 3.2.0 to 4.0.1 in /frontend by @dependabot[bot] in #2512
  • chore(deps): bump next from 16.0.10 to 16.1.7 in /frontend by @dependabot[bot] in #2511
  • chore(deps-dev): bump turbo from 2.8.17 to 2.8.18 in /frontend by @dependabot[bot] in #2523
  • chore(deps-dev): bump vue-tsc from 3.2.5 to 3.2.6 in /frontend by @dependabot[bot] in #2522
  • chore(deps): bump express from 4.22.1 to 5.2.1 in /frontend by @dependabot[bot] in #2521
  • chore(deps): bump github.com/lib/pq from 1.11.2 to 1.12.0 in /backend by @dependabot[bot] in #2518
  • chore(deps): bump github.com/russellhaering/goxmldsig from 1.5.0 to 1.6.0 in /backend by @dependabot[bot] in #2517
  • chore(deps): bump github.com/russellhaering/gosaml2 from 0.10.0 to 0.11.0 in /backend by @dependabot[bot] in #2516
  • chore(deps): bump github.com/buger/jsonparser from 1.1.1 to 1.1.2 in /backend by @dependabot[bot] in #2525
  • chore(deps): bump next from 16.1.7 to 16.2.0 in /frontend by @dependabot[bot] in #2526
  • chore(deps-dev): bump webpack-cli from 5.1.4 to 7.0.2 in /frontend by @dependabot[bot] in #2528
  • chore(deps): bump @rollup/rollup-linux-x64-gnu from 4.55.1 to 4.59.0 in /frontend by @dependabot[bot] in #2529
  • chore(deps): bump vue from 3.5.29 to 3.5.30 in /frontend by @dependabot[bot] in #2536
  • chore(deps): bump github.com/knadh/koanf/v2 from 2.3.3 to 2.3.4 in /backend by @dependabot[bot] in #2534
  • chore(deps-dev): bump @vitejs/plugin-vue from 6.0.3 to 6.0.5 in /frontend by @dependabot[bot] in #2543
  • chore(deps): bump zone.js from 0.16.0 to 0.16.1 in /frontend by @dependabot[bot] in #2544
  • chore(deps): bump vue-router from 5.0.3 to 5.0.4 in /frontend by @dependabot[bot] in #2545
  • chore(deps-dev): bump turbo from 2.8.18 to 2.8.20 in /frontend by @dependabot[bot] in #2550
  • chore(deps): bump @rollup/rollup-linux-x64-gnu from 4.59.0 to 4.60.0 in /frontend by @dependabot[bot] in #2551
  • fix: explicitly disable spellcheck on inputs by @lfleischmann in #2541
  • chore(deps-dev): bump jest from 30.2.0 to 30.3.0 in /frontend by @dependabot[bot] in #2552
  • chore(deps-dev): bump sass from 1.97.1 to 1.98.0 in /frontend by @dependabot[bot] in #2555
  • chore(deps-dev): bump webpack from 5.105.2 to 5.105.4 in /frontend by @dependabot[bot] in #2553
  • chore(deps-dev): bump @vue/tsconfig from 0.8.1 to 0.9.1 in /frontend by @dependabot[bot] in #2556
  • feat: add idle timeouts by @lfleischmann in #2540
  • ci: bump go and node workflow versions by @lfleischmann in #2558
  • chore(deps): bump github.com/gobuffalo/pop/v6 from 6.1.1 to 6.2.1 in /backend by @dependabot[bot] in #2533
  • chore(deps): bump next from 16.2.0 to 16.2.1 in /frontend by @dependabot[bot] in #2570
  • chore(deps): bump vue from 3.5.30 to 3.5.31 in /frontend by @dependabot[bot] in #2569
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/service/kms from 1.50.3 to 1.50.4 in /backend by @dependabot[bot] in #2565
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.32.12 to 1.32.13 in /backend by @dependabot[bot] in #2563
  • chore(deps): bump github.com/rs/zerolog from 1.34.0 to 1.35.0 in /backend by @dependabot[bot] in #2575
  • chore(deps): bump github.com/lib/pq from 1.12.0 to 1.12.1 in /backend by @dependabot[bot] in #2574
  • chore(deps): bump github.com/jackc/pgx/v5 from 5.8.0 to 5.9.1 in /backend by @dependabot[bot] in #2573
  • chore(deps): bump github.com/go-playground/validator/v10 from 10.30.1 to 10.30.2 in /backend by @dependabot[bot] in #2576
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.32.13 to 1.32.14 in /backend by @dependabot[bot] in #2578
  • chore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 in /backend by @dependabot[bot] in #2581
  • chore(deps): bump github.com/lib/pq from 1.12.1 to 1.12.3 in /backend by @dependabot[bot] in #2582
  • feat: add idle expires at timestamp to session validation response by @lfleischmann in #2585
  • chore: increase frontend versions to 2.6.0 by @FreddyDevelop in #2591

Full Changelog: backend/v2.5.0...backend/v2.6.0

Check out latest releases or
releases around teamhanko/hanko backend/v2.6.0

Don't miss a new hanko release

NewReleases is sending notifications on new releases.

Get notifications