- Add GitHub OAuth provider (validated).
- Minor: stable, lexicograpic sorting of OAuth providers.
- Fix smaller cookie issues and inconsistencies, previously:
same-sitepolicy shouldn't depend on dev-mode to avoid inconsitencies and late surprises.- OAuth state cookies were
securein dev-mode and not as strict as they could be in prod-mode. Now all cookiessecurepolicy depends on dev-mode + HTTPS site. - Empty override-cookies during logout API should not bet
secure, i.e require TLS.
- QoL: Trim whitespaces from OAuth client id/secret in UI.
- Update Rust and JS dependencies (Astro 6, vite 8, ...).
Full Changelog: v0.25.0...v0.25.1